Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   ADWARE/InstallCore.A.536 (https://www.trojaner-board.de/156003-adware-installcore-a-536-a.html)

deeprybka 02.07.2014 20:46
:daumenhoc

Prima...Und einfach weiter... ;)

Sarah09 02.07.2014 21:28
malware hat nichts gefunden ich mache jetzt mit schritt 4 weiter

deeprybka 02.07.2014 21:32
Bitte Log trotzdem posten... ;)


Lesestoff
http://filepony.de/icon/malwarebytes_anti_malware.pngMBAM-Funde posten: So gehts...
Manchmal ist es wichtig zu wissen, welche Schadprogramme im Vorfeld ohne Anweisung der Helfer schon gelöscht wurden.
Daher benötige ich den Inhalt der Logdatei, in welcher der Suchlauf protokolliert wurde.
  • Starte MBAM.
  • Klicke auf Verlauf.
  • Klicke auf Anwendungsprotokolle.
  • Klicke auf das letzte Suchlaufprotokoll mit Funden.
  • Klicke auf "In Zwischenablage kopieren".
  • Poste den Inhalt in Code-Tags [CODE] [/CODE] durch Einfügen mit Strg+V als Antwort in Deinen Thread.
http://deeprybka.trojaner-board.de/b...mbamposten.gif

Sarah09 02.07.2014 21:38
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 02.07.2014
Suchlauf-Zeit: 21:56:43
Logdatei:
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.02.06
Rootkit Datenbank: v2014.07.01.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: sarah

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 442993
Verstrichene Zeit: 24 Min, 12 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
Code:
HitmanPro 3.7.9.220
www.hitmanpro.com

  Computer name . . . . : SARAH-PC
  Windows . . . . . . . : 6.3.0.9600.X64/8
  User name . . . . . . : SARAH-PC\sarah
  UAC . . . . . . . . . : Enabled
  License . . . . . . . : Free

  Scan date . . . . . . : 2014-07-02 22:31:18
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 4m 48s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : No

  Threats . . . . . . . : 0
  Traces  . . . . . . . : 1

  Objects scanned . . . : 1.850.285
  Files scanned . . . . : 38.826
  Remnants scanned  . . : 573.930 files / 1.237.529 keys

Suspicious files ____________________________________________________________

  C:\Users\sarah\Downloads\FRST64.exe
      Size . . . . . . . : 2.083.840 bytes
      Age  . . . . . . . : 0.1 days (2014-07-02 19:46:48)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 38521AD5A90A95513DF394E9086F182F4AB22E2BA8315C018C1A82BF18D3B01E
      Needs elevation  . : Yes
      Source URL . . . . : hxxp://download.bleepingcomputer.com/farbar/FRST64.exe
      Fuzzy  . . . . . . : 27.0
        Program has no publisher information but prompts the user for permission elevation.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        The file is downloaded from the Internet to this computer.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Time indicates that the file appeared recently on this computer.
      Forensic Cluster
        -8.4s C:\Windows\System32\drivers\mbam.sys
        -8.1s C:\Windows\System32\drivers\mwac.sys
        -7.9s C:\Windows\System32\drivers\mbamchameleon.sys
        -7.4s C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.dll
        -7.0s C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamcore.dll
        -5.8s C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamsrv.dll
        -5.3s C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamtoast.dll
        -4.9s C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
        -3.8s C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
        -3.3s C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
        -2.9s C:\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe
        -2.7s C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamdor.exe
        -2.4s C:\Program Files (x86)\Malwarebytes Anti-Malware\license.rtf
        -2.2s C:\Program Files (x86)\Malwarebytes Anti-Malware\changes.txt
        -2.2s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_bg.qm
        -2.1s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_bs.qm
        -2.0s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_ca.qm
        -1.9s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_cs.qm
        -1.8s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_da.qm
        -1.7s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_de.qm
        -1.6s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_el.qm
        -1.5s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_en.qm
        -1.5s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_es.qm
        -1.3s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_et.qm
        -1.3s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_fi.qm
        -1.2s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_fr.qm
        -1.1s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_he.qm
        -1.0s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_hr.qm
        -0.9s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_hu.qm
        -0.8s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_id.qm
        -0.6s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_it.qm
        -0.5s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_ja.qm
        -0.4s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_ko.qm
        -0.3s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_nl.qm
        -0.1s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_no.qm
        -0.0s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_pl.qm
          0.0s C:\Users\sarah\Downloads\FRST64.exe
          0.1s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_pt_BR.qm
          0.5s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_pt_PT.qm
          0.6s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_ro.qm
          0.7s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_ru.qm
          0.8s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_sk.qm
          0.9s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_sl.qm
          1.0s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_sr.qm
          1.1s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_sv.qm
          1.2s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_tr.qm
          1.3s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_vi.qm
          1.4s C:\Program Files (x86)\Malwarebytes Anti-Malware\Languages\lang_zh_tr.qm
          1.5s C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\rules.ref
          1.6s C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\actions.ref
          1.7s C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\swissarmy.ref
          1.7s C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\domains.ref
          1.8s C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\ips.ref
          1.9s C:\Program Files (x86)\Malwarebytes Anti-Malware\master.conf
          1.9s C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\net.conf
          2.0s C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\build.conf
          2.0s C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\database.conf
          2.1s C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\manifest.conf
          2.1s C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\marketing.conf
          2.2s C:\Program Files (x86)\Malwarebytes Anti-Malware\Plugins\fixdamage.exe
          2.6s C:\Program Files (x86)\Malwarebytes Anti-Malware\imageformats\qgif4.dll
          2.8s C:\Program Files (x86)\Malwarebytes Anti-Malware\7z.dll
          3.5s C:\Program Files (x86)\Malwarebytes Anti-Malware\msvcp100.dll
          3.7s C:\Program Files (x86)\Malwarebytes Anti-Malware\msvcr100.dll
          3.7s C:\Program Files (x86)\Malwarebytes Anti-Malware\msvcr100.dll
          3.9s C:\Program Files (x86)\Malwarebytes Anti-Malware\QtCore4.dll
          4.2s C:\Program Files (x86)\Malwarebytes Anti-Malware\QtGui4.dll
          4.9s C:\Program Files (x86)\Malwarebytes Anti-Malware\QtNetwork4.dll
          5.2s C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
          5.3s C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\mbam-killer.exe
          5.7s C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\mbam-chameleon.exe
          6.7s C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\mbam-chameleon.com
          7.1s C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\mbam-chameleon.pif
          7.4s C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\mbam-chameleon.scr

deeprybka 02.07.2014 21:40
Prima! :daumenhoc

Jetzt noch ein Scan, der sehr lange dauert....

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 2

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Sarah09 02.07.2014 22:28
ist es denn sehr schlimm und werde ich danach noch Probleme haben ?der ist noch nicht alt,der ist gut und war auch nicht billig und ich brauch den für´s Studium :(

deeprybka 02.07.2014 22:30
Nee...ist nicht schlimm...Keine Sorge....

Sarah09 03.07.2014 00:20
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=a80aff80ba311a4cb4904b4caddd7c4e
# engine=18992
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-02 10:45:55
# local_time=2014-07-03 12:45:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 11304 706010 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 87888 8724676 0 0
# scanned=247136
# found=2
# cleaned=0
# scan_time=6020
sh=20908C1205359A8545F570772106F6D72F666AC3 ft=1 fh=e61b6c9d961e4263 vn="Win32/Systweak.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\sarah\AppData\Local\Temp\is1590112554\1343904_stp\rcpsetup_adppi15_adppi15.exe"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\sarah\AppData\Local\Temp\is1590112554\1343914_stp\uninstaller.exe"

deeprybka 03.07.2014 00:25
Gut! Und jetzt noch frische FRST-Logs. Die kannste aber als Datei anhängen... ;)

Sarah09 03.07.2014 00:29
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by sarah at 2014-07-03 01:25:30
Running from C:\Users\sarah\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 clear.fi SDK - Video 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0053 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3003 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{D32367AC-8FCA-4DE8-A2C6-037AE14B4001}) (Version: 1.00.3012 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3003 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3006 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3112 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3103 - Acer Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AutoCAD 2011 - Deutsch (HKLM\...\AutoCAD 2011 - Deutsch) (Version: 18.1.49.0 - Autodesk)
AutoCAD 2011 - Deutsch (Version: 18.1.49.0 - Autodesk) Hidden
AutoCAD 2011 Language Pack - Deutsch (Version: 18.1.49.0 - Autodesk) Hidden
Autodesk Design Review 2011 (HKLM-x32\...\Autodesk Design Review 2011) (Version: 11.0.0.86 - Autodesk, Inc.)
Autodesk Design Review 2011 (x32 Version: 11.0.0.86 - Autodesk, Inc.) Hidden
Autodesk Material Library 2011 (HKLM-x32\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Medium Image library (HKLM-x32\...\{975951E7-14D0-49AF-A630-89680D12D7F6}) (Version: 2.0.0.49 - Autodesk)
Avira (HKLM-x32\...\{89ef9b48-b56b-48d8-b5c1-4eb9a5ca50cb}) (Version: 1.1.16.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.16.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Backup Manager v4 (x32 Version: 4.0.0.0053 - NTI Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.4.2 - Broadcom Corporation)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3107 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3107 - Acer Incorporated)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
ETDWare PS/2-X64 11.6.11.002_WHQL (HKLM\...\Elantech) (Version: 11.6.11.002 - ELAN Microelectronic Corp.)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.220 - SurfRight B.V.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3002 - Acer Incorporated)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3002 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.10 - Symantec Corporation) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5 - Notepad++ Team)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3102 - Acer)
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Python 3.3.2 (64-bit) (HKLM\...\{9fa9a2a6-19e4-381a-8af3-f8cf12f0dcf0}) (Version: 3.3.2150 - Python Software Foundation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.41 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.3 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Restore Points  =========================

02-07-2014 18:57:57 Removed Java 7 Update 45

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0E0834F3-D469-4C17-ACEA-BDAB2ADA1090} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15] (Adobe Systems Incorporated)
Task: {1235808C-98AC-4B4F-8214-40025646D990} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {30CB288C-6BF9-42BE-AE51-0CFA6103CBE5} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {33D47B54-4E2D-4FEA-AD9F-4BE907FEB8B9} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B00A1D6-9FBE-4ABB-B7C3-67B974B75E0E} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {41D7949E-B659-4F93-833A-5E01E5F838B9} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5BE60156-F769-4502-9670-3C5E99126B10} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {5E8FF57C-0A3D-44B2-B37C-A35B50C78422} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8A0A53A1-E85A-4330-89CC-4BCD4C2F784F} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {8A527805-07B9-4DAA-BFEC-31D2BF2F164A} - System32\Tasks\Rocket Updater => C:\Users\sarah\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {94EA158F-FA27-41BB-AF2C-9CBF20927675} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-07-13] ()
Task: {9ED32C6B-1544-4B98-9098-99B228E2955E} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-07-13] ()
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A398BED5-F299-47CB-A513-14B84F40DA03} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {A59EC215-70A5-44FD-820E-F99ECC7D97A1} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-07-13] ()
Task: {B1AC63AA-374D-45BF-BA3F-C90097A363FB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-01] (Microsoft Corporation)
Task: {B67E359E-5AE2-4E02-B5B9-A10AE9B472A6} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {CDC4A4F6-025B-4886-9D41-9BB5E692FAAA} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-07-31] (Acer Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F0D4AABF-11CF-4954-AC7F-D37A7BD2D390} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {FD5869C3-622D-447F-966D-D1203F1AB49C} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Rocket Updater.job => C:\Users\sarah\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-09-05 03:36 - 2013-09-05 03:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-09-07 01:48 - 2013-09-07 01:48 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 01:52 - 2013-09-07 01:52 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-10-04 00:42 - 2013-10-04 00:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-13 01:01 - 2012-07-13 01:01 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-07-13 01:01 - 2012-07-13 01:01 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2014-06-30 12:08 - 2014-06-30 12:08 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-06-30 12:07 - 2014-06-30 12:07 - 00065616 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-01-30 21:11 - 2014-01-30 21:11 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2012-07-31 01:04 - 2012-07-31 01:04 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2014-07-01 20:48 - 2014-06-30 12:08 - 00049744 _____ () C:\Users\sarah\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\sarah\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2014 01:18:23 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (07/02/2014 10:58:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (07/02/2014 10:58:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (07/02/2014 10:58:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (07/02/2014 10:58:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (07/02/2014 10:55:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (07/02/2014 10:36:59 PM) (Source: MsiInstaller) (EventID: 11310) (User: SARAH-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\sarah\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (07/02/2014 10:36:39 PM) (Source: MsiInstaller) (EventID: 11310) (User: SARAH-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\sarah\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (07/02/2014 09:40:42 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Sarah-PC)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.

Error: (07/02/2014 09:40:42 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Sarah-PC)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.


System errors:
=============
Error: (07/02/2014 08:55:09 PM) (Source: DCOM) (EventID: 10010) (User: SARAH-PC)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (07/02/2014 08:54:39 PM) (Source: DCOM) (EventID: 10010) (User: SARAH-PC)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (07/02/2014 08:53:25 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst mfecore erreicht.

Error: (07/02/2014 07:17:44 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 107.

Error: (07/02/2014 07:17:44 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.

Error: (07/02/2014 07:17:44 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 107.

Error: (07/02/2014 07:17:44 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.

Error: (07/02/2014 07:17:44 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 107.

Error: (07/02/2014 07:17:44 PM) (Source: Schannel) (EventID: 4106) (User: NT-AUTORITÄT)
Description: Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.

Error: (07/02/2014 07:17:44 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 107.


Microsoft Office Sessions:
=========================
Error: (07/03/2014 01:18:23 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (07/02/2014 10:58:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\sarah\Downloads\esetsmartinstaller_deu.exe

Error: (07/02/2014 10:58:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\sarah\Downloads\esetsmartinstaller_deu.exe

Error: (07/02/2014 10:58:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\sarah\Downloads\esetsmartinstaller_deu.exe

Error: (07/02/2014 10:58:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\sarah\Downloads\esetsmartinstaller_deu.exe

Error: (07/02/2014 10:55:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\sarah\Downloads\esetsmartinstaller_deu.exe

Error: (07/02/2014 10:36:59 PM) (Source: MsiInstaller) (EventID: 11310) (User: SARAH-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\sarah\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/02/2014 10:36:39 PM) (Source: MsiInstaller) (EventID: 11310) (User: SARAH-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\sarah\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/02/2014 09:40:42 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Sarah-PC)
Description:

Error: (07/02/2014 09:40:42 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Sarah-PC)
Description:


CodeIntegrity Errors:
===================================
  Date: 2014-07-01 23:55:55.478
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe that did not meet the Store signing level requirements.

  Date: 2014-07-01 23:55:54.368
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe that did not meet the Store signing level requirements.

  Date: 2014-07-01 23:55:41.446
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe that did not meet the Store signing level requirements.

  Date: 2014-07-01 23:55:35.661
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe that did not meet the Store signing level requirements.


==================== Memory info ===========================

Percentage of memory in use: 28%
Total physical RAM: 8007.27 MB
Available physical RAM: 5760.63 MB
Total Pagefile: 9287.27 MB
Available Pagefile: 6621.86 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:911.85 GB) (Free:845.89 GB) NTFS
Drive f: () (Removable) (Total:0.49 GB) (Free:0.09 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: FE2F8239)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 500 MB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by sarah (administrator) on SARAH-PC on 03-07-2014 01:24:54
Running from C:\Users\sarah\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\sarah\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\sarah\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2013-10-22] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [187984 2014-06-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-24] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
HKU\S-1-5-21-1935119182-1679436706-1176497648-1002\...\Run: [Akamai NetSession Interface] => C:\Users\sarah\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1935119182-1679436706-1176497648-1002\...\MountPoints2: {0eadf773-972e-11e2-bed2-083e8e13c20a} - "G:\LaunchU3.exe" -a
HKU\S-1-5-21-1935119182-1679436706-1176497648-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Akamai NetSession Interface] => C:\Users\sarah\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1935119182-1679436706-1176497648-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0eadf773-972e-11e2-bed2-083e8e13c20a} - "G:\LaunchU3.exe" -a
HKU\S-1-5-21-1935119182-1679436706-1176497648-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-1935119182-1679436706-1176497648-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - DefaultScope {9751BD22-06D2-4E30-A655-E3E74711C0A5} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAtD0FtBzyyByD0F0FyB0BtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StAyCtDtCyE0C0A0CtGtDyD0EyCtGtAtDyD0CtGyB0B0FyBtGyC0FtCtAtDyDyBtCyBtAzztA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0EyCtB0EtAtDtGyCyD0BzztGzy0CyB0BtGzyyE0DtBtGyByBzy0E0A0BtByCyByBtB0A2Q&cr=1568073730&ir=
SearchScopes: HKLM - {9751BD22-06D2-4E30-A655-E3E74711C0A5} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAtD0FtBzyyByD0F0FyB0BtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StAyCtDtCyE0C0A0CtGtDyD0EyCtGtAtDyD0CtGyB0B0FyBtGyC0FtCtAtDyDyBtCyBtAzztA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0EyCtB0EtAtDtGyCyD0BzztGzy0CyB0BtGzyyE0DtBtGyByBzy0E0A0BtByCyByBtB0A2Q&cr=1568073730&ir=
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {9751BD22-06D2-4E30-A655-E3E74711C0A5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {9751BD22-06D2-4E30-A655-E3E74711C0A5} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAtD0FtBzyyByD0F0FyB0BtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StAyCtDtCyE0C0A0CtGtDyD0EyCtGtAtDyD0CtGyB0B0FyBtGyC0FtCtAtDyDyBtCyBtAzztA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0EyCtB0EtAtDtGyCyD0BzztGzy0CyB0BtGzyyE0DtBtGyByBzy0E0A0BtByCyByBtB0A2Q&cr=1568073730&ir=
SearchScopes: HKCU - {9751BD22-06D2-4E30-A655-E3E74711C0A5} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAtD0FtBzyyByD0F0FyB0BtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StAyCtDtCyE0C0A0CtGtDyD0EyCtGtAtDyD0CtGyB0B0FyBtGyC0FtCtAtDyDyBtCyBtAzztA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0EyCtB0EtAtDtGyCyD0BzztGzy0CyB0BtGzyyE0DtBtGyByBzy0E0A0BtByCyByBtB0A2Q&cr=1568073730&ir=
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [138832 2014-06-30] (Avira Operations GmbH & Co. KG)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-07-02] (SurfRight B.V.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-01-30] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-26] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-06-24] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32640 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-01-30] (Intel Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-26] (Dritek System Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-02 22:54 - 2014-07-02 22:55 - 02347384 _____ (ESET) C:\Users\sarah\Downloads\esetsmartinstaller_deu.exe
2014-07-02 22:38 - 2014-07-02 22:38 - 00016018 _____ () C:\Users\sarah\Desktop\HitmanPro_20140702_2238.log
2014-07-02 22:33 - 2014-07-02 22:33 - 00001146 _____ () C:\Users\sarah\Desktop\malware1.txt
2014-07-02 22:30 - 2014-07-02 22:31 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-02 22:30 - 2014-07-02 22:30 - 00001925 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-07-02 22:30 - 2014-07-02 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-07-02 22:30 - 2014-07-02 22:30 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-02 22:28 - 2014-07-02 22:28 - 11185664 _____ (SurfRight B.V.) C:\Users\sarah\Downloads\HitmanPro_x64.exe
2014-07-02 21:41 - 2014-07-02 21:41 - 00000000 ___RD () C:\Users\sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-02 21:40 - 2014-07-02 21:40 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\Vorlagen
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\Startmenü
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\Netzwerkumgebung
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\Lokale Einstellungen
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\Eigene Dateien
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\Druckumgebung
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Musik
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Bilder
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Verlauf
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Anwendungsdaten
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\Anwendungsdaten
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 ____D () C:\Users\TEMP
2014-07-02 21:40 - 2014-07-02 00:21 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-02 21:40 - 2014-07-01 13:01 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-02 21:40 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-07-02 21:40 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-07-02 21:40 - 2013-12-10 15:43 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Microsoft Help
2014-07-02 21:40 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-02 21:40 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-02 21:25 - 2014-07-02 21:36 - 00000000 ___DC () C:\AdwCleaner
2014-07-02 19:49 - 2014-07-02 19:50 - 00043346 _____ () C:\Users\sarah\Downloads\Addition.txt
2014-07-02 19:48 - 2014-07-03 01:25 - 00020612 _____ () C:\Users\sarah\Downloads\FRST.txt
2014-07-02 19:47 - 2014-07-03 01:24 - 00000000 ___DC () C:\FRST
2014-07-02 19:46 - 2014-07-02 19:47 - 02083840 _____ (Farbar) C:\Users\sarah\Downloads\FRST64.exe
2014-07-02 19:04 - 2014-07-02 19:05 - 00014138 _____ () C:\Users\sarah\Desktop\maleware.txt
2014-07-02 18:59 - 2014-07-02 18:59 - 00013181 _____ () C:\Users\sarah\Desktop\malwarebytes.txt
2014-07-02 00:04 - 2014-07-02 23:59 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 00:04 - 2014-07-02 00:04 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-02 00:04 - 2014-07-02 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-02 00:03 - 2014-07-02 19:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-02 00:03 - 2014-07-02 00:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 00:03 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-02 00:03 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-02 00:03 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-02 00:01 - 2014-07-02 00:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\sarah\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 20:53 - 2014-07-01 20:53 - 00000000 ____D () C:\Users\sarah\AppData\Roaming\Avira
2014-07-01 20:47 - 2014-06-24 20:39 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-07-01 20:47 - 2014-06-24 20:39 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-07-01 20:47 - 2014-06-24 20:39 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2014-07-01 20:36 - 2014-07-01 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-01 20:36 - 2014-07-01 20:47 - 00000000 ____D () C:\ProgramData\Avira
2014-07-01 20:36 - 2014-07-01 20:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-01 20:36 - 2014-07-01 20:36 - 00001157 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-07-01 20:36 - 2014-07-01 20:36 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-01 20:06 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-07-01 20:06 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-07-01 20:06 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-07-01 20:06 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-07-01 20:06 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-07-01 20:05 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-07-01 20:05 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-07-01 20:05 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-07-01 20:05 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-07-01 20:05 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-07-01 19:57 - 2014-07-01 19:57 - 00000000 ____D () C:\Users\sarah\AppData\Roaming\Atheros
2014-07-01 19:57 - 2014-07-01 19:57 - 00000000 ____D () C:\ProgramData\Atheros
2014-07-01 17:04 - 2014-07-01 17:04 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2014-07-01 17:03 - 2014-07-01 17:05 - 00000000 ____D () C:\Program Files\Common Files\QCA_Bluetooth
2014-07-01 17:03 - 2014-07-01 17:04 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2014-07-01 16:57 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-01 16:57 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-07-01 16:57 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-01 16:57 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-01 16:57 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-01 16:57 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-01 16:57 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-01 16:57 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-01 16:57 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-01 16:57 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-01 16:57 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-01 16:57 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-01 16:56 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-01 16:56 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-07-01 16:56 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-01 16:56 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-07-01 16:56 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-01 16:56 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-01 16:56 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-07-01 16:56 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-01 16:56 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-01 16:56 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-01 16:56 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-01 16:56 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-01 16:56 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-01 16:56 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-01 16:56 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-01 16:56 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-01 16:56 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-01 16:55 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-07-01 16:55 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-07-01 16:55 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-07-01 16:55 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-07-01 16:55 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-07-01 16:55 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-07-01 16:54 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-01 16:54 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-01 16:54 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-01 16:54 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-01 16:54 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-01 16:54 - 2014-04-18 16:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-07-01 16:54 - 2014-04-18 16:44 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-07-01 16:54 - 2014-04-18 15:29 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-07-01 16:54 - 2014-04-18 11:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-07-01 16:54 - 2014-04-18 11:32 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-01 16:54 - 2014-04-18 10:58 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-01 16:54 - 2014-04-18 10:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-07-01 16:54 - 2014-04-18 10:21 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-07-01 16:54 - 2014-04-18 10:09 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-07-01 16:54 - 2014-04-18 09:51 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-07-01 16:54 - 2014-04-18 09:49 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-07-01 16:54 - 2014-04-14 11:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-07-01 16:54 - 2014-04-14 10:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-07-01 16:54 - 2014-04-11 12:03 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-01 16:54 - 2014-04-11 12:03 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-01 16:54 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-07-01 16:54 - 2014-04-11 08:13 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-07-01 16:54 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-07-01 16:54 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-07-01 16:54 - 2014-04-11 06:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-07-01 16:54 - 2014-04-11 06:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-07-01 16:54 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-07-01 16:54 - 2014-04-11 05:30 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-07-01 16:54 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-07-01 16:54 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll

deeprybka 03.07.2014 00:30
Sehr gut...
Rest machen wir dann "morgen"... ;)

Sarah09 03.07.2014 09:02
Code:
2014-07-01 16:54 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-07-01 16:54 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-07-01 16:54 - 2014-04-11 05:00 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-01 16:54 - 2014-04-11 04:59 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-01 16:54 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-07-01 16:54 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-07-01 16:54 - 2014-04-11 04:55 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-01 16:54 - 2014-04-11 04:53 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-01 16:54 - 2014-04-11 04:52 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-01 16:54 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-07-01 16:54 - 2014-04-11 04:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-01 16:54 - 2014-04-11 04:29 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-01 16:54 - 2014-04-09 13:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-07-01 16:54 - 2014-04-09 08:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-07-01 16:54 - 2014-04-09 07:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-07-01 16:54 - 2014-04-09 06:35 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-01 16:54 - 2014-04-09 05:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-07-01 16:54 - 2014-04-08 04:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-07-01 16:54 - 2014-04-06 18:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-07-01 16:54 - 2014-04-06 18:34 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-07-01 16:54 - 2014-04-06 18:32 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-07-01 16:54 - 2014-04-06 18:31 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-07-01 16:54 - 2014-04-06 18:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-07-01 16:54 - 2014-04-06 18:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-07-01 16:54 - 2014-04-06 18:20 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-07-01 16:54 - 2014-04-06 18:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-07-01 16:54 - 2014-04-06 18:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-07-01 16:54 - 2014-04-06 18:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-07-01 16:54 - 2014-04-06 18:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-07-01 16:54 - 2014-04-06 18:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-07-01 16:54 - 2014-04-06 18:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-07-01 16:54 - 2014-04-06 18:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-07-01 16:54 - 2014-04-06 18:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-07-01 16:54 - 2014-04-06 18:20 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-07-01 16:54 - 2014-04-06 17:23 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-07-01 16:54 - 2014-04-06 17:22 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-07-01 16:54 - 2014-04-06 17:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-07-01 16:54 - 2014-04-06 17:16 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-07-01 16:54 - 2014-04-06 17:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-07-01 16:54 - 2014-04-06 17:16 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-07-01 16:54 - 2014-04-06 17:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-07-01 16:54 - 2014-04-06 17:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-07-01 16:54 - 2014-04-06 17:16 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-07-01 16:54 - 2014-04-06 17:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-07-01 16:54 - 2014-04-06 17:16 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-07-01 16:54 - 2014-04-06 17:16 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-07-01 16:54 - 2014-04-06 16:10 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-01 16:54 - 2014-04-06 14:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-07-01 16:54 - 2014-04-06 13:55 - 16872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-07-01 16:54 - 2014-04-06 13:54 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-07-01 16:54 - 2014-04-06 13:01 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-07-01 16:54 - 2014-04-06 12:52 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-07-01 16:54 - 2014-04-06 12:51 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-07-01 16:54 - 2014-04-06 12:37 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-07-01 16:54 - 2014-04-06 12:36 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-07-01 16:54 - 2014-04-06 12:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-07-01 16:54 - 2014-04-06 11:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-07-01 16:54 - 2014-04-03 10:12 - 02124840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-07-01 16:54 - 2014-04-03 10:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-07-01 16:54 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-07-01 16:54 - 2014-04-03 06:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-07-01 16:54 - 2014-04-03 06:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-07-01 16:54 - 2014-04-03 05:53 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-07-01 16:54 - 2014-04-03 04:53 - 04269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-07-01 16:54 - 2014-04-03 04:53 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-07-01 16:54 - 2014-04-03 04:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-07-01 16:54 - 2014-04-03 04:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-01 16:54 - 2014-04-03 04:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-07-01 16:54 - 2014-04-01 08:23 - 00384856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-07-01 16:54 - 2014-03-31 07:42 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-07-01 16:54 - 2014-03-31 00:54 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-07-01 16:54 - 2014-03-28 17:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-07-01 16:54 - 2014-03-27 08:16 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-07-01 16:54 - 2014-03-27 07:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-07-01 16:54 - 2014-03-27 06:59 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-07-01 16:54 - 2014-03-27 05:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-07-01 16:54 - 2014-03-27 05:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-07-01 16:54 - 2014-03-27 05:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-07-01 16:54 - 2014-03-25 00:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-07-01 16:54 - 2014-03-20 05:48 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-07-01 16:54 - 2014-03-20 02:44 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-07-01 16:54 - 2014-03-20 01:33 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-07-01 16:54 - 2014-03-19 10:07 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-07-01 16:54 - 2014-03-19 06:18 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-07-01 16:54 - 2014-03-18 10:19 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-07-01 16:54 - 2014-03-18 07:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-07-01 16:54 - 2014-03-18 06:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-07-01 16:54 - 2014-03-17 07:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-07-01 16:54 - 2014-03-17 06:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-07-01 16:54 - 2014-03-17 05:01 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-07-01 16:54 - 2014-03-17 04:47 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-07-01 16:54 - 2014-03-17 04:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-07-01 16:54 - 2014-03-14 08:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-07-01 16:54 - 2014-03-14 08:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-07-01 16:54 - 2014-03-06 14:42 - 00310616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-07-01 16:53 - 2014-04-06 18:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-07-01 16:53 - 2014-04-06 18:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-07-01 16:53 - 2014-04-06 18:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-07-01 16:53 - 2014-04-06 14:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-07-01 16:53 - 2014-04-06 14:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-07-01 16:53 - 2014-04-06 14:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-07-01 16:53 - 2014-04-06 14:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-07-01 16:53 - 2014-04-06 13:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-07-01 16:53 - 2014-04-06 13:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-07-01 16:53 - 2014-04-03 10:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-07-01 16:53 - 2014-04-03 04:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-07-01 16:53 - 2014-04-03 04:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-07-01 16:53 - 2014-03-31 02:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-07-01 16:53 - 2014-03-31 02:01 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-07-01 16:53 - 2014-03-31 01:43 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-07-01 16:53 - 2014-03-31 00:49 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-07-01 16:53 - 2014-03-31 00:35 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-07-01 16:53 - 2014-03-31 00:11 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-07-01 16:53 - 2014-03-30 23:47 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-07-01 16:53 - 2014-03-27 06:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-07-01 16:53 - 2014-03-27 06:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-07-01 16:53 - 2014-03-19 10:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-07-01 16:53 - 2014-03-19 09:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-07-01 16:53 - 2014-03-19 09:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-07-01 16:53 - 2014-03-19 08:36 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-07-01 16:53 - 2014-03-19 07:56 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-07-01 16:53 - 2014-03-19 07:45 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-07-01 16:53 - 2014-03-19 07:19 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-07-01 16:53 - 2014-03-19 07:07 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-07-01 16:53 - 2014-03-19 07:02 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-07-01 16:53 - 2014-03-19 07:00 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-07-01 16:53 - 2014-03-19 06:51 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-07-01 16:53 - 2014-03-19 06:31 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-07-01 16:53 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-07-01 16:51 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-07-01 16:51 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-07-01 16:51 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-07-01 16:51 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-07-01 16:51 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-07-01 16:51 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-07-01 16:49 - 2014-07-01 16:49 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-07-01 16:49 - 2014-07-01 16:49 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-07-01 16:49 - 2014-07-01 16:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-07-01 16:49 - 2014-07-01 16:49 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-07-01 16:49 - 2014-07-01 16:49 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-07-01 16:49 - 2014-07-01 16:49 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-07-01 16:49 - 2014-07-01 16:49 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-07-01 16:49 - 2014-07-01 16:49 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-07-01 16:44 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-07-01 16:44 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-07-01 16:44 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-07-01 16:44 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-07-01 16:44 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-07-01 16:44 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-07-01 14:00 - 2014-07-01 14:00 - 00000000 __SHD () C:\Users\sarah\AppData\Local\EmieUserList
2014-07-01 14:00 - 2014-07-01 14:00 - 00000000 __SHD () C:\Users\sarah\AppData\Local\EmieSiteList
2014-06-29 19:58 - 2014-06-29 19:58 - 00109120 _____ () C:\Users\sarah\Desktop\Verkehr 3.1.dwg
2014-06-29 14:07 - 2014-03-20 06:19 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-06-29 14:07 - 2014-03-20 05:41 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-06-29 14:07 - 2014-03-20 05:41 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-06-29 14:07 - 2014-03-20 05:40 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-06-29 14:07 - 2014-03-20 02:53 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-06-29 14:07 - 2014-03-20 01:55 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-06-29 14:07 - 2014-03-20 01:39 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-06-29 14:07 - 2014-03-19 09:13 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-06-29 14:07 - 2014-03-19 07:31 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-06-29 14:07 - 2014-03-13 14:35 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-06-29 14:07 - 2014-03-11 16:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-06-29 14:07 - 2014-03-11 15:21 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-06-29 14:07 - 2014-03-11 15:02 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-06-29 14:07 - 2014-03-11 14:42 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-06-29 14:07 - 2014-03-11 14:35 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-06-29 14:07 - 2014-03-08 22:47 - 00565536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-06-29 14:07 - 2014-03-08 22:38 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-06-29 14:07 - 2014-03-08 17:29 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-06-29 14:07 - 2014-03-08 13:34 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-06-29 14:07 - 2014-03-08 09:03 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-06-29 14:07 - 2014-03-08 09:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-06-29 14:07 - 2014-03-08 08:46 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-06-29 14:07 - 2014-03-08 08:37 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-06-29 14:07 - 2014-03-08 08:31 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-06-29 14:07 - 2014-03-08 07:41 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-06-29 14:07 - 2014-03-08 07:11 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-06-29 14:07 - 2014-03-06 16:34 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-06-29 14:07 - 2014-03-06 14:53 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-06-29 14:07 - 2014-03-06 14:53 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-06-29 14:07 - 2014-03-06 14:51 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-06-29 14:07 - 2014-03-06 14:51 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-06-29 14:07 - 2014-03-06 13:13 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-06-29 14:07 - 2014-03-06 13:13 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-06-29 14:07 - 2014-03-06 12:46 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-06-29 14:07 - 2014-03-06 11:19 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-06-29 14:07 - 2014-03-06 10:20 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-06-29 14:07 - 2014-03-06 09:02 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-06-29 14:07 - 2014-03-06 08:51 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-06-29 14:07 - 2014-03-06 08:39 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-06-29 14:07 - 2014-03-06 08:23 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-06-29 14:07 - 2014-03-06 08:09 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-06-29 14:07 - 2014-03-06 07:47 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-06-29 14:07 - 2014-03-04 14:25 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-06-29 14:07 - 2014-03-04 13:16 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-06-29 14:07 - 2014-03-04 09:16 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-06-29 14:07 - 2014-03-04 09:00 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-06-29 14:07 - 2014-03-04 08:42 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-06-29 14:07 - 2014-03-04 08:32 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-06-29 14:07 - 2014-03-04 08:03 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-06-29 14:07 - 2014-03-04 07:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-06-29 14:06 - 2014-03-20 02:48 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-06-29 14:06 - 2014-03-20 01:36 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-06-29 14:06 - 2014-03-19 07:57 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-06-29 14:06 - 2014-03-19 07:50 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-06-29 14:06 - 2014-03-19 07:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-06-29 14:06 - 2014-03-19 07:08 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-06-29 14:06 - 2014-03-12 15:45 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-06-29 14:06 - 2014-03-11 17:45 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-06-29 14:06 - 2014-03-11 17:18 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-06-29 14:06 - 2014-03-11 17:02 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2014-06-29 14:06 - 2014-03-11 16:28 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-06-29 14:06 - 2014-03-11 16:25 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2014-06-29 14:06 - 2014-03-11 16:05 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2014-06-29 14:06 - 2014-03-11 16:03 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-06-29 14:06 - 2014-03-08 22:47 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-06-29 14:06 - 2014-03-08 22:40 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-06-29 14:06 - 2014-03-08 22:35 - 00467800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-06-29 14:06 - 2014-03-08 11:34 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-06-29 14:06 - 2014-03-08 11:02 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-06-29 14:06 - 2014-03-08 10:44 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-06-29 14:06 - 2014-03-08 10:33 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-06-29 14:06 - 2014-03-08 10:25 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-06-29 14:06 - 2014-03-08 10:12 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-06-29 14:06 - 2014-03-08 09:53 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-06-29 14:06 - 2014-03-08 09:47 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-06-29 14:06 - 2014-03-08 09:12 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-06-29 14:06 - 2014-03-08 09:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-06-29 14:06 - 2014-03-08 08:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-06-29 14:06 - 2014-03-08 08:41 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-06-29 14:06 - 2014-03-08 08:40 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-06-29 14:06 - 2014-03-08 08:30 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-06-29 14:06 - 2014-03-08 08:25 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-06-29 14:06 - 2014-03-08 08:04 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-06-29 14:06 - 2014-03-08 07:58 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-06-29 14:06 - 2014-03-06 16:34 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-06-29 14:06 - 2014-03-06 14:51 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-06-29 14:06 - 2014-03-06 14:39 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-06-29 14:06 - 2014-03-06 13:19 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-06-29 14:06 - 2014-03-06 13:19 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-06-29 14:06 - 2014-03-06 11:24 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-06-29 14:06 - 2014-03-06 11:24 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-06-29 14:06 - 2014-03-06 11:24 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-06-29 14:06 - 2014-03-06 11:22 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-06-29 14:06 - 2014-03-06 11:22 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-06-29 14:06 - 2014-03-06 11:19 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-06-29 14:06 - 2014-03-06 11:19 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-06-29 14:06 - 2014-03-06 11:19 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-06-29 14:06 - 2014-03-06 11:08 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-06-29 14:06 - 2014-03-06 10:41 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-06-29 14:06 - 2014-03-06 10:38 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-06-29 14:06 - 2014-03-06 10:14 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDScDrv.dll
2014-06-29 14:06 - 2014-03-06 10:10 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-06-29 14:06 - 2014-03-06 10:00 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-06-29 14:06 - 2014-03-06 09:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-06-29 14:06 - 2014-03-06 09:16 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-06-29 14:06 - 2014-03-06 08:31 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-06-29 14:06 - 2014-03-06 08:29 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-06-29 14:06 - 2014-03-06 08:27 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-06-29 14:06 - 2014-03-06 08:24 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-06-29 14:06 - 2014-03-06 08:23 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-06-29 14:06 - 2014-03-06 08:21 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-06-29 14:06 - 2014-03-06 08:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-06-29 14:06 - 2014-03-06 08:11 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-06-29 14:06 - 2014-03-06 08:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-06-29 14:06 - 2014-03-06 08:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-06-29 14:06 - 2014-03-06 08:01 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-06-29 14:06 - 2014-03-06 07:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-06-29 14:06 - 2014-03-06 07:42 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-06-29 14:06 - 2014-03-04 14:14 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-06-29 14:06 - 2014-03-04 13:10 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-06-29 14:06 - 2014-03-04 09:13 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-06-29 14:06 - 2014-03-04 09:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-06-29 14:06 - 2014-03-04 08:56 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-06-29 14:06 - 2014-03-04 08:50 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-06-29 14:06 - 2014-03-04 08:39 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-06-29 14:06 - 2014-03-04 08:15 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-06-29 14:06 - 2014-03-04 08:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-06-29 14:06 - 2014-03-04 08:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-06-29 14:06 - 2014-03-04 07:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-06-29 14:06 - 2013-12-24 01:28 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-06-29 14:06 - 2013-12-24 01:26 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-06-29 14:01 - 2014-02-22 17:53 - 03394384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-06-29 14:01 - 2014-02-22 14:08 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll
2014-06-29 14:01 - 2014-02-22 13:17 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OobeFldr.dll
2014-06-29 14:01 - 2014-02-22 12:34 - 11742720 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2014-06-29 14:01 - 2014-02-22 12:02 - 08946688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2014-06-29 14:01 - 2014-02-22 11:01 - 13933568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2014-06-29 14:01 - 2014-02-08 03:08 - 00139600 _____ () C:\WINDOWS\system32\systemsf.ebd
2014-06-29 14:01 - 2013-12-21 16:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-06-29 14:00 - 2014-02-22 18:59 - 01519520 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-06-29 14:00 - 2014-02-22 18:59 - 01290688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-06-29 14:00 - 2014-02-22 18:59 - 00526304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2014-06-29 14:00 - 2014-02-22 18:15 - 01929608 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2014-06-29 14:00 - 2014-02-22 18:15 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2014-06-29 14:00 - 2014-02-22 18:00 - 00249688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2014-06-29 14:00 - 2014-02-22 17:55 - 01435304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-06-29 14:00 - 2014-02-22 17:50 - 00645104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-06-29 14:00 - 2014-02-22 17:48 - 02574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-06-29 14:00 - 2014-02-22 17:46 - 01927600 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-06-29 14:00 - 2014-02-22 17:46 - 01445616 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2014-06-29 14:00 - 2014-02-22 17:46 - 01000424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2014-06-29 14:00 - 2014-02-22 17:44 - 00539992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2014-06-29 14:00 - 2014-02-22 17:44 - 00424280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-06-29 14:00 - 2014-02-22 17:43 - 01727760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-06-29 14:00 - 2014-02-22 17:43 - 01487520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-06-29 14:00 - 2014-02-22 17:43 - 01356360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-06-29 14:00 - 2014-02-22 17:41 - 01215832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2014-06-29 14:00 - 2014-02-22 17:41 - 00800552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2014-06-29 14:00 - 2014-02-22 17:41 - 00391008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2014-06-29 14:00 - 2014-02-22 17:40 - 01118552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-06-29 14:00 - 2014-02-22 16:52 - 01767440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2014-06-29 14:00 - 2014-02-22 16:51 - 01063976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2014-06-29 14:00 - 2014-02-22 16:42 - 01017936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-06-29 14:00 - 2014-02-22 16:42 - 00422968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2014-06-29 14:00 - 2014-02-22 16:38 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-06-29 14:00 - 2014-02-22 16:38 - 01077944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2014-06-29 14:00 - 2014-02-22 16:25 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-06-29 14:00 - 2014-02-22 16:18 - 00477744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-06-29 14:00 - 2014-02-22 16:08 - 01474104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-06-29 14:00 - 2014-02-22 16:04 - 01011280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2014-06-29 14:00 - 2014-02-22 16:04 - 00650736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2014-06-29 14:00 - 2014-02-22 14:24 - 02825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2014-06-29 14:00 - 2014-02-22 14:22 - 01163264 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-06-29 14:00 - 2014-02-22 14:07 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2014-06-29 14:00 - 2014-02-22 14:07 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofUtil.dll
2014-06-29 14:00 - 2014-02-22 13:28 - 02428928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2014-06-29 14:00 - 2014-02-22 13:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe
2014-06-29 14:00 - 2014-02-22 12:47 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2014-06-29 14:00 - 2014-02-22 12:38 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2014-06-29 14:00 - 2014-02-22 12:22 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-06-29 14:00 - 2014-02-22 12:08 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-06-29 14:00 - 2014-02-22 11:53 - 00825344 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2014-06-29 14:00 - 2014-02-22 11:52 - 01132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2014-06-29 14:00 - 2014-02-22 11:48 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-06-29 14:00 - 2014-02-22 11:47 - 01192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2014-06-29 14:00 - 2014-02-22 11:38 - 00753664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2014-06-29 14:00 - 2014-02-22 11:35 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll
2014-06-29 14:00 - 2014-02-22 11:28 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2014-06-29 14:00 - 2014-02-22 11:26 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2014-06-29 14:00 - 2014-02-22 11:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-06-29 14:00 - 2014-02-22 11:24 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2014-06-29 14:00 - 2014-02-22 11:23 - 03494912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2014-06-29 14:00 - 2014-02-22 11:23 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-06-29 14:00 - 2014-02-22 11:23 - 01576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2014-06-29 14:00 - 2014-02-22 11:23 - 00628224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2014-06-29 14:00 - 2014-02-22 11:16 - 11776000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2014-06-29 14:00 - 2014-02-22 11:14 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2014-06-29 14:00 - 2014-02-22 11:13 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2014-06-29 14:00 - 2014-02-22 11:11 - 02395136 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-06-29 14:00 - 2014-02-22 11:11 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2014-06-29 14:00 - 2014-02-22 11:10 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-06-29 14:00 - 2014-02-22 11:07 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2014-06-29 14:00 - 2014-02-22 11:00 - 01341440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2014-06-29 14:00 - 2014-02-22 11:00 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2014-06-29 14:00 - 2014-02-22 10:59 - 01621504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll
2014-06-29 14:00 - 2014-02-22 10:59 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-06-29 14:00 - 2014-02-22 10:59 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-06-29 14:00 - 2014-02-22 10:54 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-06-29 14:00 - 2014-02-22 10:51 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RacEngn.dll
2014-06-29 14:00 - 2014-02-22 10:47 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-06-29 14:00 - 2014-02-22 10:45 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2014-06-29 14:00 - 2014-02-22 10:44 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-06-29 14:00 - 2014-02-22 10:40 - 02368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2014-06-29 14:00 - 2014-02-22 10:39 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2014-06-29 14:00 - 2014-02-22 10:37 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2014-06-29 14:00 - 2014-02-22 10:22 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-06-29 14:00 - 2014-02-22 10:21 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-06-29 14:00 - 2014-02-22 10:18 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-06-29 14:00 - 2014-02-22 10:17 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-06-29 14:00 - 2014-02-22 10:06 - 01640960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2014-06-29 14:00 - 2014-02-22 10:03 - 01496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2014-06-29 14:00 - 2014-01-29 10:53 - 01653352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-06-29 14:00 - 2014-01-29 09:44 - 01369736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-06-29 14:00 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-06-29 14:00 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-06-29 14:00 - 2013-12-10 09:35 - 00530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2014-06-29 14:00 - 2013-12-09 02:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-06-29 14:00 - 2013-12-09 01:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-06-29 13:59 - 2014-02-22 18:59 - 00461176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-06-29 13:59 - 2014-02-22 18:59 - 00407536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-06-29 13:59 - 2014-02-22 18:59 - 00289752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2014-06-29 13:59 - 2014-02-22 18:15 - 00531128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2014-06-29 13:59 - 2014-02-22 17:55 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-06-29 13:59 - 2014-02-22 17:55 - 00244848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-06-29 13:59 - 2014-02-22 17:55 - 00105864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-06-29 13:59 - 2014-02-22 17:50 - 00761792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2014-06-29 13:59 - 2014-02-22 17:49 - 00280920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-06-29 13:59 - 2014-02-22 17:49 - 00148824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-06-29 13:59 - 2014-02-22 17:48 - 01791752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2014-06-29 13:59 - 2014-02-22 17:48 - 00210736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-06-29 13:59 - 2014-02-22 17:46 - 00669896 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2014-06-29 13:59 - 2014-02-22 17:43 - 01659056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-06-29 13:59 - 2014-02-22 17:43 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-06-29 13:59 - 2014-02-22 17:41 - 00372360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2014-06-29 13:59 - 2014-02-22 16:42 - 00410568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-06-29 13:59 - 2014-02-22 16:42 - 00369288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-06-29 13:59 - 2014-02-22 16:38 - 00336232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-06-29 13:59 - 2014-02-22 16:38 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-06-29 13:59 - 2014-02-22 16:11 - 00490136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2014-06-29 13:59 - 2014-02-22 16:04 - 00317584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2014-06-29 13:59 - 2014-02-22 16:04 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2014-06-29 13:59 - 2014-02-22 14:11 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-06-29 13:59 - 2014-02-22 14:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2014-06-29 13:59 - 2014-02-22 13:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2014-06-29 13:59 - 2014-02-22 13:54 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-06-29 13:59 - 2014-02-22 13:46 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-06-29 13:59 - 2014-02-22 13:16 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2014-06-29 13:59 - 2014-02-22 13:06 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2014-06-29 13:59 - 2014-02-22 12:58 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-06-29 13:59 - 2014-02-22 12:56 - 02862592 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2014-06-29 13:59 - 2014-02-22 12:52 - 02288640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2014-06-29 13:59 - 2014-02-22 12:41 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-06-29 13:59 - 2014-02-22 12:41 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2014-06-29 13:59 - 2014-02-22 12:39 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-06-29 13:59 - 2014-02-22 12:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2014-06-29 13:59 - 2014-02-22 12:36 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2014-06-29 13:59 - 2014-02-22 12:25 - 01428480 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2014-06-29 13:59 - 2014-02-22 12:18 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2014-06-29 13:59 - 2014-02-22 12:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2014-06-29 13:59 - 2014-02-22 12:14 - 02811392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2014-06-29 13:59 - 2014-02-22 12:09 - 01224192 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2014-06-29 13:59 - 2014-02-22 12:05 - 01757184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-06-29 13:59 - 2014-02-22 12:02 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2014-06-29 13:59 - 2014-02-22 12:01 - 01227776 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-06-29 13:59 - 2014-02-22 12:01 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-06-29 13:59 - 2014-02-22 12:01 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2014-06-29 13:59 - 2014-02-22 11:59 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-06-29 13:59 - 2014-02-22 11:57 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-06-29 13:59 - 2014-02-22 11:54 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2014-06-29 13:59 - 2014-02-22 11:48 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-06-29 13:59 - 2014-02-22 11:46 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-06-29 13:59 - 2014-02-22 11:45 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-06-29 13:59 - 2014-02-22 11:44 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2014-06-29 13:59 - 2014-02-22 11:44 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-06-29 13:59 - 2014-02-22 11:43 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2014-06-29 13:59 - 2014-02-22 11:36 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2014-06-29 13:59 - 2014-02-22 11:35 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2014-06-29 13:59 - 2014-02-22 11:34 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2014-06-29 13:59 - 2014-02-22 11:34 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2014-06-29 13:59 - 2014-02-22 11:33 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2014-06-29 13:59 - 2014-02-22 11:32 - 01162752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2014-06-29 13:59 - 2014-02-22 11:25 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-06-29 13:59 - 2014-02-22 11:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-06-29 13:59 - 2014-02-22 11:23 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-06-29 13:59 - 2014-02-22 11:15 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2014-06-29 13:59 - 2014-02-22 11:14 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2014-06-29 13:59 - 2014-02-22 11:12 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2014-06-29 13:59 - 2014-02-22 11:10 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-06-29 13:59 - 2014-02-22 11:06 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-06-29 13:59 - 2014-02-22 11:04 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\perftrack.dll
2014-06-29 13:59 - 2014-02-22 10:59 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-06-29 13:59 - 2014-02-22 10:54 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2014-06-29 13:59 - 2014-02-22 10:54 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2014-06-29 13:59 - 2014-02-22 10:53 - 00876544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-06-29 13:59 - 2014-02-22 10:51 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2014-06-29 13:59 - 2014-02-22 10:51 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2014-06-29 13:59 - 2014-02-22 10:49 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2014-06-29 13:59 - 2014-02-22 10:47 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2014-06-29 13:59 - 2014-02-22 10:47 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-06-29 13:59 - 2014-02-22 10:45 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-06-29 13:59 - 2014-02-22 10:43 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2014-06-29 13:59 - 2014-02-22 10:43 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2014-06-29 13:59 - 2014-02-22 10:43 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-06-29 13:59 - 2014-02-22 10:43 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2014-06-29 13:59 - 2014-02-22 10:42 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2014-06-29 13:59 - 2014-02-22 10:40 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-06-29 13:59 - 2014-02-22 10:37 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2014-06-29 13:59 - 2014-02-22 10:36 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2014-06-29 13:59 - 2014-02-22 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-06-29 13:59 - 2014-02-22 10:33 - 00609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2014-06-29 13:59 - 2014-02-22 10:24 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2014-06-29 13:59 - 2014-02-22 10:21 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2014-06-29 13:59 - 2014-02-22 10:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2014-06-29 13:59 - 2014-02-22 10:00 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2014-06-29 13:59 - 2014-02-22 06:33 - 00262335 _____ () C:\WINDOWS\system32\dfpinc.dat
2014-06-29 13:59 - 2014-01-31 11:55 - 03596800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2014-06-29 13:59 - 2014-01-31 11:10 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-06-29 13:59 - 2014-01-31 10:18 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-06-29 13:59 - 2014-01-29 10:52 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-06-29 13:59 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2014-06-29 13:59 - 2014-01-29 02:17 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2014-06-29 13:59 - 2014-01-27 21:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-06-29 13:59 - 2014-01-27 19:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-06-29 13:59 - 2014-01-17 19:24 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2014-06-29 13:59 - 2014-01-08 03:30 - 00745328 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-06-29 13:59 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-06-29 13:59 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-06-29 13:59 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-06-29 13:59 - 2013-12-04 17:16 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-06-29 13:59 - 2013-11-11 01:41 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2014-06-29 13:58 - 2014-02-22 18:59 - 00209160 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2014-06-29 13:58 - 2014-02-22 18:59 - 00139464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2014-06-29 13:58 - 2014-02-22 18:58 - 00036200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2014-06-29 13:58 - 2014-02-22 18:15 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\system32\powrprof.dll
2014-06-29 13:58 - 2014-02-22 18:15 - 00188464 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2014-06-29 13:58 - 2014-02-22 18:15 - 00071888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2014-06-29 13:58 - 2014-02-22 18:02 - 00170952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2014-06-29 13:58 - 2014-02-22 18:02 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2014-06-29 13:58 - 2014-02-22 18:02 - 00080048 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2014-06-29 13:58 - 2014-02-22 18:00 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-06-29 13:58 - 2014-02-22 18:00 - 00151384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-06-29 13:58 - 2014-02-22 18:00 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2014-06-29 13:58 - 2014-02-22 17:55 - 00162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2014-06-29 13:58 - 2014-02-22 17:55 - 00152848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2014-06-29 13:58 - 2014-02-22 17:55 - 00131168 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-06-29 13:58 - 2014-02-22 17:50 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2014-06-29 13:58 - 2014-02-22 17:50 - 00043408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2014-06-29 13:58 - 2014-02-22 17:50 - 00032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2014-06-29 13:58 - 2014-02-22 17:49 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-06-29 13:58 - 2014-02-22 17:49 - 00189784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-06-29 13:58 - 2014-02-22 17:49 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-06-29 13:58 - 2014-02-22 17:49 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2014-06-29 13:58 - 2014-02-22 17:44 - 00924504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2014-06-29 13:58 - 2014-02-22 17:43 - 00142576 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2014-06-29 13:58 - 2014-02-22 17:43 - 00094560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2014-06-29 13:58 - 2014-02-22 16:52 - 00251504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powrprof.dll
2014-06-29 13:58 - 2014-02-22 16:51 - 00140456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2014-06-29 13:58 - 2014-02-22 16:42 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2014-06-29 13:58 - 2014-02-22 16:42 - 00137344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2014-06-29 13:58 - 2014-02-22 16:41 - 00033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2014-06-29 13:58 - 2014-02-22 16:38 - 00506120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2014-06-29 13:58 - 2014-02-22 16:25 - 00180240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-06-29 13:58 - 2014-02-22 16:18 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RestoreOptIn.exe
2014-06-29 13:58 - 2014-02-22 16:18 - 00041320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2014-06-29 13:58 - 2014-02-22 16:18 - 00029912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2014-06-29 13:58 - 2014-02-22 16:08 - 00079496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2014-06-29 13:58 - 2014-02-22 14:20 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2014-06-29 13:58 - 2014-02-22 14:20 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2014-06-29 13:58 - 2014-02-22 14:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2014-06-29 13:58 - 2014-02-22 14:14 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2014-06-29 13:58 - 2014-02-22 14:09 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2014-06-29 13:58 - 2014-02-22 14:07 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\clrhost.dll
2014-06-29 13:58 - 2014-02-22 14:06 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-06-29 13:58 - 2014-02-22 13:50 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2014-06-29 13:58 - 2014-02-22 13:47 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2014-06-29 13:58 - 2014-02-22 13:41 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PkgMgr.exe
2014-06-29 13:58 - 2014-02-22 13:34 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2014-06-29 13:58 - 2014-02-22 13:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2014-06-29 13:58 - 2014-02-22 13:22 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-06-29 13:58 - 2014-02-22 13:17 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2014-06-29 13:58 - 2014-02-22 13:16 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2014-06-29 13:58 - 2014-02-22 13:16 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clrhost.dll
2014-06-29 13:58 - 2014-02-22 13:15 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2014-06-29 13:58 - 2014-02-22 13:14 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cleanmgr.exe
2014-06-29 13:58 - 2014-02-22 13:05 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2014-06-29 13:58 - 2014-02-22 13:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2014-06-29 13:58 - 2014-02-22 13:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2014-06-29 13:58 - 2014-02-22 13:01 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2014-06-29 13:58 - 2014-02-22 12:59 - 01283584 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2014-06-29 13:58 - 2014-02-22 12:56 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2014-06-29 13:58 - 2014-02-22 12:56 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2014-06-29 13:58 - 2014-02-22 12:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2014-06-29 13:58 - 2014-02-22 12:51 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2014-06-29 13:58 - 2014-02-22 12:41 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2014-06-29 13:58 - 2014-02-22 12:33 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2014-06-29 13:58 - 2014-02-22 12:30 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cleanmgr.exe
2014-06-29 13:58 - 2014-02-22 12:28 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-06-29 13:58 - 2014-02-22 12:27 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2014-06-29 13:58 - 2014-02-22 12:18 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2014-06-29 13:58 - 2014-02-22 12:17 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2014-06-29 13:58 - 2014-02-22 12:16 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2014-06-29 13:58 - 2014-02-22 12:16 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2014-06-29 13:58 - 2014-02-22 12:14 - 02165760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2014-06-29 13:58 - 2014-02-22 12:14 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2014-06-29 13:58 - 2014-02-22 12:13 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2014-06-29 13:58 - 2014-02-22 12:13 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2014-06-29 13:58 - 2014-02-22 12:12 - 00797696 _____ (Microsoft Corporation) C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2014-06-29 13:58 - 2014-02-22 12:09 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2014-06-29 13:58 - 2014-02-22 12:04 - 00935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2014-06-29 13:58 - 2014-02-22 12:04 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2014-06-29 13:58 - 2014-02-22 12:04 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2014-06-29 13:58 - 2014-02-22 12:03 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-06-29 13:58 - 2014-02-22 12:00 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2014-06-29 13:58 - 2014-02-22 11:56 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2014-06-29 13:58 - 2014-02-22 11:54 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-06-29 13:58 - 2014-02-22 11:49 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2014-06-29 13:58 - 2014-02-22 11:45 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2014-06-29 13:58 - 2014-02-22 11:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2014-06-29 13:58 - 2014-02-22 11:45 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-06-29 13:58 - 2014-02-22 11:44 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\korwbrkr.dll
2014-06-29 13:58 - 2014-02-22 11:40 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2014-06-29 13:58 - 2014-02-22 11:36 - 01392640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-06-29 13:58 - 2014-02-22 11:36 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2014-06-29 13:58 - 2014-02-22 11:36 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2014-06-29 13:58 - 2014-02-22 11:31 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-06-29 13:58 - 2014-02-22 11:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2014-06-29 13:58 - 2014-02-22 11:25 - 00399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2014-06-29 13:58 - 2014-02-22 11:25 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-06-29 13:58 - 2014-02-22 11:25 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2014-06-29 13:58 - 2014-02-22 11:22 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2014-06-29 13:58 - 2014-02-22 11:18 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2014-06-29 13:58 - 2014-02-22 11:09 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2014-06-29 13:58 - 2014-02-22 11:08 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-06-29 13:58 - 2014-02-22 11:07 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2014-06-29 13:58 - 2014-02-22 11:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2014-06-29 13:58 - 2014-02-22 11:02 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-06-29 13:58 - 2014-02-22 10:55 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2014-06-29 13:58 - 2014-02-22 10:54 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2014-06-29 13:58 - 2014-02-22 10:54 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2014-06-29 13:58 - 2014-02-22 10:52 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-06-29 13:58 - 2014-02-22 10:48 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-06-29 13:58 - 2014-02-22 10:48 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2014-06-29 13:58 - 2014-02-22 10:47 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AltTab.dll
2014-06-29 13:58 - 2014-02-22 10:46 - 03312128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2014-06-29 13:58 - 2014-02-22 10:44 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2014-06-29 13:58 - 2014-02-22 10:44 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2014-06-29 13:58 - 2014-02-22 10:44 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-06-29 13:58 - 2014-02-22 10:43 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2014-06-29 13:58 - 2014-02-22 10:42 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2014-06-29 13:58 - 2014-02-22 10:42 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-06-29 13:58 - 2014-02-22 10:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2014-06-29 13:58 - 2014-02-22 10:39 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2014-06-29 13:58 - 2014-02-22 10:38 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2014-06-29 13:58 - 2014-02-22 10:38 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-06-29 13:58 - 2014-02-22 10:31 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-06-29 13:58 - 2014-02-22 10:29 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2014-06-29 13:58 - 2014-02-22 10:22 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-06-29 13:58 - 2014-02-22 09:54 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2014-06-29 13:58 - 2014-01-31 11:35 - 03085824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2014-06-29 13:58 - 2014-01-31 11:15 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-06-29 13:58 - 2014-01-31 11:08 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-06-29 13:58 - 2014-01-31 11:04 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2014-06-29 13:58 - 2014-01-29 02:18 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2014-06-29 13:58 - 2014-01-27 21:53 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2014-06-29 13:58 - 2014-01-27 21:48 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2014-06-29 13:58 - 2014-01-27 20:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-06-29 13:58 - 2014-01-27 19:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-06-29 13:58 - 2014-01-22 08:21 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2014-06-29 13:58 - 2014-01-17 19:04 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2014-06-29 13:58 - 2014-01-08 02:33 - 00552632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-06-29 13:58 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-06-29 13:58 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-06-29 13:58 - 2013-12-04 20:41 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2014-06-29 13:58 - 2013-12-04 17:54 - 00660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-06-29 13:58 - 2013-12-04 15:53 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-06-29 13:58 - 2013-11-27 11:10 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2014-06-29 13:57 - 2014-02-22 17:59 - 00027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2014-06-29 13:57 - 2014-02-22 14:17 - 00902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2014-06-29 13:57 - 2014-02-22 14:17 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2014-06-29 13:57 - 2014-02-22 14:17 - 00874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2014-06-29 13:57 - 2014-02-22 14:17 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\f3ahvoas.dll
2014-06-29 13:57 - 2014-02-22 14:14 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2014-06-29 13:57 - 2014-02-22 14:08 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2014-06-29 13:57 - 2014-02-22 14:07 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2014-06-29 13:57 - 2014-02-22 14:04 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2014-06-29 13:57 - 2014-02-22 14:03 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2014-06-29 13:57 - 2014-02-22 14:03 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2014-06-29 13:57 - 2014-02-22 14:01 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\spcompat.dll
2014-06-29 13:57 - 2014-02-22 14:00 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2014-06-29 13:57 - 2014-02-22 13:59 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgrade.exe
2014-06-29 13:57 - 2014-02-22 13:57 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-06-29 13:57 - 2014-02-22 13:50 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2014-06-29 13:57 - 2014-02-22 13:47 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsdyn.dll
2014-06-29 13:57 - 2014-02-22 13:47 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2014-06-29 13:57 - 2014-02-22 13:46 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-06-29 13:57 - 2014-02-22 13:45 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-06-29 13:57 - 2014-02-22 13:45 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll
2014-06-29 13:57 - 2014-02-22 13:42 - 00038680 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2014-06-29 13:57 - 2014-02-22 13:37 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2014-06-29 13:57 - 2014-02-22 13:32 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2014-06-29 13:57 - 2014-02-22 13:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2014-06-29 13:57 - 2014-02-22 13:25 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-06-29 13:57 - 2014-02-22 13:25 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2014-06-29 13:57 - 2014-02-22 13:24 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2014-06-29 13:57 - 2014-02-22 13:24 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2014-06-29 13:57 - 2014-02-22 13:24 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2014-06-29 13:57 - 2014-02-22 13:24 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SSShim.dll
2014-06-29 13:57 - 2014-02-22 13:22 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-06-29 13:57 - 2014-02-22 13:16 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-06-29 13:57 - 2014-02-22 13:16 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2014-06-29 13:57 - 2014-02-22 13:13 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2014-06-29 13:57 - 2014-02-22 13:11 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2014-06-29 13:57 - 2014-02-22 13:09 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2014-06-29 13:57 - 2014-02-22 13:08 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2014-06-29 13:57 - 2014-02-22 13:05 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2014-06-29 13:57 - 2014-02-22 13:05 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentHost.dll
2014-06-29 13:57 - 2014-02-22 13:04 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2014-06-29 13:57 - 2014-02-22 13:02 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2014-06-29 13:57 - 2014-02-22 13:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-06-29 13:57 - 2014-02-22 12:59 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2014-06-29 13:57 - 2014-02-22 12:58 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2014-06-29 13:57 - 2014-02-22 12:58 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAConn.dll
2014-06-29 13:57 - 2014-02-22 12:57 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2014-06-29 13:57 - 2014-02-22 12:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-06-29 13:57 - 2014-02-22 12:55 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2014-06-29 13:57 - 2014-02-22 12:55 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2014-06-29 13:57 - 2014-02-22 12:53 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PkgMgr.exe
2014-06-29 13:57 - 2014-02-22 12:50 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskpart.exe
2014-06-29 13:57 - 2014-02-22 12:47 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2014-06-29 13:57 - 2014-02-22 12:47 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2014-06-29 13:57 - 2014-02-22 12:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-06-29 13:57 - 2014-02-22 12:46 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2014-06-29 13:57 - 2014-02-22 12:41 - 02566656 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2014-06-29 13:57 - 2014-02-22 12:40 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-06-29 13:57 - 2014-02-22 12:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-06-29 13:57 - 2014-02-22 12:36 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-06-29 13:57 - 2014-02-22 12:35 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2014-06-29 13:57 - 2014-02-22 12:34 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe
2014-06-29 13:57 - 2014-02-22 12:32 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2014-06-29 13:57 - 2014-02-22 12:25 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2014-06-29 13:57 - 2014-02-22 12:21 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2014-06-29 13:57 - 2014-02-22 12:21 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2014-06-29 13:57 - 2014-02-22 12:20 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2014-06-29 13:57 - 2014-02-22 12:18 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-06-29 13:57 - 2014-02-22 12:17 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2014-06-29 13:57 - 2014-02-22 12:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2014-06-29 13:57 - 2014-02-22 12:13 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-06-29 13:57 - 2014-02-22 12:12 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2014-06-29 13:57 - 2014-02-22 12:09 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2014-06-29 13:57 - 2014-02-22 12:09 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-29 13:57 - 2014-02-22 11:54 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2014-06-29 13:57 - 2014-02-22 11:53 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-06-29 13:57 - 2014-02-22 11:52 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2014-06-29 13:57 - 2014-02-22 11:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2014-06-29 13:57 - 2014-02-22 11:48 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2014-06-29 13:57 - 2014-02-22 11:46 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2014-06-29 13:57 - 2014-02-22 11:45 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2014-06-29 13:57 - 2014-02-22 11:43 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-06-29 13:57 - 2014-02-22 11:41 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-06-29 13:57 - 2014-02-22 11:39 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2014-06-29 13:57 - 2014-02-22 11:37 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-06-29 13:57 - 2014-02-22 11:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2014-06-29 13:57 - 2014-02-22 11:29 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2014-06-29 13:57 - 2014-02-22 11:28 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2014-06-29 13:57 - 2014-02-22 11:27 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-06-29 13:57 - 2014-02-22 11:26 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-06-29 13:57 - 2014-02-22 11:26 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2014-06-29 13:57 - 2014-02-22 11:25 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2014-06-29 13:57 - 2014-02-22 11:23 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2014-06-29 13:57 - 2014-02-22 11:22 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2014-06-29 13:57 - 2014-02-22 11:19 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-06-29 13:57 - 2014-02-22 11:19 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-06-29 13:57 - 2014-02-22 11:16 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxshared.dll
2014-06-29 13:57 - 2014-02-22 11:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2014-06-29 13:57 - 2014-02-22 11:06 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2014-06-29 13:57 - 2014-02-22 11:04 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\slpts.dll
2014-06-29 13:57 - 2014-02-22 11:02 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2014-06-29 13:57 - 2014-02-22 10:58 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-06-29 13:57 - 2014-02-22 10:55 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2014-06-29 13:57 - 2014-02-22 10:55 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\energytask.dll
2014-06-29 13:57 - 2014-02-22 10:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slpts.dll
2014-06-29 13:57 - 2014-02-22 10:55 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2014-06-29 13:57 - 2014-02-22 10:54 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AepRoam.dll
2014-06-29 13:57 - 2014-02-22 10:51 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2014-06-29 13:57 - 2014-02-22 10:49 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-06-29 13:57 - 2014-02-22 10:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2014-06-29 13:57 - 2014-02-22 10:48 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2014-06-29 13:57 - 2014-02-22 10:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2014-06-29 13:57 - 2014-02-22 10:47 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2014-06-29 13:57 - 2014-02-22 10:45 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2014-06-29 13:57 - 2014-02-22 10:45 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2014-06-29 13:57 - 2014-02-22 10:44 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2014-06-29 13:57 - 2014-02-22 10:43 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Renewal.dll
2014-06-29 13:57 - 2014-02-22 10:40 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2014-06-29 13:57 - 2014-02-22 10:39 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll
2014-06-29 13:57 - 2014-02-22 10:35 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2014-06-29 13:57 - 2014-02-22 10:33 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2014-06-29 13:57 - 2014-02-22 10:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2014-06-29 13:57 - 2014-02-22 10:30 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2014-06-29 13:57 - 2014-02-22 10:24 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2014-06-29 13:57 - 2014-02-22 10:20 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2014-06-29 13:57 - 2014-02-22 10:19 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2014-06-29 13:57 - 2014-02-22 10:17 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2014-06-29 13:57 - 2014-02-22 10:17 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2014-06-29 13:57 - 2014-02-01 08:00 - 00002255 _____ () C:\WINDOWS\SysWOW64\WimBootCompress.ini
2014-06-29 13:57 - 2014-02-01 08:00 - 00002255 _____ () C:\WINDOWS\system32\WimBootCompress.ini
2014-06-29 13:57 - 2014-01-31 14:09 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2014-06-29 13:57 - 2014-01-31 11:19 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2014-06-29 13:57 - 2014-01-31 10:24 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-06-29 13:57 - 2014-01-29 10:40 - 00994136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2014-06-29 13:57 - 2014-01-22 07:50 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2014-06-29 13:57 - 2014-01-07 09:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-06-29 13:57 - 2014-01-07 07:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-06-29 13:57 - 2013-12-04 16:19 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-06-29 13:57 - 2013-11-27 10:56 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2014-06-29 13:56 - 2014-02-22 14:17 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-06-29 13:56 - 2014-02-22 14:17 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-06-29 13:56 - 2014-02-22 14:17 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-06-29 13:56 - 2014-02-22 14:17 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-06-29 13:56 - 2014-02-22 14:08 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncui.dll
2014-06-29 13:56 - 2014-02-22 14:08 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2014-06-29 13:56 - 2014-02-22 14:08 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2014-06-29 13:56 - 2014-02-22 14:08 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2014-06-29 13:56 - 2014-02-22 14:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2014-06-29 13:56 - 2014-02-22 13:48 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ocsetapi.dll
2014-06-29 13:56 - 2014-02-22 13:39 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvcctl.dll
2014-06-29 13:56 - 2014-02-22 13:25 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\f3ahvoas.dll
2014-06-29 13:56 - 2014-02-22 13:25 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-06-29 13:56 - 2014-02-22 13:25 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2014-06-29 13:56 - 2014-02-22 13:24 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-06-29 13:56 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-06-29 13:56 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-06-29 13:56 - 2014-02-22 13:17 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-06-29 13:56 - 2014-02-22 13:16 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-06-29 13:56 - 2014-02-22 13:08 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2014-06-29 13:56 - 2014-02-22 13:07 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\scavengeui.dll
2014-06-29 13:56 - 2014-02-22 13:07 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2014-06-29 13:56 - 2014-02-22 13:07 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-06-29 13:56 - 2014-02-22 12:59 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ocsetapi.dll
2014-06-29 13:56 - 2014-02-22 12:47 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2014-06-29 13:56 - 2014-02-22 12:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitagent.exe
2014-06-29 13:56 - 2014-02-22 12:27 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-06-29 13:56 - 2014-02-22 12:03 - 02544128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2014-06-29 13:56 - 2014-02-22 11:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2014-06-29 13:56 - 2014-02-22 11:54 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2014-06-29 13:56 - 2014-02-22 11:53 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-06-29 13:56 - 2014-02-22 11:51 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2014-06-29 13:56 - 2014-02-22 11:48 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2014-06-29 13:56 - 2014-02-22 11:27 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2014-06-29 13:56 - 2014-02-22 11:23 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2014-06-29 13:56 - 2014-02-22 11:19 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\korwbrkr.dll
2014-06-29 13:56 - 2014-02-22 10:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-06-29 13:56 - 2014-02-22 10:55 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2014-06-29 13:56 - 2014-02-22 10:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2014-06-29 13:56 - 2014-02-22 10:39 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2014-06-29 13:56 - 2014-02-22 10:22 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2014-06-29 13:56 - 2014-02-22 10:20 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2014-06-29 13:56 - 2014-02-22 06:43 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2014-06-29 13:56 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-06-29 13:56 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-06-29 13:56 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-06-29 13:56 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-06-29 13:56 - 2014-02-08 03:08 - 00100197 _____ () C:\WINDOWS\SysWOW64\RacRules.xml
2014-06-29 13:56 - 2014-02-08 03:08 - 00100197 _____ () C:\WINDOWS\system32\RacRules.xml
2014-06-29 13:56 - 2014-02-01 08:00 - 00011109 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-06-29 13:56 - 2014-02-01 08:00 - 00011109 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-06-29 13:56 - 2014-02-01 08:00 - 00007762 _____ () C:\WINDOWS\SysWOW64\connectedsearch-suggestions.searchconnector-ms
2014-06-29 13:56 - 2014-02-01 08:00 - 00007762 _____ () C:\WINDOWS\system32\connectedsearch-suggestions.searchconnector-ms
2014-06-29 13:56 - 2014-02-01 08:00 - 00007130 _____ () C:\WINDOWS\SysWOW64\connectedsearch-zeroinput.searchconnector-ms
2014-06-29 13:56 - 2014-02-01 08:00 - 00007130 _____ () C:\WINDOWS\system32\connectedsearch-zeroinput.searchconnector-ms
2014-06-29 13:56 - 2014-01-27 13:45 - 00050053 _____ () C:\WINDOWS\system32\srms.dat
2014-06-29 13:56 - 2014-01-04 17:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-06-29 13:56 - 2014-01-04 17:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-06-29 13:56 - 2013-12-21 10:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-06-29 13:56 - 2013-11-27 11:47 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\finger.exe
2014-06-29 13:56 - 2013-11-27 11:20 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\finger.exe
2014-06-28 17:12 - 2014-06-28 17:22 - 00000000 ____D () C:\Users\sarah\AppData\Local\Rocket
2014-06-28 17:09 - 2014-07-03 01:09 - 00000310 _____ () C:\WINDOWS\Tasks\Rocket Updater.job
2014-06-28 17:09 - 2014-06-28 17:09 - 00002648 _____ () C:\WINDOWS\System32\Tasks\Rocket Updater
2014-06-27 23:50 - 2014-07-01 11:10 - 00000360 _____ () C:\Users\sarah\Documents\plot.log
2014-06-27 16:21 - 2014-07-02 18:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-27 00:40 - 2014-06-27 00:40 - 00000183 _____ () C:\Users\sarah\Documents\acad.err
2014-06-26 23:25 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-06-26 23:25 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

==================== One Month Modified Files and Folders =======

2014-07-03 01:25 - 2014-07-02 19:48 - 00020612 _____ () C:\Users\sarah\Downloads\FRST.txt
2014-07-03 01:24 - 2014-07-02 19:47 - 00000000 ___DC () C:\FRST
2014-07-03 01:09 - 2014-06-28 17:09 - 00000310 _____ () C:\WINDOWS\Tasks\Rocket Updater.job
2014-07-03 01:03 - 2014-01-15 19:23 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-03 01:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-02 23:59 - 2014-07-02 00:04 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-02 23:37 - 2013-11-27 21:46 - 01916075 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-02 22:55 - 2014-07-02 22:54 - 02347384 _____ (ESET) C:\Users\sarah\Downloads\esetsmartinstaller_deu.exe
2014-07-02 22:46 - 2013-10-22 20:05 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1935119182-1679436706-1176497648-1002
2014-07-02 22:38 - 2014-07-02 22:38 - 00016018 _____ () C:\Users\sarah\Desktop\HitmanPro_20140702_2238.log
2014-07-02 22:36 - 2013-12-15 15:08 - 00000000 ____D () C:\Users\sarah\AppData\Local\Akamai
2014-07-02 22:33 - 2014-07-02 22:33 - 00001146 _____ () C:\Users\sarah\Desktop\malware1.txt
2014-07-02 22:31 - 2014-07-02 22:30 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-02 22:30 - 2014-07-02 22:30 - 00001925 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-07-02 22:30 - 2014-07-02 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-07-02 22:30 - 2014-07-02 22:30 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-02 22:28 - 2014-07-02 22:28 - 11185664 _____ (SurfRight B.V.) C:\Users\sarah\Downloads\HitmanPro_x64.exe
2014-07-02 21:42 - 2013-12-03 14:27 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2E685DB1-FF1E-47C9-9B9C-C1908390CE52}
2014-07-02 21:41 - 2014-07-02 21:41 - 00000000 ___RD () C:\Users\sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-02 21:41 - 2013-11-27 22:27 - 00000000 __RDO () C:\Users\sarah\SkyDrive
2014-07-02 21:40 - 2014-07-02 21:40 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\Vorlagen
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\Startmenü
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\Netzwerkumgebung
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\Lokale Einstellungen
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\Eigene Dateien
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\Druckumgebung
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Musik
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Bilder
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Verlauf
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Anwendungsdaten
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 _SHDL () C:\Users\TEMP\Anwendungsdaten
2014-07-02 21:40 - 2014-07-02 21:40 - 00000000 ____D () C:\Users\TEMP
2014-07-02 21:38 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-02 21:38 - 2012-08-03 04:28 - 00000000 ____D () C:\ProgramData\McAfee
2014-07-02 21:37 - 2013-09-29 21:04 - 00170612 _____ () C:\WINDOWS\PFRO.log
2014-07-02 21:37 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-02 21:36 - 2014-07-02 21:25 - 00000000 ___DC () C:\AdwCleaner
2014-07-02 21:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-02 21:04 - 2014-02-02 21:26 - 00000000 ____D () C:\Users\sarah\AppData\Local\CrashDumps
2014-07-02 20:55 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-07-02 20:54 - 2012-07-26 07:37 - 00000000 ____D () C:\Users\Default.migrated
2014-07-02 20:47 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-02 19:50 - 2014-07-02 19:49 - 00043346 _____ () C:\Users\sarah\Downloads\Addition.txt
2014-07-02 19:47 - 2014-07-02 19:46 - 02083840 _____ (Farbar) C:\Users\sarah\Downloads\FRST64.exe
2014-07-02 19:46 - 2014-07-02 00:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-02 19:05 - 2014-07-02 19:04 - 00014138 _____ () C:\Users\sarah\Desktop\maleware.txt
2014-07-02 18:59 - 2014-07-02 18:59 - 00013181 _____ () C:\Users\sarah\Desktop\malwarebytes.txt
2014-07-02 18:55 - 2014-06-27 16:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-02 00:21 - 2014-07-02 21:40 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-02 00:21 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-02 00:21 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-02 00:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-07-02 00:21 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-07-02 00:04 - 2014-07-02 00:04 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-02 00:04 - 2014-07-02 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-02 00:03 - 2014-07-02 00:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-02 00:02 - 2014-07-02 00:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\sarah\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-01 23:57 - 2012-07-26 07:26 - 00000301 _____ () C:\WINDOWS\win.ini
2014-07-01 20:53 - 2014-07-01 20:53 - 00000000 ____D () C:\Users\sarah\AppData\Roaming\Avira
2014-07-01 20:48 - 2014-07-01 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-01 20:47 - 2014-07-01 20:36 - 00000000 ____D () C:\ProgramData\Avira
2014-07-01 20:47 - 2014-07-01 20:36 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-01 20:36 - 2014-07-01 20:36 - 00001157 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-07-01 20:36 - 2014-07-01 20:36 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-01 20:15 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-01 20:04 - 2013-08-22 16:46 - 00385523 _____ () C:\WINDOWS\setupact.log
2014-07-01 20:01 - 2013-09-30 06:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-01 20:01 - 2013-09-30 05:56 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-01 20:01 - 2013-09-30 05:56 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-01 20:00 - 2014-01-19 12:59 - 00000000 ____D () C:\Users\sarah\Desktop\Neuer Ordner (11)
2014-07-01 19:59 - 2012-11-19 11:41 - 01474560 ___SH () C:\Users\sarah\Desktop\Thumbs.db
2014-07-01 19:57 - 2014-07-01 19:57 - 00000000 ____D () C:\Users\sarah\AppData\Roaming\Atheros
2014-07-01 19:57 - 2014-07-01 19:57 - 00000000 ____D () C:\ProgramData\Atheros
2014-07-01 19:56 - 2013-11-27 21:52 - 00000000 ____D () C:\Users\sarah
2014-07-01 19:54 - 2013-08-22 16:44 - 00555704 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-01 19:51 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-01 19:51 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-07-01 19:51 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-01 19:51 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-07-01 19:47 - 2013-11-27 21:52 - 00000000 ____D () C:\Users\UpdatusUser.000
2014-07-01 17:05 - 2014-07-01 17:03 - 00000000 ____D () C:\Program Files\Common Files\QCA_Bluetooth
2014-07-01 17:04 - 2014-07-01 17:04 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2014-07-01 17:04 - 2014-07-01 17:03 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2014-07-01 17:04 - 2013-08-22 16:46 - 00001982 _____ () C:\WINDOWS\setuperr.log
2014-07-01 16:54 - 2014-01-20 15:14 - 00000000 ____D () C:\Users\sarah\Documents\Bluetooth Folder
2014-07-01 16:49 - 2014-07-01 16:49 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-07-01 16:49 - 2014-07-01 16:49 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-07-01 16:49 - 2014-07-01 16:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-07-01 16:49 - 2014-07-01 16:49 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-07-01 16:49 - 2014-07-01 16:49 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-07-01 16:49 - 2014-07-01 16:49 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-07-01 16:49 - 2014-07-01 16:49 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-07-01 16:49 - 2014-07-01 16:49 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-07-01 14:00 - 2014-07-01 14:00 - 00000000 __SHD () C:\Users\sarah\AppData\Local\EmieUserList
2014-07-01 14:00 - 2014-07-01 14:00 - 00000000 __SHD () C:\Users\sarah\AppData\Local\EmieSiteList
2014-07-01 13:01 - 2014-07-02 21:40 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-01 13:01 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-01 13:01 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-01 13:01 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-01 13:01 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-07-01 13:01 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-07-01 13:01 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-07-01 13:01 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-07-01 13:01 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-07-01 13:01 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-07-01 13:01 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-07-01 13:01 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-07-01 13:01 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\servicing
2014-07-01 13:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-07-01 13:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-07-01 13:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-07-01 13:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-07-01 13:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-07-01 13:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-07-01 12:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-07-01 12:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-07-01 12:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-07-01 12:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-07-01 12:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-07-01 12:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-07-01 12:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-07-01 12:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-07-01 12:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-07-01 12:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-07-01 12:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-07-01 12:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-07-01 12:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-07-01 12:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-07-01 12:59 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-07-01 12:59 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-07-01 12:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-07-01 12:58 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-07-01 12:47 - 2013-10-28 00:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-01 11:10 - 2014-06-27 23:50 - 00000360 _____ () C:\Users\sarah\Documents\plot.log
2014-06-29 19:58 - 2014-06-29 19:58 - 00109120 _____ () C:\Users\sarah\Desktop\Verkehr 3.1.dwg
2014-06-28 17:22 - 2014-06-28 17:12 - 00000000 ____D () C:\Users\sarah\AppData\Local\Rocket
2014-06-28 17:09 - 2014-06-28 17:09 - 00002648 _____ () C:\WINDOWS\System32\Tasks\Rocket Updater
2014-06-28 10:55 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-28 00:10 - 2013-10-24 20:54 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-27 00:40 - 2014-06-27 00:40 - 00000183 _____ () C:\Users\sarah\Documents\acad.err
2014-06-25 18:38 - 2014-02-01 21:15 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-25 18:38 - 2014-02-01 21:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-06-24 20:39 - 2014-07-01 20:47 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-06-24 20:39 - 2014-07-01 20:47 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-06-24 20:39 - 2014-07-01 20:47 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys

Some content of TEMP:
====================
C:\Users\sarah\AppData\Local\Temp\0274471404327215mcinst.exe
C:\Users\sarah\AppData\Local\Temp\AcDeltree.exe
C:\Users\sarah\AppData\Local\Temp\avgnt.exe
C:\Users\sarah\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-02 21:49


==================== End Of Log ============================
ja ich penn auch schon ein :-P danke bis morgen :-)

was muss ich jetzt machen?

deeprybka 03.07.2014 10:41
Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...st/frstfix.png

Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
SearchScopes: HKLM - DefaultScope {9751BD22-06D2-4E30-A655-E3E74711C0A5} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAtD0FtBzyyByD0F0FyB0BtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StAyCtDtCyE0C0A0CtGtDyD0EyCtGtAtDyD0CtGyB0B0FyBtGyC0FtCtAtDyDyBtCyBtAzztA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0EyCtB0EtAtDtGyCyD0BzztGzy0CyB0BtGzyyE0DtBtGyByBzy0E0A0BtByCyByBtB0A2Q&cr=1568073730&ir=
SearchScopes: HKLM - {9751BD22-06D2-4E30-A655-E3E74711C0A5} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAtD0FtBzyyByD0F0FyB0BtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StAyCtDtCyE0C0A0CtGtDyD0EyCtGtAtDyD0CtGyB0B0FyBtGyC0FtCtAtDyDyBtCyBtAzztA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0EyCtB0EtAtDtGyCyD0BzztGzy0CyB0BtGzyyE0DtBtGyByBzy0E0A0BtByCyByBtB0A2Q&cr=1568073730&ir=
SearchScopes: HKCU - DefaultScope {9751BD22-06D2-4E30-A655-E3E74711C0A5} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAtD0FtBzyyByD0F0FyB0BtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StAyCtDtCyE0C0A0CtGtDyD0EyCtGtAtDyD0CtGyB0B0FyBtGyC0FtCtAtDyDyBtCyBtAzztA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0EyCtB0EtAtDtGyCyD0BzztGzy0CyB0BtGzyyE0DtBtGyByBzy0E0A0BtByCyByBtB0A2Q&cr=1568073730&ir=
SearchScopes: HKCU - {9751BD22-06D2-4E30-A655-E3E74711C0A5} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAtD0FtBzyyByD0F0FyB0BtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StAyCtDtCyE0C0A0CtGtDyD0EyCtGtAtDyD0CtGyB0B0FyBtGyC0FtCtAtDyDyBtCyBtAzztA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0EyCtB0EtAtDtGyCyD0BzztGzy0CyB0BtGzyyE0DtBtGyByBzy0E0A0BtByCyByBtB0A2Q&cr=1568073730&ir=
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Fix-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.

Schritt 2

Datenträgerbereinigung Windows 8 / 8.1
  • Drücke die Windowstaste + Q
  • Gebe im Suchfeld Datenträgerbereinigung ein
  • Wähle die Option: Speicherplatz durch Löschen nicht erforderlicher Dateien freigeben und wähle Dein Festplattenlaufwerk aus
  • Prüfe ob bei Temporäre Dateien die checkbox gesetzt ist
  • Bestätige mit OK
  • Bestätige dass Du die Dateien unwiderruflich löschen möchtest.

Java installieren.

Flash-Link mit dem Internetexplorer aufrufen. Flash aktualisieren. Optionale Angebote ablehnen.
Das Programm hier kannste dann deinstallieren.
Code:
Adobe Flash Player 13 Plugin
http://s14.directupload.net/images/140701/fogq5h2s.png
Cleanup:

Alle Logs gepostet? Ja! Dann lade Dir bitte http://filepony.de/icon/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.




>>clean<<
Wir haben es geschafft! :abklatsch:
Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:
Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. ;)

http://www.trojaner-board.de/extra/lesestoff.pngWie kann ich mich in Zukunft besser schützen?

Tipps, Dos & Don'ts

http://deeprybka.trojaner-board.de/b...ast/schild.pngUpdates & Software
Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.

Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.



http://deeprybka.trojaner-board.de/b...ast/schild.pngFirewall, Antivirus & Co.
http://s1.directupload.net/images/140701/eivrliwa.pngCracks, Downloads & Co.


Neben unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert.
Der Besuch dubioser Websites kann bereits Risiken bergen. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
Illegale Cracks, Keygens und Serials sind ein ausgesprochen einfacher und beliebter Weg um Malware zu verbreiten.
Bei Dateien aus Peer-to-Peer- und Filesharingprogrammen oder von Filehostern kann man nie sicher sein, ob auch wirklich drin ist, was drauf steht. (Trojanisches Pferd^^)
Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden zu verleiten, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
  • Surfe daher mit Vorsicht und klicke mit Verstand.
  • Sei skeptisch bei unerwarteten E-Mails, insbesondere wenn sie Anhänge enthalten. Auch wenn sie auf den ersten Blick authentisch wirken, persönliche Daten von Dir enthalten oder vermeintlich von einem bekannten Absender stammen: Lieber nochmals in Ruhe überdenken oder nachfragen, anstatt einfach mal Links oder ausführbare Anhänge öffnen oder irgendwo Deine Daten eingeben.
  • Auch in sozialen Netzwerken oder über Instant Messaging Systeme können schädliche Links oder Dateien die Runde machen. Erhältst Du von einem Deiner Freunde eine Nachricht, die merkwürdig ist oder so sensationell interessant, dass man einfach draufklicken muss, dann hat bei ihm/ihr wahrscheinlich Neugier über Verstand gesiegt und Du solltest nicht denselben Fehler machen.

Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
  • Lade Software in erster Priorität immer direkt vom Hersteller herunter. Viele Softwareportale (z.B. Softonic) packen noch unnützes Zeug mit in die Installation. Alternativ dazu wähle ein sauberes Portal wie Filepony oder heise.
  • Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
  • Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Sarah09 03.07.2014 12:16
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-07-2014
Ran by sarah at 2014-07-03 13:08:41 Run:1
Running from C:\Users\sarah\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKLM - DefaultScope {9751BD22-06D2-4E30-A655-E3E74711C0A5} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAtD0FtBzyyByD0F0FyB0BtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StAyCtDtCyE0C0A0CtGtDyD0EyCtGtAtDyD0CtGyB0B0FyBtGyC0FtCtAtDyDyBtCyBtAzztA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0EyCtB0EtAtDtGyCyD0BzztGzy0CyB0BtGzyyE0DtBtGyByBzy0E0A0BtByCyByBtB0A2Q&cr=1568073730&ir=
SearchScopes: HKLM - {9751BD22-06D2-4E30-A655-E3E74711C0A5} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAtD0FtBzyyByD0F0FyB0BtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StAyCtDtCyE0C0A0CtGtDyD0EyCtGtAtDyD0CtGyB0B0FyBtGyC0FtCtAtDyDyBtCyBtAzztA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0EyCtB0EtAtDtGyCyD0BzztGzy0CyB0BtGzyyE0DtBtGyByBzy0E0A0BtByCyByBtB0A2Q&cr=1568073730&ir=
SearchScopes: HKCU - DefaultScope {9751BD22-06D2-4E30-A655-E3E74711C0A5} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAtD0FtBzyyByD0F0FyB0BtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StAyCtDtCyE0C0A0CtGtDyD0EyCtGtAtDyD0CtGyB0B0FyBtGyC0FtCtAtDyDyBtCyBtAzztA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0EyCtB0EtAtDtGyCyD0BzztGzy0CyB0BtGzyyE0DtBtGyByBzy0E0A0BtByCyByBtB0A2Q&cr=1568073730&ir=
SearchScopes: HKCU - {9751BD22-06D2-4E30-A655-E3E74711C0A5} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_26_ff&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAtD0FtBzyyByD0F0FyB0BtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2StAyCtDtCyE0C0A0CtGtDyD0EyCtGtAtDyD0CtGyB0B0FyBtGyC0FtCtAtDyDyBtCyBtAzztA2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0EyCtB0EtAtDtGyCyD0BzztGzy0CyB0BtGzyyE0DtBtGyByBzy0E0A0BtByCyByBtB0A2Q&cr=1568073730&ir=
       
*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9751BD22-06D2-4E30-A655-E3E74711C0A5}' => Key deleted successfully.
'HKCR\CLSID\{9751BD22-06D2-4E30-A655-E3E74711C0A5}'=> Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9751BD22-06D2-4E30-A655-E3E74711C0A5}' => Key deleted successfully.
'HKCR\CLSID\{9751BD22-06D2-4E30-A655-E3E74711C0A5}'=> Key not found.

==== End of Fixlog ====
bei schritt 2 hat der Acer(C:) selbst ausgewählt und da ist auch bei heruntergeladene Programmdaten und Miniaturansicht ein Hacken

deeprybka 03.07.2014 12:27
Ok...;)


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:03 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27