Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows 7, Komplett freeze des gesammten Systems (https://www.trojaner-board.de/163317-windows-7-komplett-freeze-gesammten-systems.html)

Cpt_Chandler 28.01.2015 16:34
Windows 7, Komplett freeze des gesammten Systems
 
Hallo Community,

mein Name ist Dominic und ich habe folgendes Problem: Ich habe mein Laptop auf Werkszustand zurückgesetzt folgendes Problem entsteht jetzt.

Ich möchte meine Festplatte Defragmentieren oder nur im Teamspeak 3 Plaudern. Dann hängt sich die explorer.exe auf und alle anderen Programme. Ich komme nicht mit STRG-ALT-ENTF in das Menü. Ich muss meinen Laptop komplett neu starten. Irgendwie nervt es mich tierisch. Es hat ja vorher auch alles funktioniert.

Daten:

Acer Aspire 5253 (Laptop)
AMD Dual Core Processor E-350
AMD Radeon HD6310
1,6GHz Dual Core

Ich denke ihr könnt mir helfen.

mfg
Chandler

schrauber 28.01.2015 17:08
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Cpt_Chandler 28.01.2015 17:26
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by Dominic (administrator) on DOMINIC-PC on 28-01-2015 16:05:01
Running from C:\Users\Dominic\Downloads
Loaded Profiles: Dominic (Available profiles: Dominic)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1934127515-777576594-3349311130-1001\...\MountPoints2: {06572c8f-a665-11e4-9d8b-c0f8da2f4518} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKU\S-1-5-21-1934127515-777576594-3349311130-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startfenster.de
HKU\S-1-5-21-1934127515-777576594-3349311130-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM -> DefaultScope {C033D8E6-E3C5-4ED7-A349-ECD1FFC0F607} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {C033D8E6-E3C5-4ED7-A349-ECD1FFC0F607} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1934127515-777576594-3349311130-1001 -> DefaultScope {C033D8E6-E3C5-4ED7-A349-ECD1FFC0F607} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1934127515-777576594-3349311130-1001 -> {C033D8E6-E3C5-4ED7-A349-ECD1FFC0F607} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files\mcafee\msk\mskapbho64.dll ()
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110413235714.dll (McAfee, Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files\mcafee\msk\mskapbho.dll ()
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110413235714.dll (McAfee, Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-04-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-27]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.de/", "hxxp://www.google.com/"
CHR Profile: C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (OkayFreedom) - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\bckipplcmnfhblnpibpbehenelnkpecd [2015-01-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-27]
CHR Extension: (YouTube) - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-27]
CHR Extension: (Google-Suche) - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-27]
CHR Extension: (AdBlock) - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-27]
CHR Extension: (Google Wallet) - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-27]
CHR Extension: (Google Mail) - C:\Users\Dominic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-27]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-01-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 0140251422374920mcinstcleanup; C:\Windows\TEMP\014025~1.EXE [828032 2012-06-14] (McAfee, Inc.)
S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-27] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2015-01-27] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-27] (Avast Software)
S4 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
S4 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
S4 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
S4 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
S4 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
S4 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [509416 2009-12-31] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
S4 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199032 2010-01-06] (McAfee, Inc.)
S4 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [244840 2010-01-06] (McAfee, Inc.)
R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [148520 2010-01-06] (McAfee, Inc.)
S4 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
S4 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S4 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2011-02-15] (NTI Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-27] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2015-01-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-27] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2015-01-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-27] ()
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [62416 2010-01-06] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [121504 2010-01-06] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [189880 2010-01-06] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [440688 2010-01-06] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [528232 2010-01-06] (McAfee, Inc.)
R1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75288 2010-01-06] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [93840 2010-01-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [279752 2010-01-06] (McAfee, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-27] (Avast Software)
U3 pgliifod; \??\C:\Users\Dominic\AppData\Local\Temp\pgliifod.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 16:05 - 2015-01-28 16:07 - 00015979 _____ () C:\Users\Dominic\Downloads\FRST.txt
2015-01-28 16:05 - 2015-01-28 16:05 - 00380416 _____ () C:\Users\Dominic\Downloads\1xfwy44h.exe
2015-01-28 16:04 - 2015-01-28 16:05 - 00000000 ____D () C:\FRST
2015-01-28 16:04 - 2015-01-28 16:04 - 02129920 _____ (Farbar) C:\Users\Dominic\Downloads\FRST64.exe
2015-01-28 16:03 - 2015-01-28 16:03 - 00000476 _____ () C:\Users\Dominic\Downloads\defogger_disable.log
2015-01-28 16:02 - 2015-01-28 16:02 - 00000476 _____ () C:\Users\Dominic\Desktop\defogger_disable.log
2015-01-28 16:02 - 2015-01-28 16:02 - 00000000 _____ () C:\Users\Dominic\defogger_reenable
2015-01-28 16:01 - 2015-01-28 16:01 - 00050477 _____ () C:\Users\Dominic\Downloads\Defogger.exe
2015-01-28 15:43 - 2015-01-28 15:43 - 00000197 _____ () C:\Windows\system32\2015-01-28-14-43-22.003-AvastVBoxSVC.exe-2620.log
2015-01-28 13:44 - 2015-01-28 13:44 - 00000197 _____ () C:\Windows\system32\2015-01-28-12-44-18.019-AvastVBoxSVC.exe-2480.log
2015-01-28 12:23 - 2011-05-24 12:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-01-28 12:23 - 2011-05-24 11:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2015-01-28 12:23 - 2011-05-24 11:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2015-01-28 12:23 - 2011-05-24 11:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2015-01-28 12:23 - 2011-05-24 11:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2015-01-28 12:15 - 2011-05-03 06:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-01-28 12:15 - 2011-05-03 05:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-01-28 12:14 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-01-28 12:14 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-01-28 12:11 - 2014-06-05 15:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-01-28 12:11 - 2014-06-05 15:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-01-28 12:11 - 2014-06-05 15:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-01-28 12:11 - 2014-04-12 03:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-01-28 12:11 - 2014-04-12 03:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-01-28 12:11 - 2014-04-12 03:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-01-28 12:11 - 2014-04-12 03:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-01-28 12:11 - 2014-04-12 03:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-01-28 12:11 - 2014-04-12 03:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-01-28 12:11 - 2014-03-04 10:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-01-28 12:11 - 2014-03-04 10:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-01-28 12:11 - 2014-03-04 10:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-01-28 12:11 - 2014-03-04 10:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-01-28 12:11 - 2014-03-04 10:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-01-28 12:11 - 2014-03-04 10:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-01-28 12:11 - 2014-03-04 10:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-01-28 12:11 - 2014-03-04 10:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-01-28 12:11 - 2014-03-04 10:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-01-28 12:11 - 2014-03-04 10:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-01-28 12:11 - 2014-03-04 10:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-01-28 12:11 - 2014-03-04 10:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-01-28 12:11 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-01-28 12:11 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-01-28 12:11 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-01-28 12:01 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-01-28 12:01 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-01-28 12:01 - 2014-08-23 01:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-01-28 12:00 - 2012-06-06 07:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-01-28 12:00 - 2012-06-06 06:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2015-01-28 12:00 - 2011-10-15 07:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-01-28 12:00 - 2011-10-15 06:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2015-01-28 11:52 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-01-28 11:52 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-01-28 11:52 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-01-28 11:52 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-01-28 11:52 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-01-28 11:52 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-01-28 11:52 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-01-28 11:52 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-01-28 11:52 - 2011-02-12 12:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2015-01-28 11:51 - 2012-05-14 06:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-01-28 11:51 - 2011-02-23 05:56 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-01-28 11:50 - 2011-02-23 05:55 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-01-28 11:50 - 2011-02-23 05:55 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-01-28 11:50 - 2011-02-23 05:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2015-01-28 11:49 - 2011-08-27 06:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2015-01-28 11:49 - 2011-08-27 05:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2015-01-28 11:38 - 2015-01-28 11:38 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-28 11:38 - 2015-01-28 11:38 - 00000000 ____D () C:\196b96d90ae088259368
2015-01-28 11:38 - 2014-12-31 13:12 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-28 11:29 - 2015-01-28 11:29 - 00000197 _____ () C:\Windows\system32\2015-01-28-10-29-24.089-AvastVBoxSVC.exe-2524.log
2015-01-28 00:22 - 2015-01-28 15:48 - 00643866 _____ () C:\Windows\system32\perfh007.dat
2015-01-28 00:22 - 2015-01-28 15:48 - 00126394 _____ () C:\Windows\system32\perfc007.dat
2015-01-28 00:22 - 2015-01-28 00:21 - 00295922 _____ () C:\Windows\system32\perfi007.dat
2015-01-28 00:22 - 2015-01-28 00:21 - 00038104 _____ () C:\Windows\system32\perfd007.dat
2015-01-28 00:21 - 2015-01-28 00:21 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2015-01-28 00:21 - 2015-01-28 00:21 - 00000000 ____D () C:\Windows\SysWOW64\de
2015-01-28 00:21 - 2015-01-28 00:21 - 00000000 ____D () C:\Windows\SysWOW64\0407
2015-01-28 00:21 - 2015-01-28 00:21 - 00000000 ____D () C:\Windows\system32\de
2015-01-28 00:21 - 2015-01-28 00:21 - 00000000 ____D () C:\Windows\system32\0407
2015-01-28 00:12 - 2015-01-28 00:12 - 00000000 ____D () C:\Windows\NAPP_Dism_Log
2015-01-27 23:10 - 2015-01-27 23:10 - 00000197 _____ () C:\Windows\system32\2015-01-27-22-10-21.078-AvastVBoxSVC.exe-3136.log
2015-01-27 21:53 - 2015-01-27 21:53 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-01-27 21:45 - 2015-01-27 21:45 - 00000197 _____ () C:\Windows\system32\2015-01-27-20-45-31.082-AvastVBoxSVC.exe-2968.log
2015-01-27 21:09 - 2015-01-27 21:09 - 01054225 _____ () C:\Users\Dominic\Downloads\d3dx9_43.zip
2015-01-27 20:37 - 2015-01-27 20:37 - 00000197 _____ () C:\Windows\system32\2015-01-27-19-37-09.013-AvastVBoxSVC.exe-2772.log
2015-01-27 20:27 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-01-27 20:27 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-01-27 20:27 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-01-27 20:27 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-01-27 20:27 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-01-27 20:27 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-01-27 20:27 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-01-27 20:27 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-01-27 20:27 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-01-27 20:27 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-01-27 20:27 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-01-27 20:27 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-01-27 20:27 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-01-27 20:27 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-01-27 20:10 - 2015-01-27 20:10 - 05994752 _____ (Wargaming.net ) C:\Users\Dominic\Downloads\WoT_internet_install_eu (1).exe
2015-01-27 19:51 - 2015-01-27 20:25 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-01-27 19:51 - 2015-01-27 19:51 - 00000773 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2015-01-27 19:51 - 2015-01-27 19:51 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-01-27 19:51 - 2015-01-27 19:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-01-27 19:49 - 2015-01-27 19:50 - 05994752 _____ (Wargaming.net ) C:\Users\Dominic\Downloads\WoT_internet_install_eu.exe
2015-01-27 19:42 - 2015-01-27 19:42 - 00000247 _____ () C:\Windows\system32\2015-01-27-18-42-26.058-aswFe.exe-4860.log
2015-01-27 19:37 - 2015-01-27 19:42 - 00000247 _____ () C:\Windows\system32\2015-01-27-18-37-26.027-aswFe.exe-4656.log
2015-01-27 19:37 - 2015-01-27 19:37 - 00000197 _____ () C:\Windows\system32\2015-01-27-18-37-19.043-AvastVBoxSVC.exe-4756.log
2015-01-27 19:36 - 2014-12-29 22:15 - 00000034 _____ () C:\Users\Dominic\Desktop\REBELLCHEN.txt
2015-01-27 19:31 - 2015-01-27 19:31 - 00000197 _____ () C:\Windows\system32\2015-01-27-18-31-09.036-AvastVBoxSVC.exe-780.log
2015-01-27 18:45 - 2015-01-27 18:45 - 00000247 _____ () C:\Windows\system32\2015-01-27-17-45-23.009-aswFe.exe-3656.log
2015-01-27 18:32 - 2015-01-27 18:45 - 00000247 _____ () C:\Windows\system32\2015-01-27-17-32-09.011-aswFe.exe-3376.log
2015-01-27 18:32 - 2015-01-27 18:32 - 00000197 _____ () C:\Windows\system32\2015-01-27-17-32-01.004-AvastVBoxSVC.exe-3176.log
2015-01-27 18:18 - 2015-01-27 18:18 - 00001974 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-01-27 18:15 - 2015-01-27 18:14 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2015-01-27 18:14 - 2015-01-27 18:14 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-27 18:14 - 2015-01-27 18:14 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-27 18:13 - 2015-01-27 18:13 - 00449936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-01-27 18:06 - 2015-01-27 18:08 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-01-27 18:06 - 2015-01-27 18:08 - 00000000 ____D () C:\Windows\system32\vbox
2015-01-27 18:05 - 2015-01-27 18:05 - 00000000 ____D () C:\Users\Dominic\AppData\Roaming\AVAST Software
2015-01-27 18:04 - 2015-01-28 11:29 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-27 18:04 - 2015-01-27 18:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-27 18:04 - 2015-01-27 18:04 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-27 18:04 - 2015-01-27 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-27 18:04 - 2015-01-23 20:27 - 16153512 _____ (Wargaming.net ) C:\Users\Dominic\Desktop\WOWS_BW_na.exe
2015-01-27 18:04 - 2015-01-16 21:14 - 91670064 _____ (The GIMP Team ) C:\Users\Dominic\Desktop\gimp-2.8.14-setup.exe
2015-01-27 18:04 - 2014-12-20 21:52 - 00394754 _____ () C:\Users\Dominic\Desktop\soundboard-1.0b5-win64.ts3_plugin
2015-01-27 18:03 - 2015-01-28 15:45 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-27 18:03 - 2015-01-28 14:15 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-27 18:03 - 2015-01-27 18:10 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-27 18:03 - 2015-01-27 18:10 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-27 18:03 - 2015-01-27 18:06 - 00000000 ____D () C:\Users\Dominic\AppData\Local\Google
2015-01-27 18:03 - 2015-01-27 18:03 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-27 18:03 - 2015-01-26 23:09 - 04188536 _____ (Piriform Ltd) C:\Users\Dominic\Desktop\ccsetup501_slim.exe
2015-01-27 18:02 - 2015-01-27 18:16 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-27 18:02 - 2015-01-27 18:14 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-01-27 18:02 - 2015-01-27 18:14 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-27 18:02 - 2015-01-27 18:14 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-01-27 18:02 - 2015-01-27 18:14 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-01-27 18:02 - 2015-01-27 18:14 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-01-27 18:02 - 2015-01-27 18:14 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-27 18:02 - 2015-01-27 18:14 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-27 18:00 - 2015-01-27 18:00 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-27 17:59 - 2015-01-27 18:00 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-27 17:50 - 2015-01-28 12:17 - 00000000 ____D () C:\Users\Dominic\AppData\Roaming\TS3Client
2015-01-27 17:50 - 2015-01-27 17:50 - 00000971 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-01-27 17:50 - 2015-01-27 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-01-27 17:50 - 2015-01-27 17:50 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2015-01-27 17:41 - 2015-01-27 17:41 - 00003596 _____ () C:\Windows\System32\Tasks\Maxthon Update
2015-01-27 17:41 - 2015-01-27 17:41 - 00001085 _____ () C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2015-01-27 17:41 - 2015-01-27 17:41 - 00000000 ____D () C:\Users\Dominic\AppData\Roaming\Maxthon3
2015-01-27 17:41 - 2015-01-27 17:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2015-01-27 17:40 - 2015-01-27 17:41 - 00000000 ____D () C:\Program Files (x86)\Maxthon
2015-01-27 17:36 - 2015-01-27 21:14 - 00000000 ____D () C:\games
2015-01-27 17:32 - 2012-02-17 07:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-01-27 17:32 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2015-01-27 17:32 - 2012-02-17 05:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-01-27 17:32 - 2012-02-17 05:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2015-01-27 17:22 - 2015-01-27 17:54 - 00000000 ____D () C:\Users\Dominic\AppData\Roaming\vlc
2015-01-27 17:22 - 2015-01-27 17:22 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-01-27 17:22 - 2015-01-27 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-01-27 17:21 - 2015-01-27 17:21 - 00001192 _____ () C:\Users\Dominic\Desktop\Startfenster.lnk
2015-01-27 17:21 - 2015-01-27 17:21 - 00001192 _____ () C:\Users\Dominic\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
2015-01-27 17:21 - 2015-01-27 17:21 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-01-27 17:21 - 2015-01-27 17:21 - 00000000 ____D () C:\Program Files (x86)\Startfenster
2015-01-27 17:19 - 2015-01-28 15:46 - 00000000 ____D () C:\ProgramData\clear.fi
2015-01-27 17:12 - 2015-01-27 17:12 - 00000000 ____D () C:\Users\Dominic\AppData\Local\EgisTec IPS
2015-01-27 17:10 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-27 17:10 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-01-27 17:10 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-01-27 17:10 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-27 17:09 - 2015-01-27 17:11 - 00000000 ____D () C:\Users\Dominic\AppData\Local\PowerCinema
2015-01-27 17:09 - 2015-01-27 17:09 - 00001955 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fooz Kids.lnk
2015-01-27 17:09 - 2015-01-27 17:09 - 00000000 ____D () C:\Users\Dominic\AppData\Roaming\CyberLink
2015-01-27 17:09 - 2015-01-27 17:09 - 00000000 ____D () C:\Users\Dominic\AppData\Local\Acer
2015-01-27 17:09 - 2015-01-27 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-27 17:09 - 2015-01-27 17:09 - 00000000 ____D () C:\Program Files\Accessory Store
2015-01-27 17:09 - 2015-01-27 17:09 - 00000000 ____D () C:\Program Files (x86)\OEM
2015-01-27 17:09 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-27 17:09 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-01-27 17:09 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-01-27 17:09 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-01-27 17:09 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-01-27 17:09 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-01-27 17:09 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-01-27 17:09 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-01-27 17:09 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-01-27 17:09 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-01-27 17:08 - 2015-01-28 16:02 - 00000000 ____D () C:\Users\Dominic
2015-01-27 17:08 - 2015-01-27 17:20 - 00000000 ____D () C:\Users\Dominic\AppData\Local\Windows Live
2015-01-27 17:08 - 2015-01-27 17:11 - 00001443 _____ () C:\Users\Dominic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-27 17:08 - 2015-01-27 17:11 - 00001409 _____ () C:\Users\Dominic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-01-27 17:08 - 2015-01-27 17:09 - 00059968 _____ () C:\Users\Dominic\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Dominic\Vorlagen
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Dominic\Startmenü
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Dominic\Netzwerkumgebung
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Dominic\Lokale Einstellungen
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Dominic\Eigene Dateien
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Dominic\Druckumgebung
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Dominic\Documents\Eigene Musik
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Dominic\Documents\Eigene Bilder
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Dominic\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Dominic\AppData\Local\Verlauf
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Dominic\AppData\Local\Anwendungsdaten
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Dominic\Anwendungsdaten
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Programme
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\ProgramData\Favoriten
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 __SHD () C:\Recovery
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 ____D () C:\Users\Dominic\AppData\Local\VirtualStore
2015-01-27 17:08 - 2015-01-27 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection
2015-01-27 17:08 - 2011-04-14 08:35 - 00000000 ____D () C:\Users\Dominic\AppData\Roaming\Macromedia
2015-01-27 17:08 - 2011-04-14 08:35 - 00000000 ____D () C:\Users\Dominic\AppData\Roaming\Adobe
2015-01-27 17:08 - 2011-04-14 08:35 - 00000000 ____D () C:\Users\Dominic\AppData\Local\Adobe
2015-01-27 17:08 - 2011-04-14 08:31 - 00000000 ____D () C:\Users\Dominic\AppData\Local\Downloaded Installations
2015-01-27 17:08 - 2010-11-21 03:50 - 00000020 ___SH () C:\Users\Dominic\ntuser.ini
2015-01-27 17:08 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Dominic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-27 17:08 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Dominic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-27 16:18 - 2015-01-27 16:18 - 00002490 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-01-27 16:13 - 2015-01-27 16:13 - 17773056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 12268544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 10884096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 09702400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-01-27 16:13 - 2015-01-27 16:13 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-01-27 16:13 - 2015-01-27 16:13 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-01-27 16:13 - 2015-01-27 16:13 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-27 16:13 - 2015-01-27 16:13 - 02303488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 02136064 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 01797632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 01785344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 01492992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-27 16:13 - 2015-01-27 16:13 - 01427456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-01-27 16:13 - 2015-01-27 16:13 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 01344000 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 01126912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 01102336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00818176 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00716800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00580608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-01-27 16:13 - 2015-01-27 16:13 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-01-27 16:13 - 2015-01-27 16:13 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-27 16:13 - 2015-01-27 16:13 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-01-27 16:13 - 2015-01-27 16:13 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-01-27 16:13 - 2015-01-27 16:13 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-01-27 16:13 - 2015-01-27 16:13 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-01-27 16:13 - 2015-01-27 16:13 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-27 16:13 - 2015-01-27 16:13 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-01-27 16:13 - 2015-01-27 16:13 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-01-27 16:13 - 2015-01-27 16:13 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-27 16:13 - 2015-01-27 16:13 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-01-27 16:13 - 2015-01-27 16:13 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-01-27 16:13 - 2015-01-27 16:13 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-01-27 16:13 - 2015-01-27 16:13 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2015-01-27 16:13 - 2015-01-27 16:13 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-01-27 16:13 - 2015-01-27 16:13 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-01-27 16:13 - 2015-01-27 16:13 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-01-27 16:13 - 2015-01-27 16:13 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-01-27 16:13 - 2015-01-27 16:13 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-01-27 16:13 - 2015-01-27 16:13 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-01-27 16:12 - 2015-01-27 16:14 - 00003758 _____ () C:\Windows\IE9_main.log
2015-01-27 16:07 - 2015-01-27 16:09 - 00000000 ____D () C:\ProgramData\CLSK
2015-01-27 16:07 - 2015-01-27 16:07 - 00003418 _____ () C:\Windows\System32\Tasks\clear.fi
2015-01-27 16:07 - 2015-01-27 16:07 - 00003366 _____ () C:\Windows\System32\Tasks\DMREngine
2015-01-27 16:07 - 2015-01-27 16:07 - 00003348 _____ () C:\Windows\System32\Tasks\clear.fiAgent
2015-01-27 16:05 - 2015-01-27 16:05 - 00000000 ____D () C:\Program Files (x86)\Cyberlink
2015-01-27 16:02 - 2015-01-27 16:09 - 00015219 _____ () C:\ProgramData\ArcadeDeluxe5.log
2015-01-27 16:02 - 2015-01-27 16:09 - 00000000 ____D () C:\ProgramData\Temp
2015-01-27 16:02 - 2015-01-27 16:09 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-27 15:59 - 2015-01-27 16:07 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clear.fi
2015-01-27 15:59 - 2015-01-27 15:59 - 00001024 ___RH () C:\Users\Public\Documents\NTILiveUpdateV9.dll
2015-01-27 15:59 - 2015-01-27 15:59 - 00000000 ____D () C:\ProgramData\NTI Launcher
2015-01-27 15:59 - 2015-01-27 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
2015-01-27 15:57 - 2015-01-27 15:57 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-01-27 15:56 - 2015-01-27 15:56 - 00002435 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
2015-01-27 15:56 - 2015-01-27 15:56 - 00001024 ___RH () C:\Users\Public\Documents\NTIMMV9REGET.dll
2015-01-27 15:56 - 2015-01-27 15:56 - 00001024 ___RH () C:\Users\Public\Documents\NTIMMV9Acer.dll
2015-01-27 15:56 - 2015-01-27 15:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-27 15:54 - 2015-01-27 15:54 - 00000000 ____D () C:\ProgramData\Atheros
2015-01-27 15:53 - 2015-01-27 15:53 - 00000000 _____ () C:\Windows\ativpsrm.bin
2015-01-27 15:51 - 2015-01-27 15:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_btath_hcrp_01009.Wdf
2015-01-27 15:49 - 2015-01-27 15:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2015-01-27 15:49 - 2015-01-27 15:50 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2015-01-27 15:47 - 2015-01-27 15:47 - 00000000 ____D () C:\Program Files\CONEXANT
2015-01-27 15:47 - 2010-12-17 00:18 - 00198784 ____N (Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
2015-01-27 15:44 - 2015-01-27 15:44 - 00004786 _____ () C:\Windows\DPINST.LOG
2015-01-27 15:44 - 2015-01-27 15:44 - 00000000 ____D () C:\Program Files\Elantech
2015-01-27 15:43 - 2015-01-27 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2015-01-27 15:43 - 2015-01-27 15:43 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-01-27 15:43 - 2010-11-28 04:50 - 00044672 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2015-01-27 15:41 - 2015-01-27 15:43 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-01-27 15:41 - 2015-01-27 15:41 - 00000000 ____D () C:\Program Files\ATI
2015-01-27 15:40 - 2015-01-27 15:40 - 00000184 _____ () C:\Windows\LMv4.UNI
2015-01-27 15:40 - 2015-01-27 15:40 - 00000000 ____D () C:\Program Files (x86)\Launch Manager
2015-01-27 15:39 - 2015-01-27 15:52 - 00000168 _____ () C:\Windows\Driver_install.log
2015-01-27 15:36 - 2015-01-27 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2015-01-27 15:36 - 2015-01-27 15:36 - 00000000 ____D () C:\ProgramData\EgisTec
2015-01-27 15:36 - 2015-01-27 15:36 - 00000000 ____D () C:\book
2015-01-27 15:31 - 2015-01-28 16:07 - 01827657 _____ () C:\Windows\WindowsUpdate.log
2015-01-27 15:31 - 2011-04-14 08:40 - 00059968 _____ () C:\Users\Default\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-27 15:31 - 2011-04-14 08:40 - 00059968 _____ () C:\Users\Default User\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-27 15:31 - 2011-04-14 08:35 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-27 15:31 - 2011-04-14 08:35 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe
2015-01-27 15:31 - 2011-04-14 08:35 - 00000000 ____D () C:\Users\Default\AppData\Local\Adobe
2015-01-27 15:31 - 2011-04-14 08:35 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-27 15:31 - 2011-04-14 08:35 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe
2015-01-27 15:31 - 2011-04-14 08:35 - 00000000 ____D () C:\Users\Default User\AppData\Local\Adobe
2015-01-27 15:31 - 2011-04-14 08:31 - 00000000 ____D () C:\Users\Default\AppData\Local\Downloaded Installations
2015-01-27 15:31 - 2011-04-14 08:31 - 00000000 ____D () C:\Users\Default User\AppData\Local\Downloaded Installations
2015-01-27 15:31 - 2011-04-14 08:01 - 00000000 ____D () C:\Users\Default\AppData\Local\Windows Live
2015-01-27 15:31 - 2011-04-14 08:01 - 00000000 ____D () C:\Users\Default User\AppData\Local\Windows Live
2015-01-27 15:31 - 2010-11-21 03:51 - 00001449 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-27 15:31 - 2010-11-21 03:51 - 00001449 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-27 15:31 - 2010-11-21 03:51 - 00001415 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-01-27 15:31 - 2010-11-21 03:51 - 00001415 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-01-27 15:31 - 2010-11-21 03:50 - 00000020 ___SH () C:\Users\Default\ntuser.ini

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 15:48 - 2009-07-14 06:13 - 01472002 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-28 15:48 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-28 15:48 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-28 15:40 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-28 15:40 - 2009-07-14 05:51 - 00042203 _____ () C:\Windows\setupact.log
2015-01-28 15:40 - 2009-07-14 05:45 - 00269352 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-28 00:25 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-01-28 00:25 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-01-28 00:25 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2015-01-28 00:25 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-01-28 00:25 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\system32\winrm
2015-01-28 00:25 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\system32\WCN
2015-01-28 00:25 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\system32\slmgr
2015-01-28 00:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-01-28 00:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-01-28 00:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\MUI
2015-01-28 00:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-01-28 00:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2015-01-28 00:21 - 2010-11-21 08:17 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-28 00:21 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-01-28 00:21 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-01-28 00:21 - 2009-07-14 06:37 - 00000000 ____D () C:\Windows\DigitalLocker
2015-01-28 00:21 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-01-28 00:21 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-01-28 00:21 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-01-28 00:21 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-28 00:21 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-01-28 00:21 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2015-01-28 00:21 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-01-28 00:21 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-28 00:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2015-01-28 00:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-01-28 00:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-01-28 00:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2015-01-28 00:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup
2015-01-28 00:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe
2015-01-28 00:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\migwiz
2015-01-28 00:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\com
2015-01-28 00:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\IME
2015-01-28 00:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-28 00:09 - 2009-07-14 06:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-01-28 00:09 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-01-27 20:27 - 2011-04-14 08:01 - 00001770 _____ () C:\Windows\DirectX.log
2015-01-27 18:19 - 2010-11-21 04:47 - 00009390 _____ () C:\Windows\PFRO.log
2015-01-27 17:12 - 2011-04-14 08:33 - 00000000 ____D () C:\ProgramData\oem
2015-01-27 17:12 - 2011-04-14 08:32 - 00018931 _____ () C:\Windows\patch.log
2015-01-27 17:10 - 2011-04-14 08:13 - 00000000 ___HD () C:\OEM
2015-01-27 17:10 - 2011-04-14 07:56 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-27 17:08 - 2011-04-14 07:56 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-27 17:08 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore
2015-01-27 17:08 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-01-27 17:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Recovery
2015-01-27 17:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-27 17:07 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-27 17:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-01-27 16:39 - 2009-07-14 05:46 - 00004059 _____ () C:\Windows\DtcInstall.log
2015-01-27 16:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-01-27 16:39 - 2007-07-12 02:49 - 00000000 ____D () C:\Windows\Panther
2015-01-27 16:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2015-01-27 16:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-27 16:18 - 2011-04-14 08:06 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-01-27 16:11 - 2011-04-14 08:00 - 00000000 ____D () C:\Program Files\Acer
2015-01-27 16:11 - 2011-04-14 07:36 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-27 16:10 - 2011-04-14 07:59 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-01-27 15:57 - 2011-04-14 08:36 - 00000000 ____D () C:\Program Files (x86)\NTI
2015-01-27 15:50 - 2011-03-13 10:53 - 00246804 _____ () C:\Windows\system32\Drivers\AtherosBt.bin
2015-01-27 15:50 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-27 15:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-27 15:36 - 2011-04-14 08:30 - 00000000 ____D () C:\ProgramData\EgisTec IPS
2015-01-27 15:36 - 2011-02-12 04:43 - 00000000 ____D () C:\Windows\DeployWinRE2
2015-01-27 15:35 - 2011-04-14 08:34 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-27 15:35 - 2011-04-14 08:34 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-27 15:31 - 2011-04-14 07:23 - 00003652 _____ () C:\Windows\TSSysprep.log

==================== Files in the root of some directories =======

2015-01-27 16:02 - 2015-01-27 16:09 - 0015219 _____ () C:\ProgramData\ArcadeDeluxe5.log
2011-04-14 07:41 - 2010-03-02 22:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-27 16:39

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:03 on 28/01/2015 (Dominic)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-01-28 16:31:39
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000BPVT-22HXZT1 rev.01.01A01 465,76GB
Running: 1xfwy44h.exe; Driver: C:\Users\Dominic\AppData\Local\Temp\pgliifod.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1612] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter  0000000076bb87c9 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1612] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69      0000000076b91465 2 bytes [B9, 76]
.text  C:\Program Files\AVAST Software\Avast\afwServ.exe[1612] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155      0000000076b914bb 2 bytes [B9, 76]
.text  ...                                                                                                                  * 2
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[792] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter  0000000076bb87c9 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[792] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69        0000000076b91465 2 bytes [B9, 76]
.text  C:\Program Files\AVAST Software\Avast\AvastUI.exe[792] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155      0000000076b914bb 2 bytes [B9, 76]
.text  ...                                                                                                                  * 2

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0f8da952168                                         
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0f8da952168 (not active ControlSet)                     

---- EOF - GMER 2.1 ----

schrauber 28.01.2015 18:50
Addition.txt?

Cpt_Chandler 28.01.2015 20:13
Hab ich vergessen. Mein rechner hat sich danach wieder gefreezed

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-01-2015
Ran by Dominic at 2015-01-28 16:09:54
Running from C:\Users\Dominic\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee VirusScan (Disabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: McAfee Personal Firewall (Disabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1912 Titanic Mystery (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117897550}) (Version:  - Oberon Media)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.85 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1523 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1523 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3006 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{C97623E2-0614-4845-B199-8E8BEC8E131C}_is1) (Version: 6.1.0.40497 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3004 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0707.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3005 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.2.153.1 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{4292776A-4F23-E108-83B2-2C27398E8BCF}) (Version: 3.0.804.0 - ATI Technologies, Inc.)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Backup Manager V3 (x32 Version: 3.0.0.85 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110265407}) (Version:  - Oberon Media)
Belles Beauty Boutique (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112623650}) (Version:  - Oberon Media)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
ccc-core-static (x32 Version: 2011.0111.1350.24756 - Ihr Firmenname) Hidden
Chicken Invaders 3 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}) (Version:  - Oberon Media)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1422.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1422.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7418 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3008 - Acer Incorporated)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.41.1.51 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Farm Frenzy 3 Ice Age (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118399487}) (Version:  - Oberon Media)
Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version:  - Oberon Media)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.5 - Acer Inc.)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.3.4000 - Maxthon International Limited)
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 10.0.570 - McAfee, Inc.)
MediaEspresso (x32 Version: 1.0.1418_35759 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8942 - NTI Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
Shredder (Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Sprill and Ritchie (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117932650}) (Version:  - Oberon Media)
Startfenster (HKLM\...\Startfenster) (Version:  - Startfenster) <==== ATTENTION!
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
World of Goo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}) (Version:  - Oberon Media)
World of Tanks (HKU\S-1-5-21-1934127515-777576594-3349311130-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

27-01-2015 17:08:18 Windows Update
27-01-2015 17:32:16 Windows Update
27-01-2015 17:59:34 avast! antivirus system restore point
27-01-2015 18:11:01 avast! antivirus system restore point
27-01-2015 18:16:52 Gerätetreiber-Paketinstallation: Avast Netzwerkdienst
27-01-2015 20:25:11 DirectX wurde installiert
27-01-2015 23:55:41 Windows Update
28-01-2015 11:32:29 Windows Update
28-01-2015 13:46:04 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {8B690802-4BE0-41A3-A558-1B980FA3F952} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-02-22] (CyberLink)
Task: {9BABE8F7-EB45-492C-9D35-D5C8CF613378} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-02-22] (CyberLink Corp.)
Task: {CF877494-B1F2-4DB5-A893-F1A23C94ED78} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-27] (Google Inc.)
Task: {D52E509C-427C-462F-BE0D-168D449AB21E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-27] (Google Inc.)
Task: {D8F2F650-E437-4A7F-95BD-261D4F99EBA1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-27] (AVAST Software)
Task: {ED62746A-DF89-45A9-8672-55F615D74743} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-02-22] (Acer Incorporated)
Task: {F5036DA4-F4E0-4821-B9BA-AD9223CE9E04} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2014-12-10] (Maxthon International ltd.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2015-01-27 18:13 - 2015-01-27 18:13 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-01-27 18:13 - 2015-01-27 18:13 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2009-01-22 00:45 - 2009-01-22 00:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2015-01-28 11:29 - 2015-01-28 11:29 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012800\algo.dll
2015-01-27 18:13 - 2015-01-27 18:13 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-01-27 18:14 - 2015-01-27 18:14 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-02-22 10:01 - 2011-02-22 10:01 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2015-01-27 18:04 - 2015-01-25 22:08 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-27 18:04 - 2015-01-25 22:08 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
2015-01-27 18:04 - 2015-01-25 22:08 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll
2015-01-28 16:05 - 2015-01-28 16:05 - 00380416 _____ () C:\Users\Dominic\Downloads\1xfwy44h.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: 0140251422374920mcinstcleanup => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: CxAudMsg => 2
MSCONFIG\Services: DsiWMIService => 2
MSCONFIG\Services: ePowerSvc => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: GREGService => 2
MSCONFIG\Services: Live Updater Service => 2
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: McMPFSvc => 2
MSCONFIG\Services: mcmscsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McNASvc => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: McOobeSv => 2
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: mfefire => 2
MSCONFIG\Services: MSK80Service => 2
MSCONFIG\Services: NOBU => 2
MSCONFIG\Services: NTI IScheduleSvc => 2
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ArcadeMovieService => "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: EgisTecPMMUpdate => "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
MSCONFIG\startupreg: EgisUpdate => "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
MSCONFIG\startupreg: ETDCtrl => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: Power Management => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-1934127515-777576594-3349311130-500 - Administrator - Disabled)
Dominic (S-1-5-21-1934127515-777576594-3349311130-1001 - Administrator - Enabled) => C:\Users\Dominic
Gast (S-1-5-21-1934127515-777576594-3349311130-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1934127515-777576594-3349311130-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/28/2015 03:40:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2015 02:43:09 PM) (Source: McLogEvent) (EventID: 5051) (User: NT-AUTORITÄT)
Description: Ein Thread in Vorgang C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe brauchte länger als 90000 ms, um eine Anfrage auszuführen.

Der Vorgang wird beendet.
Thread-ID: 3604 (0xe14)

Thread-Adresse: 0x000000007739138A

Thread-Nachricht:

 Build VSCORE.14.2.0.723 / 5400.1158
 Object being scanned = \Device\HarddiskVolume3\ProgramData\AVAST Software\Avast\db1d03a3da908e6ae-e4f7773.dat
 by System
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (01/28/2015 01:42:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2015 00:28:09 PM) (Source: McLogEvent) (EventID: 5051) (User: NT-AUTORITÄT)
Description: Ein Thread in Vorgang C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe brauchte länger als 90000 ms, um eine Anfrage auszuführen.

Der Vorgang wird beendet.
Thread-ID: 2096 (0x830)

Thread-Adresse: 0x00000000772E138A

Thread-Nachricht:

 Build VSCORE.14.2.0.723 / 5400.1158
 Object being scanned = \Device\HarddiskVolume3\ProgramData\AVAST Software\Avast\db1d03a3da908e6ae-e4f7773.dat
 by System
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (01/28/2015 11:27:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2015 00:06:52 AM) (Source: McLogEvent) (EventID: 5051) (User: NT-AUTORITÄT)
Description: Ein Thread in Vorgang C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe brauchte länger als 90000 ms, um eine Anfrage auszuführen.

Der Vorgang wird beendet.
Thread-ID: 2660 (0xa64)

Thread-Adresse: 0x000000007742138A

Thread-Nachricht:

 Build VSCORE.14.2.0.723 / 5400.1158
 Object being scanned = \Device\HarddiskVolume3\ProgramData\AVAST Software\Avast\db1d03a3da908e6ae-e4f7773.dat
 by System
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (01/27/2015 11:07:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2015 11:03:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2015 10:44:14 PM) (Source: McLogEvent) (EventID: 5051) (User: NT-AUTORITÄT)
Description: Ein Thread in Vorgang C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe brauchte länger als 90000 ms, um eine Anfrage auszuführen.

Der Vorgang wird beendet.
Thread-ID: 3184 (0xc70)

Thread-Adresse: 0x00000000774D138A

Thread-Nachricht:

 Build VSCORE.14.2.0.723 / 5400.1158
 Object being scanned = \Device\HarddiskVolume3\ProgramData\AVAST Software\Avast\db1d03a3da908e6ae-e4f7773.dat
 by System
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (01/27/2015 09:43:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/28/2015 03:40:23 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎28.‎01.‎2015 um 15:31:25 unerwartet heruntergefahren.

Error: (01/28/2015 02:20:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0902 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2992611)

Error: (01/28/2015 02:20:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0902 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2705219)

Error: (01/28/2015 02:20:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0902 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB3002885)

Error: (01/28/2015 02:20:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0902 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2654428)

Error: (01/28/2015 02:20:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0902 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2813430)

Error: (01/28/2015 02:20:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0902 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2855844)

Error: (01/28/2015 01:41:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎28.‎01.‎2015 um 13:40:24 unerwartet heruntergefahren.

Error: (01/28/2015 11:26:49 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎28.‎01.‎2015 um 00:08:23 unerwartet heruntergefahren.

Error: (01/27/2015 11:04:17 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084defragsvc{D20A3293-3341-4AE8-9AAF-8E397CB63C34}


Microsoft Office Sessions:
=========================
Error: (01/28/2015 03:40:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2015 02:43:09 PM) (Source: McLogEvent) (EventID: 5051) (User: NT-AUTORITÄT)
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900003604 (0xe14)0x000000007739138A
 Build VSCORE.14.2.0.723 / 5400.1158
 Object being scanned = \Device\HarddiskVolume3\ProgramData\AVAST Software\Avast\db1d03a3da908e6ae-e4f7773.dat
 by System
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (01/28/2015 01:42:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2015 00:28:09 PM) (Source: McLogEvent) (EventID: 5051) (User: NT-AUTORITÄT)
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900002096 (0x830)0x00000000772E138A
 Build VSCORE.14.2.0.723 / 5400.1158
 Object being scanned = \Device\HarddiskVolume3\ProgramData\AVAST Software\Avast\db1d03a3da908e6ae-e4f7773.dat
 by System
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (01/28/2015 11:27:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2015 00:06:52 AM) (Source: McLogEvent) (EventID: 5051) (User: NT-AUTORITÄT)
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900002660 (0xa64)0x000000007742138A
 Build VSCORE.14.2.0.723 / 5400.1158
 Object being scanned = \Device\HarddiskVolume3\ProgramData\AVAST Software\Avast\db1d03a3da908e6ae-e4f7773.dat
 by System
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (01/27/2015 11:07:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2015 11:03:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2015 10:44:14 PM) (Source: McLogEvent) (EventID: 5051) (User: NT-AUTORITÄT)
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900003184 (0xc70)0x00000000774D138A
 Build VSCORE.14.2.0.723 / 5400.1158
 Object being scanned = \Device\HarddiskVolume3\ProgramData\AVAST Software\Avast\db1d03a3da908e6ae-e4f7773.dat
 by System
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (01/27/2015 09:43:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Processor: AMD E-350 Processor
Percentage of memory in use: 51%
Total physical RAM: 3818.9 MB
Available physical RAM: 1863.63 MB
Total Pagefile: 7636 MB
Available Pagefile: 5415.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:394.35 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9F43E1C3)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 29.01.2015 07:11
Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Startfenster


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Cpt_Chandler 29.01.2015 16:12
Code:
ComboFix 15-01-28.01 - Dominics 29.01.2015  14:28:01.2.2 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3819.1749 [GMT 1:00]
ausgeführt von:: c:\users\Dominics\Downloads\ComboFix.exe
AV: McAfee VirusScan *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Personal Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee VirusScan *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Public\Documents\NTILiveUpdateV9.dll
c:\users\Public\Documents\NTIMMV9Acer.dll
c:\users\Public\Documents\NTIMMV9REGET.dll
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-12-28 bis 2015-01-29  ))))))))))))))))))))))))))))))
.
.
2015-01-29 15:00 . 2015-01-29 15:00        --------        d-----w-        c:\users\Default\AppData\Local\temp
2015-01-29 13:20 . 2015-01-29 13:20        --------        d-----w-        c:\program files (x86)\VS Revo Group
2015-01-29 13:00 . 2015-01-29 13:01        --------        d-----w-        c:\program files (x86)\Google
2015-01-29 12:30 . 2014-05-14 16:23        44512        ----a-w-        c:\windows\system32\wups2.dll
2015-01-29 12:30 . 2014-05-14 16:23        58336        ----a-w-        c:\windows\system32\wuauclt.exe
2015-01-29 12:30 . 2014-05-14 16:23        2477536        ----a-w-        c:\windows\system32\wuaueng.dll
2015-01-29 12:30 . 2014-05-14 16:21        2620928        ----a-w-        c:\windows\system32\wucltux.dll
2015-01-29 12:30 . 2014-05-14 16:23        38880        ----a-w-        c:\windows\system32\wups.dll
2015-01-29 12:30 . 2014-05-14 16:23        700384        ----a-w-        c:\windows\system32\wuapi.dll
2015-01-29 12:30 . 2014-05-14 16:20        97792        ----a-w-        c:\windows\system32\wudriver.dll
2015-01-29 12:30 . 2014-05-14 16:17        92672        ----a-w-        c:\windows\SysWow64\wudriver.dll
2015-01-29 12:30 . 2014-05-14 16:23        36320        ----a-w-        c:\windows\SysWow64\wups.dll
2015-01-29 12:30 . 2014-05-14 16:23        581600        ----a-w-        c:\windows\SysWow64\wuapi.dll
2015-01-29 12:29 . 2014-05-14 08:23        198600        ----a-w-        c:\windows\system32\wuwebv.dll
2015-01-29 12:29 . 2014-05-14 08:23        179656        ----a-w-        c:\windows\SysWow64\wuwebv.dll
2015-01-29 12:29 . 2014-05-14 08:20        36864        ----a-w-        c:\windows\system32\wuapp.exe
2015-01-29 12:29 . 2014-05-14 08:17        33792        ----a-w-        c:\windows\SysWow64\wuapp.exe
2015-01-29 07:17 . 2015-01-29 07:17        --------        d-----w-        c:\windows\de-DE
2015-01-29 07:17 . 2015-01-29 07:17        --------        d-----w-        c:\windows\SysWow64\XPSViewer
2015-01-29 07:17 . 2015-01-29 07:17        --------        d-----w-        c:\windows\SysWow64\drivers\UMDF\de-DE
2015-01-29 07:17 . 2015-01-29 07:17        --------        d-----w-        c:\windows\SysWow64\drivers\de-DE
2015-01-29 07:17 . 2015-01-29 07:17        --------        d-----w-        c:\windows\SysWow64\de
2015-01-29 07:17 . 2015-01-29 07:17        --------        d-----w-        c:\windows\SysWow64\0407
2015-01-29 07:17 . 2015-01-28 23:51        --------        d-----w-        c:\windows\SysWow64\wbem\de-DE
2015-01-29 07:17 . 2015-01-29 07:17        --------        d-----w-        c:\windows\system32\drivers\UMDF\de-DE
2015-01-29 07:17 . 2015-01-29 07:17        --------        d-----w-        c:\windows\system32\drivers\de-DE
2015-01-29 07:17 . 2015-01-29 07:17        --------        d-----w-        c:\windows\system32\0407
2015-01-29 07:17 . 2015-01-29 07:17        --------        d-----w-        c:\windows\system32\de
2015-01-29 07:17 . 2015-01-28 23:51        --------        d-----w-        c:\windows\system32\wbem\de-DE
2015-01-29 07:16 . 2015-01-29 07:16        3584        ----a-w-        c:\windows\system32\Spool\prtprocs\x64\de-DE\LXKPTPRC.DLL.mui
2015-01-29 07:08 . 2015-01-29 07:08        --------        d-----w-        c:\windows\NAPP_Dism_Log
2015-01-28 23:51 . 2015-01-28 23:51        --------        d-----w-        c:\windows\SysWow64\wbem\en-US
2015-01-28 23:51 . 2015-01-28 23:51        --------        d-----w-        c:\windows\system32\wbem\en-US
2015-01-28 23:28 . 2015-01-28 23:31        --------        d-----w-        c:\programdata\CLSK
2015-01-28 23:25 . 2015-01-28 23:25        --------        d-----w-        c:\program files (x86)\Cyberlink
2015-01-28 23:23 . 2015-01-28 23:31        --------        d-----w-        c:\programdata\CyberLink
2015-01-28 23:18 . 2015-01-28 23:18        --------        d-----w-        c:\programdata\NTI Launcher
2015-01-28 23:15 . 2015-01-28 23:15        --------        d-----w-        c:\programdata\FLEXnet
2015-01-28 23:15 . 2015-01-28 23:15        --------        d-----w-        c:\program files (x86)\Common Files\Macrovision Shared
2015-01-28 23:12 . 2010-10-09 06:31        101888        ----a-w-        c:\programdata\Microsoft\OEMOffice14\OOBE\oobe-x-none.msp
2015-01-28 23:12 . 2010-06-25 16:24        2376704        ----a-w-        c:\programdata\Microsoft\OEMOffice14\OOBE\oobe.msi
2015-01-28 23:11 . 2015-01-28 23:11        --------        d-----w-        c:\program files (x86)\Microsoft
2015-01-28 23:11 . 2015-01-28 23:11        --------        d-----w-        c:\programdata\Atheros
2015-01-28 23:10 . 2015-01-28 23:10        0        ----a-w-        c:\windows\ativpsrm.bin
2015-01-28 23:05 . 2015-01-28 23:05        --------        d-----w-        c:\program files (x86)\Common Files\Atheros
2015-01-28 23:05 . 2015-01-28 23:06        --------        d-----w-        c:\program files (x86)\Bluetooth Suite
2015-01-28 23:03 . 2010-12-16 23:18        198784        ------w-        c:\windows\system32\CxAudMsg64.exe
2015-01-28 23:03 . 2015-01-28 23:03        --------        d-----w-        c:\program files\CONEXANT
2015-01-28 23:00 . 2015-01-28 23:00        --------        d-----w-        c:\program files\Elantech
2015-01-28 22:59 . 2015-01-28 22:59        --------        d-----w-        c:\program files\Common Files\ATI Technologies
2015-01-28 22:59 . 2015-01-28 22:59        --------        d-----w-        c:\program files (x86)\Common Files\ATI Technologies
2015-01-28 22:59 . 2010-11-28 03:50        44672        ----a-w-        c:\windows\system32\drivers\usbfilter.sys
2015-01-28 22:59 . 2015-01-28 22:59        --------        dc----w-        c:\windows\system32\DRVSTORE
2015-01-28 22:56 . 2015-01-28 22:56        --------        d-----w-        c:\program files\ATI
2015-01-28 22:56 . 2015-01-28 22:58        --------        d-----w-        c:\program files (x86)\ATI Technologies
2015-01-28 22:54 . 2015-01-28 22:55        --------        d-----w-        c:\program files (x86)\Launch Manager
2015-01-28 22:31 . 2015-01-28 22:31        --------        d-----w-        c:\programdata\EgisTec
2015-01-28 22:31 . 2015-01-28 22:31        --------        d---a-w-        C:\book
2015-01-28 22:30 . 2015-01-28 22:30        --------        d-----w-        c:\program files (x86)\Common Files\Adobe AIR
2015-01-28 22:27 . 2011-04-14 07:35        --------        d-----w-        c:\users\Default\AppData\Local\Adobe
2015-01-28 22:27 . 2011-04-14 07:31        --------        d-----w-        c:\users\Default\AppData\Local\Downloaded Installations
2015-01-28 22:27 . 2011-04-14 07:01        --------        d-----w-        c:\users\Default\AppData\Local\Windows Live
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-29 13:17 . 2010-06-24 18:33        23256        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-01-29 07:16 . 2015-01-29 07:16        2560        ----a-w-        c:\windows\SysWow64\drivers\de-DE\qwavedrv.sys.mui
2015-01-29 07:15 . 2015-01-29 07:15        5632        ----a-w-        c:\windows\SysWow64\drivers\de-DE\ndiscap.sys.mui
2015-01-29 07:15 . 2015-01-29 07:15        2560        ----a-w-        c:\windows\SysWow64\drivers\de-DE\scfilter.sys.mui
2015-01-29 07:15 . 2015-01-29 07:15        51712        ----a-w-        c:\windows\SysWow64\drivers\de-DE\tcpip.sys.mui
2015-01-29 07:15 . 2015-01-29 07:15        29696        ----a-w-        c:\windows\SysWow64\drivers\de-DE\bfe.dll.mui
2015-01-29 07:15 . 2015-01-29 07:15        16896        ----a-w-        c:\windows\SysWow64\drivers\de-DE\pacer.sys.mui
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-02-04 1465304]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-17 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-17 201584]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-02-15 297280]
"OOTag"="c:\program files (x86)\Acer\OOBEOffer\OOTag.exe" [2010-02-23 13856]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-03-31 1092688]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-11 336384]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-02-18 177448]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys;c:\windows\SYSNATIVE\DRIVERS\mfenlfk.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
S2 McMPFSvc;McAfee Personal Firewall;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-29 13:01        1086280        ----a-w-        c:\program files (x86)\Google\Chrome\Application\40.0.2214.93\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-29 13:00]
.
2015-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-29 13:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-02-22 1796200]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-01-29  16:04:34
ComboFix-quarantined-files.txt  2015-01-29 15:04
.
Vor Suchlauf: 6 Verzeichnis(se), 444.336.652.288 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 444.223.852.544 Bytes frei
.
- - End Of File - - 6549BBB9B9067CAC20DACCBFBA241756
A36C5E4F47E84449FF07ED3517B43A31

schrauber 29.01.2015 17:35
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Cpt_Chandler 29.01.2015 20:14

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by Dominics (administrator) on DOMINICS-PC on 29-01-2015 19:39:44
Running from C:\Users\Dominics\Downloads
Loaded Profiles: Dominics (Available profiles: Dominics)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1796200 2011-02-22] (Acer Incorporated)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1465304 2010-02-04] (McAfee, Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-28] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-02-15] (NTI Corporation)
HKLM-x32\...\Run: [OOTag] => C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1092688 2011-03-31] (Dritek System Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-01-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-02-18] (CyberLink Corp.)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-641145502-1558174140-1403310610-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-641145502-1558174140-1403310610-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-641145502-1558174140-1403310610-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-641145502-1558174140-1403310610-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files\mcafee\msk\mskapbho64.dll ()
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110413235714.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files\mcafee\msk\mskapbho.dll ()
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110413235714.dll (McAfee, Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{B7082FAA-CB62-4872-9106-E42DD88EDE45}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-04-14]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.de/", "hxxp://www.google.com/"
CHR Profile: C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-29]
CHR Extension: (Google Docs) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-29]
CHR Extension: (Google Drive) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-29]
CHR Extension: (OkayFreedom) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\bckipplcmnfhblnpibpbehenelnkpecd [2015-01-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-29]
CHR Extension: (YouTube) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-29]
CHR Extension: (Google-Suche) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-29]
CHR Extension: (Google Tabellen) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-29]
CHR Extension: (SiteAdvisor) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-01-29]
CHR Extension: (AdBlock) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-29]
CHR Extension: (Google Wallet) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-29]
CHR Extension: (Google Mail) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-29]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-01-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [509416 2009-12-31] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199032 2010-01-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [244840 2010-01-06] (McAfee, Inc.)
R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [148520 2010-01-06] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2011-02-15] (NTI Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [62416 2010-01-06] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [121504 2010-01-06] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [189880 2010-01-06] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [440688 2010-01-06] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [528232 2010-01-06] (McAfee, Inc.)
R1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75288 2010-01-06] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [93840 2010-01-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [279752 2010-01-06] (McAfee, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-29 19:39 - 2015-01-29 19:40 - 00016563 _____ () C:\Users\Dominics\Downloads\FRST.txt
2015-01-29 19:39 - 2015-01-29 19:39 - 02130432 _____ (Farbar) C:\Users\Dominics\Downloads\FRST64.exe
2015-01-29 19:39 - 2015-01-29 19:39 - 00000000 ____D () C:\FRST
2015-01-29 19:29 - 2015-01-29 19:29 - 00000711 _____ () C:\Users\Dominics\Desktop\JRT.txt
2015-01-29 19:15 - 2015-01-29 19:21 - 00000000 ____D () C:\Users\Dominics\AppData\Roaming\TS3Client
2015-01-29 19:15 - 2015-01-29 19:15 - 00000971 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-01-29 19:15 - 2015-01-29 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-01-29 19:15 - 2015-01-29 19:15 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2015-01-29 19:14 - 2015-01-29 19:14 - 00000000 ____D () C:\Windows\ERUNT
2015-01-29 19:12 - 2015-01-29 19:12 - 30014480 _____ (TeamSpeak Systems GmbH) C:\Users\Dominics\Downloads\TeamSpeak3-Client-win64-3.0.16.exe
2015-01-29 19:11 - 2015-01-29 19:11 - 00002323 _____ () C:\Users\Dominics\Desktop\AdwCleaner[S0].txt
2015-01-29 19:02 - 2015-01-29 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-29 18:50 - 2015-01-29 18:59 - 00000000 ____D () C:\AdwCleaner
2015-01-29 18:49 - 2015-01-29 18:49 - 00001206 _____ () C:\Users\Dominics\Desktop\MBAM.txt
2015-01-29 17:56 - 2015-01-29 17:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-29 17:56 - 2015-01-29 17:56 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-29 17:56 - 2015-01-29 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-29 17:55 - 2015-01-29 17:56 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-29 17:55 - 2015-01-29 17:55 - 01707939 _____ (Thisisu) C:\Users\Dominics\Downloads\JRT.exe
2015-01-29 17:55 - 2015-01-29 17:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-29 17:55 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-29 17:55 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-29 17:55 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-29 17:54 - 2015-01-29 17:55 - 02194432 _____ () C:\Users\Dominics\Downloads\AdwCleaner_4.109.exe
2015-01-29 17:54 - 2015-01-29 17:54 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Dominics\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-29 16:33 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-01-29 16:33 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-01-29 16:33 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-01-29 16:33 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-01-29 16:33 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-01-29 16:33 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-01-29 16:33 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-01-29 16:33 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-01-29 16:33 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-01-29 16:33 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-01-29 16:33 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-01-29 16:33 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-01-29 16:33 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-01-29 16:33 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-01-29 16:33 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-01-29 16:33 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-01-29 16:33 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-01-29 16:33 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-01-29 16:33 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-01-29 16:33 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-01-29 16:33 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-01-29 16:33 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-01-29 16:33 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-01-29 16:33 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-01-29 16:33 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-01-29 16:33 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-01-29 16:33 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-01-29 16:33 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-01-29 16:33 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-01-29 16:33 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-01-29 16:33 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-01-29 16:33 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-01-29 16:33 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-01-29 16:33 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-01-29 16:33 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-01-29 16:33 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-01-29 16:33 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-01-29 16:33 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-01-29 16:33 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-01-29 16:33 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-01-29 16:33 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-01-29 16:33 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-01-29 16:33 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-01-29 16:33 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-01-29 16:33 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-01-29 16:33 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-01-29 16:33 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-01-29 16:33 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-01-29 16:33 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-01-29 16:33 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-01-29 16:33 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-01-29 16:33 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-01-29 16:33 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-01-29 16:33 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-01-29 16:33 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-01-29 16:33 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-01-29 16:33 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-01-29 16:33 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-01-29 16:33 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-01-29 16:33 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-01-29 16:33 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-01-29 16:33 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-01-29 16:33 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-01-29 16:33 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-01-29 16:33 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-01-29 16:33 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-01-29 16:33 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-01-29 16:33 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-01-29 16:33 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-01-29 16:33 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-01-29 16:33 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-01-29 16:33 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-01-29 16:33 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-01-29 16:33 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-01-29 16:33 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-01-29 16:33 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-01-29 16:33 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-01-29 16:33 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-01-29 16:33 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-01-29 16:33 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-01-29 16:33 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-01-29 16:33 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-01-29 16:33 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-01-29 16:33 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-01-29 16:33 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-01-29 16:33 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-01-29 16:33 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-01-29 16:33 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-01-29 16:33 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-01-29 16:33 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-01-29 16:33 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-01-29 16:33 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-01-29 16:33 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-01-29 16:33 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-01-29 16:33 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-01-29 16:33 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-01-29 16:33 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-01-29 16:33 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-01-29 16:33 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-01-29 16:33 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-01-29 16:33 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-01-29 16:33 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-01-29 16:33 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-01-29 16:33 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-01-29 16:32 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-01-29 16:32 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-01-29 16:32 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-01-29 16:32 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-01-29 16:32 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-01-29 16:32 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-01-29 16:32 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-01-29 16:32 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-01-29 16:32 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-01-29 16:32 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-01-29 16:32 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-01-29 16:32 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-01-29 16:32 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-01-29 16:32 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-01-29 16:32 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-01-29 16:32 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-01-29 16:32 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-01-29 16:32 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-01-29 16:32 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-01-29 16:32 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-01-29 16:32 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-01-29 16:32 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-01-29 16:32 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-01-29 16:32 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-01-29 16:32 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-01-29 16:32 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-01-29 16:32 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-01-29 16:32 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-01-29 16:32 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-01-29 16:32 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-01-29 16:32 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-01-29 16:32 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-01-29 16:32 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-01-29 16:32 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-01-29 16:32 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-01-29 16:32 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-01-29 16:32 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-01-29 16:32 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-01-29 16:32 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-01-29 16:32 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-01-29 16:32 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-01-29 16:32 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-01-29 16:32 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-01-29 16:32 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-01-29 16:32 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-01-29 16:32 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-01-29 16:32 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-01-29 16:32 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-01-29 16:32 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-01-29 16:32 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-01-29 16:32 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-01-29 16:32 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-01-29 16:32 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-01-29 16:32 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-01-29 16:32 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-01-29 16:32 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-01-29 16:32 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-01-29 16:32 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-01-29 16:32 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-01-29 16:32 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-01-29 16:32 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-01-29 16:32 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-01-29 16:32 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-01-29 16:32 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-01-29 16:32 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-01-29 16:32 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-01-29 16:32 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-01-29 16:32 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-01-29 16:32 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-01-29 16:32 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-01-29 16:29 - 2015-01-29 16:33 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-01-29 16:29 - 2015-01-29 16:31 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-01-29 16:29 - 2015-01-29 16:29 - 00000773 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2015-01-29 16:29 - 2015-01-29 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-01-29 16:29 - 2015-01-29 16:29 - 00000000 ____D () C:\Games
2015-01-29 16:28 - 2015-01-29 16:28 - 05994752 _____ (Wargaming.net ) C:\Users\Dominics\Downloads\WoT_internet_install_eu.exe
2015-01-29 16:04 - 2015-01-29 16:04 - 00020304 _____ () C:\ComboFix.txt
2015-01-29 14:23 - 2015-01-29 14:23 - 05610841 ____R (Swearware) C:\Users\Dominics\Downloads\ComboFix.exe
2015-01-29 14:20 - 2015-01-29 14:20 - 00001268 _____ () C:\Users\Dominics\Desktop\Revo Uninstaller.lnk
2015-01-29 14:20 - 2015-01-29 14:20 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-29 14:19 - 2015-01-29 14:19 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Dominics\Downloads\revosetup95.exe
2015-01-29 14:01 - 2015-01-29 19:08 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-29 14:01 - 2015-01-29 19:06 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-29 14:01 - 2015-01-29 14:01 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-29 14:01 - 2015-01-29 14:01 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-29 14:01 - 2015-01-29 14:01 - 00002251 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-29 14:01 - 2015-01-29 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-29 14:00 - 2015-01-29 14:02 - 00000000 ____D () C:\Users\Dominics\AppData\Local\Google
2015-01-29 14:00 - 2015-01-29 14:01 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-29 13:35 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-29 13:35 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-29 13:35 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-29 13:35 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-29 13:35 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-29 13:35 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-29 13:35 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-29 13:35 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-29 13:33 - 2015-01-29 16:04 - 00000000 ____D () C:\Qoobox
2015-01-29 13:32 - 2015-01-29 16:01 - 00000000 ____D () C:\Windows\erdnt
2015-01-29 13:30 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-29 13:30 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-29 13:30 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-01-29 13:30 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-01-29 13:30 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-01-29 13:30 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-01-29 13:30 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-01-29 13:30 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-29 13:30 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-01-29 13:30 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-01-29 13:29 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-01-29 13:29 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-01-29 13:29 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-01-29 13:29 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-01-29 08:18 - 2015-01-29 18:48 - 00643866 _____ () C:\Windows\system32\perfh007.dat
2015-01-29 08:18 - 2015-01-29 18:48 - 00126394 _____ () C:\Windows\system32\perfc007.dat
2015-01-29 08:18 - 2015-01-29 08:17 - 00295922 _____ () C:\Windows\system32\perfi007.dat
2015-01-29 08:18 - 2015-01-29 08:17 - 00038104 _____ () C:\Windows\system32\perfd007.dat
2015-01-29 08:17 - 2015-01-29 08:17 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2015-01-29 08:17 - 2015-01-29 08:17 - 00000000 ____D () C:\Windows\SysWOW64\de
2015-01-29 08:17 - 2015-01-29 08:17 - 00000000 ____D () C:\Windows\SysWOW64\0407
2015-01-29 08:17 - 2015-01-29 08:17 - 00000000 ____D () C:\Windows\system32\de
2015-01-29 08:17 - 2015-01-29 08:17 - 00000000 ____D () C:\Windows\system32\0407
2015-01-29 08:08 - 2015-01-29 08:08 - 00000000 ____D () C:\Windows\NAPP_Dism_Log
2015-01-29 00:44 - 2015-01-29 00:44 - 00002490 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-01-29 00:37 - 2015-01-29 00:37 - 17773056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 12268544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 10884096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 09702400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-01-29 00:37 - 2015-01-29 00:37 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-01-29 00:37 - 2015-01-29 00:37 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-01-29 00:37 - 2015-01-29 00:37 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-29 00:37 - 2015-01-29 00:37 - 02303488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 02136064 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 01797632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 01785344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 01492992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-29 00:37 - 2015-01-29 00:37 - 01427456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-01-29 00:37 - 2015-01-29 00:37 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 01344000 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 01126912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 01102336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00818176 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00716800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00580608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-01-29 00:37 - 2015-01-29 00:37 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-01-29 00:37 - 2015-01-29 00:37 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-29 00:37 - 2015-01-29 00:37 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-01-29 00:37 - 2015-01-29 00:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-01-29 00:37 - 2015-01-29 00:37 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-01-29 00:37 - 2015-01-29 00:37 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-01-29 00:37 - 2015-01-29 00:37 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-29 00:37 - 2015-01-29 00:37 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-01-29 00:37 - 2015-01-29 00:37 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-01-29 00:37 - 2015-01-29 00:37 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-29 00:37 - 2015-01-29 00:37 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-01-29 00:37 - 2015-01-29 00:37 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-01-29 00:37 - 2015-01-29 00:37 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-01-29 00:37 - 2015-01-29 00:37 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2015-01-29 00:37 - 2015-01-29 00:37 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-01-29 00:37 - 2015-01-29 00:37 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-01-29 00:37 - 2015-01-29 00:37 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-01-29 00:37 - 2015-01-29 00:37 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-01-29 00:37 - 2015-01-29 00:37 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-01-29 00:37 - 2015-01-29 00:37 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-01-29 00:35 - 2015-01-29 00:39 - 00003861 _____ () C:\Windows\IE9_main.log
2015-01-29 00:28 - 2015-01-29 00:31 - 00000000 ____D () C:\ProgramData\CLSK
2015-01-29 00:28 - 2015-01-29 00:28 - 00003424 _____ () C:\Windows\System32\Tasks\clear.fi
2015-01-29 00:28 - 2015-01-29 00:28 - 00003372 _____ () C:\Windows\System32\Tasks\DMREngine
2015-01-29 00:28 - 2015-01-29 00:28 - 00003354 _____ () C:\Windows\System32\Tasks\clear.fiAgent
2015-01-29 00:28 - 2015-01-29 00:28 - 00002171 _____ () C:\Users\Public\Desktop\clear.fi.lnk
2015-01-29 00:28 - 2015-01-29 00:28 - 00000000 ____D () C:\Users\Dominics\AppData\Roaming\CyberLink
2015-01-29 00:28 - 2015-01-29 00:28 - 00000000 ____D () C:\Users\Dominics\AppData\Local\PowerCinema
2015-01-29 00:25 - 2015-01-29 00:31 - 00000000 ____D () C:\Users\Dominics\AppData\Local\Cyberlink
2015-01-29 00:25 - 2015-01-29 00:25 - 00000000 ____D () C:\Program Files (x86)\Cyberlink
2015-01-29 00:23 - 2015-01-29 00:31 - 00000000 ____D () C:\ProgramData\CyberLink
2015-01-29 00:22 - 2015-01-29 00:32 - 00000000 ____D () C:\ProgramData\Temp
2015-01-29 00:22 - 2015-01-29 00:31 - 00015134 _____ () C:\ProgramData\ArcadeDeluxe5.log
2015-01-29 00:19 - 2015-01-29 00:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clear.fi
2015-01-29 00:19 - 2015-01-29 00:19 - 00000000 ____D () C:\Users\Dominics\AppData\Local\Acer
2015-01-29 00:18 - 2015-01-29 00:18 - 00000000 ____D () C:\ProgramData\NTI Launcher
2015-01-29 00:18 - 2015-01-29 00:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
2015-01-29 00:15 - 2015-01-29 00:15 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-01-29 00:14 - 2015-01-29 00:14 - 00002435 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
2015-01-29 00:14 - 2015-01-29 00:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-29 00:11 - 2015-01-29 00:11 - 00000000 ____D () C:\ProgramData\Atheros
2015-01-29 00:10 - 2015-01-29 00:10 - 00000000 _____ () C:\Windows\ativpsrm.bin
2015-01-29 00:08 - 2015-01-29 00:08 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_btath_hcrp_01009.Wdf
2015-01-29 00:06 - 2015-01-29 00:06 - 00000000 ___RD () C:\Users\Dominics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-01-29 00:06 - 2015-01-29 00:06 - 00000000 ____D () C:\Users\Dominics\Documents\Bluetooth Folder
2015-01-29 00:05 - 2015-01-29 00:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2015-01-29 00:05 - 2015-01-29 00:06 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite
2015-01-29 00:03 - 2015-01-29 00:03 - 00000000 ____D () C:\Program Files\CONEXANT
2015-01-29 00:03 - 2010-12-17 00:18 - 00198784 ____N (Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
2015-01-29 00:00 - 2015-01-29 00:00 - 00004786 _____ () C:\Windows\DPINST.LOG
2015-01-29 00:00 - 2015-01-29 00:00 - 00000000 ____D () C:\Program Files\Elantech
2015-01-28 23:59 - 2015-01-28 23:59 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-01-28 23:59 - 2010-11-28 04:50 - 00044672 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2015-01-28 23:58 - 2015-01-28 23:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2015-01-28 23:56 - 2015-01-28 23:58 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-01-28 23:56 - 2015-01-28 23:56 - 00000000 ____D () C:\Program Files\ATI
2015-01-28 23:55 - 2015-01-28 23:55 - 00000184 _____ () C:\Windows\LMv4.UNI
2015-01-28 23:54 - 2015-01-29 00:09 - 00000168 _____ () C:\Windows\Driver_install.log
2015-01-28 23:54 - 2015-01-28 23:55 - 00000000 ____D () C:\Program Files (x86)\Launch Manager
2015-01-28 23:43 - 2015-01-28 23:43 - 00000000 ____D () C:\Users\Dominics\AppData\Local\EgisTec IPS
2015-01-28 23:42 - 2015-01-29 07:55 - 00001443 _____ () C:\Users\Dominics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-28 23:42 - 2015-01-29 07:55 - 00001409 _____ () C:\Users\Dominics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-01-28 23:42 - 2015-01-29 00:11 - 00059968 _____ () C:\Users\Dominics\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Dominics\Vorlagen
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Dominics\Startmenü
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Dominics\Netzwerkumgebung
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Dominics\Lokale Einstellungen
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Dominics\Eigene Dateien
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Dominics\Druckumgebung
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Dominics\Documents\Eigene Musik
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Dominics\Documents\Eigene Bilder
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Dominics\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Dominics\AppData\Local\Verlauf
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Dominics\AppData\Local\Anwendungsdaten
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Dominics\Anwendungsdaten
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Programme
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\ProgramData\Favoriten
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 ____D () C:\Users\Dominics\AppData\Local\VirtualStore
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 ____D () C:\Users\Dominics
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 ____D () C:\Recovery
2015-01-28 23:42 - 2015-01-28 23:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection
2015-01-28 23:42 - 2011-04-14 08:35 - 00000000 ____D () C:\Users\Dominics\AppData\Roaming\Macromedia
2015-01-28 23:42 - 2011-04-14 08:35 - 00000000 ____D () C:\Users\Dominics\AppData\Roaming\Adobe
2015-01-28 23:42 - 2011-04-14 08:35 - 00000000 ____D () C:\Users\Dominics\AppData\Local\Adobe
2015-01-28 23:42 - 2011-04-14 08:31 - 00000000 ____D () C:\Users\Dominics\AppData\Local\Downloaded Installations
2015-01-28 23:42 - 2011-04-14 08:01 - 00000000 ____D () C:\Users\Dominics\AppData\Local\Windows Live
2015-01-28 23:42 - 2010-11-21 03:50 - 00000020 ___SH () C:\Users\Dominics\ntuser.ini
2015-01-28 23:42 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Dominics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-28 23:42 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Dominics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-28 23:31 - 2015-01-28 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2015-01-28 23:31 - 2015-01-28 23:31 - 00000000 ____D () C:\ProgramData\EgisTec
2015-01-28 23:31 - 2015-01-28 23:31 - 00000000 ____D () C:\book
2015-01-28 23:27 - 2015-01-29 19:40 - 01185686 _____ () C:\Windows\WindowsUpdate.log
2015-01-28 23:27 - 2011-04-14 08:40 - 00059968 _____ () C:\Users\Default\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-28 23:27 - 2011-04-14 08:40 - 00059968 _____ () C:\Users\Default User\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-28 23:27 - 2011-04-14 08:35 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-28 23:27 - 2011-04-14 08:35 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe
2015-01-28 23:27 - 2011-04-14 08:35 - 00000000 ____D () C:\Users\Default\AppData\Local\Adobe
2015-01-28 23:27 - 2011-04-14 08:35 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-28 23:27 - 2011-04-14 08:35 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe
2015-01-28 23:27 - 2011-04-14 08:35 - 00000000 ____D () C:\Users\Default User\AppData\Local\Adobe
2015-01-28 23:27 - 2011-04-14 08:31 - 00000000 ____D () C:\Users\Default\AppData\Local\Downloaded Installations
2015-01-28 23:27 - 2011-04-14 08:31 - 00000000 ____D () C:\Users\Default User\AppData\Local\Downloaded Installations
2015-01-28 23:27 - 2011-04-14 08:01 - 00000000 ____D () C:\Users\Default\AppData\Local\Windows Live
2015-01-28 23:27 - 2011-04-14 08:01 - 00000000 ____D () C:\Users\Default User\AppData\Local\Windows Live
2015-01-28 23:27 - 2010-11-21 03:51 - 00001449 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-28 23:27 - 2010-11-21 03:51 - 00001449 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-28 23:27 - 2010-11-21 03:51 - 00001415 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-01-28 23:27 - 2010-11-21 03:51 - 00001415 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-01-28 23:27 - 2010-11-21 03:50 - 00000020 ___SH () C:\Users\Default\ntuser.ini

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-29 19:08 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-29 19:08 - 2009-07-14 05:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-29 19:02 - 2011-04-14 07:58 - 00001832 _____ () C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
2015-01-29 19:00 - 2010-11-21 04:47 - 00007580 _____ () C:\Windows\PFRO.log
2015-01-29 19:00 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-29 19:00 - 2009-07-14 05:51 - 00038152 _____ () C:\Windows\setupact.log
2015-01-29 18:48 - 2009-07-14 06:13 - 01472002 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-29 16:33 - 2011-04-14 08:01 - 00010506 _____ () C:\Windows\DirectX.log
2015-01-29 16:04 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-01-29 16:00 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-01-29 13:30 - 2011-04-14 07:56 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-29 08:21 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-01-29 08:21 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-01-29 08:21 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2015-01-29 08:21 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-01-29 08:21 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\system32\winrm
2015-01-29 08:21 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\system32\WCN
2015-01-29 08:21 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\system32\slmgr
2015-01-29 08:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-01-29 08:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-01-29 08:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\MUI
2015-01-29 08:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-01-29 08:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2015-01-29 08:17 - 2010-11-21 08:17 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-29 08:17 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-01-29 08:17 - 2010-11-21 08:06 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-01-29 08:17 - 2009-07-14 06:37 - 00000000 ____D () C:\Windows\DigitalLocker
2015-01-29 08:17 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-01-29 08:17 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-01-29 08:17 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-01-29 08:17 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-29 08:17 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-01-29 08:17 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2015-01-29 08:17 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-01-29 08:17 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-29 08:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2015-01-29 08:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-01-29 08:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-01-29 08:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2015-01-29 08:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup
2015-01-29 08:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe
2015-01-29 08:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\migwiz
2015-01-29 08:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\com
2015-01-29 08:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\IME
2015-01-29 08:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-29 08:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-01-29 08:05 - 2011-04-14 08:32 - 00005172 _____ () C:\Windows\patch.log
2015-01-29 08:05 - 2009-07-14 06:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-01-29 08:05 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-01-29 07:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2015-01-29 00:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-01-29 00:44 - 2011-04-14 08:06 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2015-01-29 00:40 - 2011-04-14 08:13 - 00000000 ____D () C:\OEM
2015-01-29 00:39 - 2011-04-14 07:56 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-29 00:34 - 2011-04-14 08:33 - 00000000 ____D () C:\ProgramData\oem
2015-01-29 00:34 - 2011-04-14 08:00 - 00000000 ____D () C:\Program Files\Acer
2015-01-29 00:34 - 2011-04-14 07:36 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-29 00:33 - 2011-04-14 07:59 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-01-29 00:16 - 2011-04-14 08:36 - 00000000 ____D () C:\Program Files (x86)\NTI
2015-01-29 00:13 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore
2015-01-29 00:07 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-29 00:06 - 2011-03-13 10:53 - 00246804 _____ () C:\Windows\system32\Drivers\AtherosBt.bin
2015-01-28 23:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-28 23:44 - 2011-02-12 04:43 - 00000000 ____D () C:\Windows\DeployWinRE2
2015-01-28 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Recovery
2015-01-28 23:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-28 23:31 - 2011-04-14 08:30 - 00000000 ____D () C:\ProgramData\EgisTec IPS
2015-01-28 23:31 - 2009-07-14 05:46 - 00004059 _____ () C:\Windows\DtcInstall.log
2015-01-28 23:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-01-28 23:31 - 2007-07-12 02:49 - 00000000 ____D () C:\Windows\Panther
2015-01-28 23:30 - 2011-04-14 08:34 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-28 23:30 - 2011-04-14 08:34 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-28 23:26 - 2011-04-14 07:23 - 00003652 _____ () C:\Windows\TSSysprep.log
2015-01-28 23:25 - 2009-07-14 05:45 - 00283104 _____ () C:\Windows\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2015-01-29 00:22 - 2015-01-29 00:31 - 0015134 _____ () C:\ProgramData\ArcadeDeluxe5.log
2011-04-14 07:41 - 2010-03-02 22:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe

Some content of TEMP:
====================
C:\Users\Dominics\AppData\Local\Temp\Quarantine.exe
C:\Users\Dominics\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-29 08:08

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-01-2015
Ran by Dominics at 2015-01-29 19:42:01
Running from C:\Users\Dominics\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee VirusScan (Enabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Personal Firewall (Enabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1912 Titanic Mystery (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117897550}) (Version:  - Oberon Media)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.85 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1523 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1523 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3006 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{C97623E2-0614-4845-B199-8E8BEC8E131C}_is1) (Version: 6.1.0.40497 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3004 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0707.2010 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.2.153.1 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{4292776A-4F23-E108-83B2-2C27398E8BCF}) (Version: 3.0.804.0 - ATI Technologies, Inc.)
Backup Manager V3 (x32 Version: 3.0.0.85 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110265407}) (Version:  - Oberon Media)
Belles Beauty Boutique (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112623650}) (Version:  - Oberon Media)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
ccc-core-static (x32 Version: 2011.0111.1350.24756 - Ihr Firmenname) Hidden
Chicken Invaders 3 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}) (Version:  - Oberon Media)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1422.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1422.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7418 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3008 - Acer Incorporated)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.41.1.51 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Farm Frenzy 3 Ice Age (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118399487}) (Version:  - Oberon Media)
Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version:  - Oberon Media)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.5 - Acer Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 10.0.570 - McAfee, Inc.)
MediaEspresso (x32 Version: 1.0.1418_35759 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8942 - NTI Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shredder (Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Sprill and Ritchie (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117932650}) (Version:  - Oberon Media)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
World of Goo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}) (Version:  - Oberon Media)
World of Tanks (HKU\S-1-5-21-641145502-1558174140-1403310610-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

29-01-2015 00:13:59 Microsoft Office 2010 wird installiert
29-01-2015 00:15:17 Installed NTI Media Maker 9
29-01-2015 00:19:13 Installiert clear.fi Client
29-01-2015 00:22:41 Installiert Suite
29-01-2015 00:31:48 Installiert Vedio WebCam
29-01-2015 00:34:24 Installiert Acer ePower Management
29-01-2015 00:36:04 Windows Modules Installer
29-01-2015 00:41:54 Windows Live Essentials
29-01-2015 00:42:32 DirectX wurde installiert
29-01-2015 00:43:10 DirectX wurde installiert
29-01-2015 00:43:40 WLSetup
29-01-2015 00:49:13 Installed Microsoft Fix it 50402
29-01-2015 13:28:33 Windows Update
29-01-2015 16:31:45 DirectX wurde installiert

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-01-29 16:00 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {283F76BE-FBB5-4C81-B4DF-3F951EC1D5AE} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-02-22] (Acer Incorporated)
Task: {2951F63D-77EE-480E-A417-64B116D25FA6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-29] (Google Inc.)
Task: {36DC30DB-7555-4B43-AB50-2C91A3A9A3B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-29] (Google Inc.)
Task: {84E7FA3D-3E9E-431F-AC5E-F8A03506F7AC} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-02-22] (CyberLink)
Task: {C160B9AB-D192-4110-A50B-AD6CC265A124} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-02-22] (CyberLink Corp.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-02-15 19:37 - 2011-02-15 19:37 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-02-15 19:36 - 2011-02-15 19:36 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-02-15 19:37 - 2011-02-15 19:37 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2011-02-22 10:01 - 2011-02-22 10:01 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2015-01-29 14:01 - 2015-01-25 22:08 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-29 14:01 - 2015-01-25 22:08 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
2015-01-29 14:01 - 2015-01-25 22:08 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-641145502-1558174140-1403310610-500 - Administrator - Disabled)
Dominics (S-1-5-21-641145502-1558174140-1403310610-1000 - Administrator - Enabled) => C:\Users\Dominics
Gast (S-1-5-21-641145502-1558174140-1403310610-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-01-29 15:59:03.271
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-29 15:59:03.253
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: AMD E-350 Processor
Percentage of memory in use: 56%
Total physical RAM: 3818.9 MB
Available physical RAM: 1653.71 MB
Total Pagefile: 7636 MB
Available Pagefile: 5411.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:387.65 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9F43E1C3)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 29.01.2015
Suchlauf-Zeit: 17:56:38
Logdatei: MBAM.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.29.08
Rootkit Datenbank: v2015.01.14.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Dominics

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 341162
Verstrichene Zeit: 22 Min, 29 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Dominics on 29.01.2015 at 19:14:15,62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Dominics\AppData\Roaming\getrighttogo"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.01.2015 at 19:29:57,03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
# AdwCleaner v4.109 - Bericht erstellt am 29/01/2015 um 18:59:11
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-26.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Dominics - DOMINICS-PC
# Gestartet von : C:\Users\Dominics\Downloads\AdwCleaner_4.109.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16421


-\\ Google Chrome v40.0.2214.93

[C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sm.de/?q={searchTerms}&s=Suche
[C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://de.ask.com/web?q={searchTerms}
[C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.plusnetwork.com/?sp=caddr&q={searchTerms}

*************************

AdwCleaner[R0].txt - [2262 octets] - [29/01/2015 18:54:59]
AdwCleaner[S0].txt - [2183 octets] - [29/01/2015 18:59:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2243 octets] ##########

schrauber 30.01.2015 07:59

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Cpt_Chandler 30.01.2015 21:29
Hallo schrauber ich habe derweil keine Probleme mehr dennoch eine Frage. Ich habe eine Externe Festplatte ich möchte diese anschließen bin mir aber nicht sicher ob von der Externen Festplatte evtl. das problem entstanden ist? Kann ich dies Irgendwie überprüfen.

schrauber 31.01.2015 11:44
Drück einfach die Shift Taste und halte sie gedrückt beim Anschliessen, dann ist der Autostart aus. Dann den Onlinescan :)

Cpt_Chandler 01.02.2015 16:03
Ich danke dir schrauber fuer die Hilfe

schrauber 01.02.2015 19:23
Die Logs von oben wären noch cool, damit wir auch wirklich fertig sind :)

Cpt_Chandler 05.02.2015 17:12
Code:
Results of screen317's Security Check version 0.99.95 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
McAfee VirusScan 
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 McAfee SiteAdvisor   
 Adobe Flash Player 10 Flash Player out of Date!
  Java 64-bit 8 Update 31 
 Adobe Reader 9 Adobe Reader out of Date!
 Google Chrome (40.0.2214.93)
 Google Chrome (40.0.2214.94)
````````Process Check: objlist.exe by Laurent```````` 
 Symantec Norton Online Backup NOBuAgent.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=8c03c7b0825849458ef71fcbda1755b5
# engine=22323
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-05 02:27:59
# local_time=2015-02-05 03:27:59 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='McAfee Anti-Virus and Anti-Spyware'
# compatibility_mode=5122 16777213 100 76 661273 162254021 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 526250 174776329 0 0
# scanned=209158
# found=0
# cleaned=0
# scan_time=5953
[CODE]
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2015 01
Ran by Dominics (administrator) on DOMINICS-PC on 05-02-2015 17:02:01
Running from C:\Users\Dominics\Downloads
Loaded Profiles: Dominics (Available profiles: Dominics)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\mcsvrcnt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1796200 2011-02-22] (Acer Incorporated)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1465304 2010-02-04] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [OOTag] => C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft)
HKU\S-1-5-21-641145502-1558174140-1403310610-1000\...\Run: [GoogleChromeAutoLaunch_A6501692266DAF39B593A6CAFC148487] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-01-27] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-641145502-1558174140-1403310610-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-641145502-1558174140-1403310610-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-641145502-1558174140-1403310610-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startfenster.de
URLSearchHook: HKU\S-1-5-21-641145502-1558174140-1403310610-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-641145502-1558174140-1403310610-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM -> DefaultScope {B27D2AB3-F26C-444C-9AA2-99ECA1A7F776} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {B27D2AB3-F26C-444C-9AA2-99ECA1A7F776} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-641145502-1558174140-1403310610-1000 -> DefaultScope {B27D2AB3-F26C-444C-9AA2-99ECA1A7F776} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-641145502-1558174140-1403310610-1000 -> {B27D2AB3-F26C-444C-9AA2-99ECA1A7F776} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files\mcafee\msk\mskapbho64.dll ()
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110413235714.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files\mcafee\msk\mskapbho.dll ()
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110413235714.dll (McAfee, Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-04-14]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.de/", "hxxp://www.google.com/"
CHR Profile: C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-29]
CHR Extension: (Google Docs) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-29]
CHR Extension: (Google Drive) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-29]
CHR Extension: (OkayFreedom) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\bckipplcmnfhblnpibpbehenelnkpecd [2015-01-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-29]
CHR Extension: (YouTube) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-29]
CHR Extension: (Google-Suche) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-29]
CHR Extension: (Google Tabellen) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-29]
CHR Extension: (SiteAdvisor) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-01-29]
CHR Extension: (AdBlock) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-29]
CHR Extension: (Google Wallet) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-29]
CHR Extension: (Google Mail) - C:\Users\Dominics\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-29]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-04]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-02-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 0223641423140085mcinstcleanup; C:\Windows\TEMP\022364~1.EXE [827456 2012-01-09] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [140424 2014-04-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [509416 2009-12-31] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199032 2010-01-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [244840 2010-01-06] (McAfee, Inc.)
R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [148520 2010-01-06] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2009-12-15] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2011-02-15] (NTI Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [62416 2010-01-06] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [121504 2010-01-06] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [189880 2010-01-06] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [440688 2010-01-06] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [528232 2010-01-06] (McAfee, Inc.)
R1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75288 2010-01-06] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [93840 2010-01-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [279752 2010-01-06] (McAfee, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-05 17:01 - 2015-02-05 17:01 - 00000000 ____D () C:\Users\Dominics\Downloads\FRST-OlderVersion
2015-02-05 13:40 - 2015-02-05 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-02-04 15:57 - 2015-02-04 15:57 - 00000794 _____ () C:\Users\Public\Desktop\World of Tanks - Common Test.lnk
2015-02-04 15:57 - 2015-02-04 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks - Common Test
2015-02-04 15:54 - 2015-02-04 15:54 - 04687863 _____ (Wargaming.net ) C:\Users\Dominics\Downloads\WoT_internet_install_ct.exe
2015-02-04 15:54 - 2015-02-04 15:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-01 20:53 - 2015-02-01 20:53 - 00852573 _____ () C:\Users\Dominics\Downloads\SecurityCheck.exe
2015-02-01 20:52 - 2015-02-01 20:53 - 02347384 _____ (ESET) C:\Users\Dominics\Downloads\esetsmartinstaller_deu.exe
2015-02-01 12:25 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-01 12:25 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-01-31 13:15 - 2015-01-31 13:15 - 00000000 ____D () C:\aea97f49b816b94d8cc1eb467424a6
2015-01-31 11:34 - 2015-01-31 11:35 - 00000000 ____D () C:\Users\Dominics\AppData\Roaming\vlc
2015-01-31 11:33 - 2015-01-31 11:33 - 00000875 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-01-31 11:33 - 2015-01-31 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-01-31 11:33 - 2015-01-31 11:33 - 00000000 ____D () C:\Program Files\VideoLAN
2015-01-31 11:32 - 2015-01-31 11:32 - 00001196 _____ () C:\Users\Dominics\Desktop\Startfenster.lnk
2015-01-31 11:32 - 2015-01-31 11:32 - 00001196 _____ () C:\Users\Dominics\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
2015-01-31 11:32 - 2015-01-31 11:32 - 00000000 ____D () C:\Program Files (x86)\Startfenster
2015-01-31 11:25 - 2015-01-31 11:25 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-01-31 11:04 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-01-31 11:04 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-01-30 23:33 - 2015-01-30 23:33 - 00394754 _____ () C:\Users\Dominics\Downloads\soundboard-1.0b5-win64.ts3_plugin
2015-01-30 14:00 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-01-30 14:00 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-01-30 14:00 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-01-30 14:00 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-01-30 14:00 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-01-30 14:00 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-01-30 14:00 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-01-30 14:00 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-01-30 14:00 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-01-30 14:00 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-01-30 14:00 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-01-30 14:00 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2015-01-30 14:00 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2015-01-30 14:00 - 2014-06-24 04:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-01-30 14:00 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-01-30 14:00 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-01-30 14:00 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-01-30 14:00 - 2011-02-25 07:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-01-30 14:00 - 2011-02-25 06:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-01-30 13:59 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-01-30 13:59 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-01-30 13:59 - 2012-07-06 21:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-01-30 13:59 - 2011-04-28 04:54 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-01-30 13:59 - 2011-03-11 07:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2015-01-30 13:59 - 2011-03-11 07:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2015-01-30 13:59 - 2011-03-11 07:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2015-01-30 13:59 - 2011-03-11 07:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2015-01-30 13:59 - 2011-03-11 07:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2015-01-30 13:59 - 2011-03-11 07:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-01-30 13:59 - 2011-03-11 07:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2015-01-30 13:59 - 2011-03-11 06:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-01-30 13:59 - 2011-03-11 06:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2015-01-30 13:59 - 2011-03-11 05:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-01-30 13:50 - 2012-02-11 07:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-01-30 13:50 - 2012-02-11 07:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-01-30 13:44 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-01-30 13:44 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-01-30 13:44 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-01-30 13:44 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-01-30 13:44 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-01-30 13:44 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-01-30 13:43 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-01-30 13:43 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-01-30 13:42 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-30 13:42 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-01-30 13:17 - 2015-01-30 13:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-30 13:17 - 2015-01-30 13:17 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-30 02:47 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-01-30 02:47 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-01-30 02:47 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-01-30 02:47 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-01-30 02:06 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-01-30 01:46 - 2015-01-30 01:46 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-01-30 01:46 - 2015-01-30 01:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-30 01:46 - 2015-01-30 01:46 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-30 01:46 - 2015-01-30 01:46 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-01-30 01:46 - 2015-01-30 01:46 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-30 01:46 - 2015-01-30 01:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-01-30 01:46 - 2015-01-30 01:46 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-01-30 01:46 - 2015-01-30 01:46 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-01-30 01:46 - 2015-01-30 01:46 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-01-30 01:46 - 2015-01-30 01:46 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-01-30 01:46 - 2015-01-30 01:46 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-01-30 01:46 - 2015-01-30 01:46 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-01-30 01:46 - 2015-01-30 01:46 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-01-30 01:46 - 2015-01-30 01:46 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-30 01:46 - 2015-01-30 01:46 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-01-30 01:46 - 2015-01-30 01:46 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-01-30 01:46 - 2015-01-30 01:46 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-01-30 01:46 - 2015-01-30 01:46 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-01-30 01:46 - 2015-01-30 01:46 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-01-30 01:46 - 2015-01-30 01:46 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-01-30 01:46 - 2015-01-30 01:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-01-30 01:46 - 2015-01-30 01:46 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-01-30 01:46 - 2015-01-30 01:46 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-01-30 01:46 - 2015-01-30 01:46 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-01-30 01:46 - 2015-01-30 01:46 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-01-30 01:46 - 2015-01-30 01:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-01-30 01:31 - 2015-01-30 01:31 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-01-30 01:27 - 2015-01-30 02:07 - 00016242 _____ () C:\Windows\IE11_main.log
2015-01-29 23:32 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-29 23:32 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-01-29 23:32 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-29 23:32 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-29 23:32 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-29 23:32 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-29 23:32 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-01-29 23:32 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-01-29 23:32 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-01-29 23:32 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-01-29 23:28 - 2012-07-26 04:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-01-29 23:28 - 2012-07-26 04:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-01-29 23:28 - 2012-07-26 04:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-01-29 23:28 - 2012-07-26 04:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-01-29 23:28 - 2012-07-26 04:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-01-29 23:28 - 2012-07-26 03:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-01-29 23:28 - 2012-07-26 03:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-01-29 23:28 - 2012-06-02 15:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-01-29 23:12 - 2012-03-01 07:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-01-29 23:12 - 2012-03-01 07:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-01-29 23:12 - 2012-03-01 06:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2015-01-29 23:01 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-01-29 23:01 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-01-29 23:01 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-01-29 23:01 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-01-29 23:01 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-01-29 23:01 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-01-29 23:00 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-01-29 23:00 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-01-29 20:39 - 2011-04-09 07:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-01-29 20:39 - 2011-04-09 06:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-01-29 20:38 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-29 20:38 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-01-29 20:38 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-01-29 20:38 - 2011-11-17 07:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2015-01-29 20:38 - 2011-11-17 06:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2015-01-29 20:38 - 2011-06-16 06:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2015-01-29 20:38 - 2011-06-16 05:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2015-01-29 20:37 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-01-29 20:37 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-01-29 20:37 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-01-29 20:37 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-01-29 20:37 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-01-29 20:37 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-01-29 20:37 - 2012-10-09 19:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-01-29 20:37 - 2012-10-09 19:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-01-29 20:37 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2015-01-29 20:37 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2015-01-29 20:37 - 2011-06-15 11:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2015-01-29 20:37 - 2011-06-15 11:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2015-01-29 20:37 - 2011-06-15 11:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2015-01-29 20:37 - 2011-06-15 11:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2015-01-29 20:37 - 2011-06-15 09:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2015-01-29 20:37 - 2011-06-15 09:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2015-01-29 20:37 - 2011-06-15 09:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2015-01-29 20:37 - 2011-06-15 09:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2015-01-29 20:37 - 2011-06-15 09:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2015-01-29 20:36 - 2013-07-09 06:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-01-29 20:36 - 2013-07-09 06:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-01-29 20:36 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-01-29 20:36 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-01-29 20:36 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-01-29 20:36 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-01-29 20:34 - 2012-01-04 11:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-01-29 20:34 - 2012-01-04 09:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2015-01-29 20:34 - 2011-10-26 06:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-01-29 20:34 - 2011-10-26 05:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-01-29 20:33 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-29 20:33 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-01-29 20:33 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-01-29 20:33 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-01-29 20:33 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-01-29 20:33 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-01-29 20:33 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-01-29 20:33 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-01-29 20:33 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-01-29 20:33 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-01-29 20:33 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-01-29 20:33 - 2011-07-09 03:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-01-29 20:33 - 2011-05-04 06:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-01-29 20:33 - 2011-05-04 06:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-01-29 20:33 - 2011-05-04 06:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-01-29 20:33 - 2011-05-04 06:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-01-29 20:33 - 2011-05-04 06:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-01-29 20:33 - 2011-05-04 06:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-01-29 20:33 - 2011-05-04 06:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-01-29 20:33 - 2011-05-04 06:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-01-29 20:33 - 2011-05-04 06:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-01-29 20:33 - 2011-05-04 05:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-01-29 20:33 - 2011-05-04 05:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-01-29 20:33 - 2011-05-04 05:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-01-29 20:33 - 2011-05-04 05:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-01-29 20:33 - 2011-05-04 05:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-01-29 20:33 - 2011-05-04 05:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2015-01-29 20:33 - 2011-05-04 05:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-01-29 20:33 - 2011-05-04 05:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-01-29 20:33 - 2011-05-04 05:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-01-29 20:33 - 2011-04-27 03:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-01-29 20:33 - 2011-04-27 03:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-01-29 20:28 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-29 20:28 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-29 20:27 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-29 20:27 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-01-29 20:27 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-01-29 20:27 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-01-29 20:27 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-01-29 20:26 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-01-29 20:26 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-01-29 20:26 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-01-29 20:26 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-01-29 20:26 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-01-29 20:26 - 2011-12-30 07:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-01-29 20:26 - 2011-12-30 06:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2015-01-29 20:25 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-29 20:25 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-29 20:25 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-29 20:25 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-29 20:25 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-01-29 20:25 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-01-29 20:25 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-01-29 20:25 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-01-29 20:25 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-01-29 20:25 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-01-29 20:25 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-01-29 20:25 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-01-29 20:25 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-01-29 20:25 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-01-29 20:25 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-01-29 20:25 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-01-29 20:25 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-01-29 20:25 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-01-29 20:25 - 2013-04-01 07:03 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_AuthenticAMD.dll
2015-01-29 20:24 - 2011-03-11 07:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-01-29 20:24 - 2011-03-11 07:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-01-29 20:24 - 2011-03-11 06:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-01-29 20:24 - 2011-03-11 06:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-01-29 20:23 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-01-29 20:23 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-01-29 20:23 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-01-29 20:23 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-01-29 20:23 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-01-29 20:22 - 2015-01-29 20:22 - 00000000 ____D () C:\Users\Dominics\AppData\Roaming\Wargaming.net
2015-01-29 20:22 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-29 20:22 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-01-29 20:22 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-01-29 20:22 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-01-29 20:22 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-01-29 20:22 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-01-29 20:22 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-01-29 20:22 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-01-29 20:22 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-01-29 20:22 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-01-29 20:22 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-01-29 20:22 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-01-29 20:22 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-01-29 20:22 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-01-29 20:22 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-01-29 20:22 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2015-01-29 20:22 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-01-29 20:22 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-01-29 20:22 - 2012-08-22 19:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-01-29 20:22 - 2012-07-04 21:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-01-29 20:21 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-01-29 20:21 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-01-29 20:21 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-01-29 20:21 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-01-29 20:21 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-01-29 20:21 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-01-29 20:21 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-01-29 20:21 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-01-29 20:21 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-01-29 20:21 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-01-29 20:21 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-01-29 20:21 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-01-29 20:21 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-01-29 20:21 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-01-29 20:21 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-01-29 20:21 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-01-29 20:21 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-01-29 20:21 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-01-29 20:21 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-01-29 20:21 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-01-29 20:21 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-01-29 20:21 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-01-29 20:20 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-01-29 20:20 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-01-29 20:20 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-01-29 20:20 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-01-29 20:20 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-01-29 20:20 - 2012-11-28 23:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-01-29 20:20 - 2012-11-28 23:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2015-01-29 20:20 - 2012-11-28 23:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-01-29 20:20 - 2012-10-03 18:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-01-29 20:20 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-29 20:20 - 2012-10-03 18:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-01-29 20:20 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2015-01-29 20:20 - 2011-03-03 07:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-01-29 20:20 - 2011-03-03 07:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-01-29 20:20 - 2011-03-03 07:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2015-01-29 20:20 - 2011-03-03 06:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-01-29 20:20 - 2011-03-03 06:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2015-01-29 20:19 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-29 20:19 - 2012-11-02 06:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-01-29 20:19 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2015-01-29 20:19 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-29 20:19 - 2012-10-03 18:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-01-29 20:19 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2015-01-29 20:19 - 2012-10-03 17:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-01-29 20:16 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-01-29 20:16 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-01-29 20:16 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-01-29 20:16 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-01-29 20:14 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-01-29 20:14 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-01-29 20:14 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-01-29 20:14 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-01-29 20:14 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-01-29 20:14 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-01-29 20:14 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-01-29 20:14 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-01-29 20:14 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-01-29 20:14 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-01-29 20:14 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-01-29 20:14 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-01-29 20:14 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-01-29 20:14 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-01-29 20:14 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-01-29 20:14 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-01-29 20:12 - 2012-12-07 14:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-01-29 20:12 - 2012-12-07 14:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-01-29 20:12 - 2012-12-07 13:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-01-29 20:12 - 2012-12-07 13:20 - 02576384 _____ (Microsoft Corporation) ========


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:23 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19