03.09.2019
Sandra Pro Business 17.80.2011.10 serial key or number
Sandra Pro Business 17.80.2011.10 serial key or number
Solved Win7 64bit running out of the blue only 32bit process
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-10-2015
Ran by Antonio (administrator) on P190 (16-10-2015 22:03:37)
Running from C:\Users\Antonio\Desktop
Loaded Profiles: Antonio (Available Profiles: Antonio)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Matrox Graphics Inc) C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.Services.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Matrox Graphics Inc.) C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.Startup.exe
(Matrox Graphics Inc.) C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.Core.exe
() C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.HookHost.exe
() C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.HookHost64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1281512 2013-01-27] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Matrox PowerDesk] => C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.Startup.exe [894720 2014-08-27] (Matrox Graphics Inc.)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-3802321670-1185753832-2467123612-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3802321670-1185753832-2467123612-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3802321670-1185753832-2467123612-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3802321670-1185753832-2467123612-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3802321670-1185753832-2467123612-1001\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\S-1-5-21-3802321670-1185753832-2467123612-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3802321670-1185753832-2467123612-1001\...\MountPoints2: {fe5c40ea-eb5a-11e4-9b6d-bcaec51a069d} - E:\AutoRun.exe
IFEO: [Debugger] svchost.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2013-12-29] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2013-12-29] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2013-12-29] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2013-12-29] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2013-12-29] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2013-12-29] (Hermann Schinagl)
BootExecute: autocheck autochk * OODBSsdnclean64.exe
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 01 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.74.113.58 195.74.113.62
Tcpip\..\Interfaces\{AB53C8AA-D7CD-41A3-85DA-3740974E3427}: [DhcpNameServer] 195.74.113.58 195.74.113.62
Tcpip\..\Interfaces\{DF797AFE-D98D-405E-8DEA-0085E1F9D8B6}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3802321670-1185753832-2467123612-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://uk.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScopeBefore {33BB0A4E-99AF-4226-BDF6-49120163DE86}
SearchScopes: HKLM-x32 -> DefaultScopeBefore {33BB0A4E-99AF-4226-BDF6-49120163DE86}
SearchScopes: HKLM-x32 -> {E4E012DC-1925-48E9-8010-2D195574642A} URL = hxxp://search.b1.org/?bsrc=scior&chid=c169741&qq={searchTerms}
SearchScopes: HKU\S-1-5-21-3802321670-1185753832-2467123612-1001 -> DefaultScope {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL =
SearchScopes: HKU\S-1-5-21-3802321670-1185753832-2467123612-1001 -> DefaultScopeBefore {33BB0A4E-99AF-4226-BDF6-49120163DE86}
BHO: B1 Empty Tab -> {E4E012DC-1925-48E9-8010-2D195574642A} -> C:\Program Files (x86)\Internet Explorer\alitab64.dll [2015-03-22] (B1)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-06] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-06] (Oracle Corporation)
BHO-x32: B1 Empty Tab -> {E4E012DC-1925-48E9-8010-2D195574642A} -> C:\Program Files (x86)\Internet Explorer\alitab.dll [2015-03-22] (B1)
DPF: HKLM-x32 {0972B098-DEE9-4279-AC7E-4BAAA029102D} hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20120419052443
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1307315334185
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {E55B74AB-0B51-4BAE-A5B5-2531AB5EA4D9} hxxp://assets.photobox.com/assets/v/vwUT5k0zPhTGtHP_sqElr5P2dnc.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3802321670-1185753832-2467123612-1001: @Google.com/GoogleEarthPlugin -> C:\Users\Antonio\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll [2012-04-14] (Google)
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Matrox.Pdesk3.ServicesHost; C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.Services.exe [3875072 2014-08-27] (Matrox Graphics Inc)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
S3 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3246920 2011-06-06] (O&O Software GmbH)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\RpcAgentSrv.exe [93848 2008-09-18] (SiSoftware) [File not signed]
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Corporation)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2013-11-14] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 AdobeARMservice; no ImagePath
S2 Apple Mobile Device Service; no ImagePath
S4 Crypkey License; crypserv.exe [X]
S2 mi-raysat_3dsmax2012_64; no ImagePath
S2 OS Selector; no ImagePath
S2 SkypeUpdate; no ImagePath
S2 UMVPFSrv; no ImagePath
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2014-09-09] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2014-09-09] ()
S3 cpuz134; C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [21480 2010-07-09] (Windows (R) Win 7 DDK provider)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-16] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x64\Sandra.sys [23112 2009-08-08] (SiSoftware)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-04-08] () [File not signed]
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
U3 a2lgtkab; C:\Windows\System32\Drivers\a2lgtkab.sys [0 ] (Elaborate Bytes AG) <==== ATTENTION (zero byte File/Folder)
S3 cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [X]
S1 NetworkX; \SystemRoot\system32\ckldrv.sys [X]
S1 swsedrvr_vt_1_10_0_25; system32\drivers\swsedrvr_vt_1_10_0_25.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-16 22:03 - 2015-10-16 22:03 - 00016548 _____ C:\Users\Antonio\Desktop\FRST.txt
2015-10-16 22:02 - 2015-10-16 22:02 - 02196480 _____ (Farbar) C:\Users\Antonio\Desktop\FRST64.exe
2015-10-15 07:03 - 2015-10-16 21:47 - 00000168 _____ C:\Windows\setupact.log
2015-10-15 07:03 - 2015-10-15 07:03 - 00000000 _____ C:\Windows\setuperr.log
2015-10-14 19:06 - 2015-10-14 21:22 - 00000000 ____D C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayGem
2015-10-14 19:06 - 2015-10-14 21:22 - 00000000 ____D C:\Program Files (x86)\PlayGem
2015-10-13 23:09 - 2015-10-13 23:09 - 00000000 ____D C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FS Dreamscapes
2015-10-12 17:12 - 2015-10-12 17:12 - 00003094 _____ C:\Windows\System32\Tasks\{713264BB-963E-4B9C-8936-FA8DE211090D}
2015-10-11 22:50 - 2015-10-11 22:50 - 00003090 _____ C:\Windows\System32\Tasks\{F4F9A7A3-7E85-423B-AD93-8EBB441BE6DC}
2015-10-10 10:22 - 2015-10-10 10:22 - 00001631 _____ C:\Users\Antonio\Desktop\P3D v3.lnk
2015-10-10 10:21 - 2015-10-10 10:21 - 00001396 _____ C:\Users\Antonio\Desktop\P3D.cfg.lnk
2015-10-08 17:00 - 2015-10-08 17:00 - 00001332 _____ C:\Users\Antonio\Desktop\P3D.lnk
2015-10-08 16:36 - 2015-10-08 16:38 - 00000000 ____D C:\Program Files (x86)\Setup Support for Opera
2015-10-07 21:31 - 2015-10-07 21:31 - 00000833 _____ C:\Users\Antonio\Desktop\scenery.cfg - P3D.lnk
2015-10-07 20:32 - 2015-10-07 20:32 - 00001121 _____ C:\Users\Antonio\Desktop\ASN FSX.lnk
2015-10-07 20:21 - 2015-10-07 20:21 - 00001121 _____ C:\Users\Antonio\Desktop\ASN P3D.lnk
2015-10-05 20:11 - 2015-10-05 20:11 - 00001051 _____ C:\Users\Antonio\Desktop\P3D scenery.lnk
2015-10-04 20:29 - 2015-10-14 21:44 - 00000000 ____D C:\Users\Antonio\Documents\Prepar3D v3 Files
2015-10-04 20:29 - 2015-10-10 10:22 - 00000000 ____D C:\Users\Antonio\AppData\Roaming\Lockheed Martin
2015-10-04 20:29 - 2015-10-08 17:00 - 00000000 ____D C:\Program Files (x86)\Lockheed Martin
2015-10-04 20:29 - 2015-10-05 20:12 - 00000000 ____D C:\ProgramData\Lockheed Martin
2015-10-04 20:29 - 2015-10-04 20:29 - 00002087 _____ C:\Users\Public\Desktop\Prepar3D v3.lnk
2015-10-04 20:29 - 2015-10-04 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lockheed Martin
2015-10-04 13:44 - 2015-10-04 13:44 - 00000000 ____D C:\Users\Antonio\Documents\CCleaner backups
2015-10-04 12:40 - 2015-10-04 12:40 - 00000788 _____ C:\Windows\SysWOW64\${LOGFILE}
2015-10-04 12:36 - 2015-10-04 12:36 - 00000268 _____ C:\Windows\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200}.job
2015-10-04 12:27 - 2015-10-14 21:22 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-10-04 12:25 - 2015-10-04 12:25 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-10-04 12:24 - 2015-10-14 21:22 - 00000000 ____D C:\ProgramData\ToolsUpdatePlatform
2015-10-04 12:24 - 2015-10-04 12:24 - 00000000 ____D C:\Users\Public\Documents\Guid
2015-10-04 12:12 - 2015-10-16 21:48 - 00000346 ____H C:\Windows\Tasks\TKETFIAEOGYXMQUK.job
2015-10-04 12:12 - 2015-10-04 12:12 - 00003384 _____ C:\Windows\System32\Tasks\TKETFIAEOGYXMQUK
2015-10-04 12:12 - 2015-10-04 12:12 - 00003098 _____ C:\Windows\System32\Tasks\ngs3012
2015-10-04 12:12 - 2015-10-04 12:12 - 00000000 ____D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-10-04 12:12 - 2015-07-19 13:32 - 00001186 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-10-04 12:04 - 2015-10-04 12:04 - 00000000 ____D C:\ProgramData\Flightsim Estonia
2015-10-02 21:27 - 2015-10-13 23:30 - 00000000 ____D C:\Users\Antonio\AppData\Roaming\NVIDIA
2015-10-02 16:41 - 2015-10-02 16:41 - 00186880 _____ (TODO: <Company name>) C:\Windows\system32\rsrcs.dll
2015-09-30 20:37 - 2015-09-30 20:39 - 00000000 ____D C:\symbols
2015-09-26 20:31 - 2015-09-26 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fsbuild 2.4.0.19
2015-09-26 10:35 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-09-26 10:35 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-09-26 10:35 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-09-26 10:35 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-09-26 10:15 - 2015-09-26 10:15 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-09-26 10:15 - 2015-09-26 10:15 - 00000000 ____D C:\Windows\system32\appraiser
2015-09-26 10:13 - 2015-01-09 00:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls
2015-09-26 10:13 - 2015-01-09 00:43 - 00419936 _____ C:\Windows\system32\locale.nls
2015-09-26 10:11 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-26 10:11 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-26 09:58 - 2015-08-18 02:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-26 09:58 - 2015-08-18 02:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-26 09:58 - 2015-08-15 07:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-26 09:58 - 2015-08-15 07:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-26 09:58 - 2015-08-15 07:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-26 09:58 - 2015-08-15 07:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-26 09:58 - 2015-08-15 07:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-26 09:58 - 2015-08-15 07:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-26 09:58 - 2015-08-15 07:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-26 09:58 - 2015-08-15 07:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-26 09:58 - 2015-08-15 07:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-26 09:58 - 2015-08-15 07:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-26 09:58 - 2015-08-15 07:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-26 09:58 - 2015-08-15 07:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-26 09:58 - 2015-08-15 07:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-26 09:58 - 2015-08-15 07:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-26 09:58 - 2015-08-15 07:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-26 09:58 - 2015-08-15 07:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-26 09:58 - 2015-08-15 07:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-26 09:58 - 2015-08-15 07:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-26 09:58 - 2015-08-15 06:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-26 09:58 - 2015-08-15 06:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-26 09:58 - 2015-08-15 06:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-26 09:58 - 2015-08-15 06:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-26 09:58 - 2015-08-15 06:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-26 09:58 - 2015-08-15 06:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-26 09:58 - 2015-08-15 06:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-26 09:58 - 2015-08-15 06:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-26 09:58 - 2015-08-15 06:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-26 09:58 - 2015-08-15 06:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-26 09:58 - 2015-08-15 06:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-26 09:58 - 2015-08-15 06:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-26 09:58 - 2015-08-15 06:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-26 09:58 - 2015-08-15 06:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-26 09:58 - 2015-08-15 06:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-26 09:58 - 2015-08-15 06:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-26 09:58 - 2015-08-15 06:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-26 09:58 - 2015-08-15 06:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-26 09:58 - 2015-08-15 06:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-26 09:58 - 2015-08-15 06:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-26 09:58 - 2015-08-15 06:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-26 09:58 - 2015-08-15 06:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-26 09:58 - 2015-08-15 06:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-26 09:58 - 2015-08-15 06:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-26 09:58 - 2015-08-15 06:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-26 09:58 - 2015-08-15 06:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-26 09:58 - 2015-08-15 06:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-26 09:58 - 2015-08-15 06:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-26 09:58 - 2015-08-15 06:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-26 09:58 - 2015-08-15 06:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-26 09:58 - 2015-08-15 06:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-26 09:58 - 2015-08-15 06:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-26 09:58 - 2015-08-15 06:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-26 09:58 - 2015-08-15 06:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-26 09:58 - 2015-08-15 06:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-26 09:58 - 2015-08-15 05:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-26 09:58 - 2015-08-15 05:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-26 09:58 - 2015-08-15 05:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-26 09:58 - 2015-08-15 05:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-26 09:58 - 2015-08-15 05:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-26 09:58 - 2015-07-23 01:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-26 09:58 - 2015-07-23 01:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-26 09:58 - 2015-07-23 01:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-26 09:58 - 2015-07-23 01:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-26 09:58 - 2015-07-23 01:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-26 09:58 - 2015-07-23 01:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-26 09:58 - 2015-07-23 01:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-26 09:58 - 2015-07-23 01:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-26 09:58 - 2015-07-23 01:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-26 09:58 - 2015-07-23 01:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-26 09:58 - 2015-07-23 01:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-26 09:58 - 2015-07-23 01:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-26 09:58 - 2015-07-23 01:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-26 09:58 - 2015-07-23 00:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-26 09:58 - 2015-07-23 00:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-26 09:58 - 2015-07-22 18:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-26 09:58 - 2015-07-22 18:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-26 09:58 - 2015-07-22 18:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-26 09:58 - 2015-07-22 18:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-26 09:58 - 2015-07-22 18:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-26 09:58 - 2015-07-22 18:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-26 09:58 - 2015-07-22 18:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-26 09:58 - 2015-07-22 18:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-26 09:58 - 2015-07-22 18:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-26 09:58 - 2015-07-22 18:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-26 09:58 - 2015-07-22 18:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-26 09:58 - 2015-07-22 18:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 17:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-26 09:58 - 2015-07-22 17:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-26 09:58 - 2015-07-22 17:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-26 09:58 - 2015-07-22 17:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-26 09:58 - 2015-07-22 17:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-26 09:58 - 2015-07-22 17:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-26 09:58 - 2015-07-22 17:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 17:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-26 09:58 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-09-26 09:57 - 2015-08-27 19:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-26 09:57 - 2015-08-27 19:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-26 09:57 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-26 09:57 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-26 09:57 - 2015-08-27 18:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-26 09:57 - 2015-08-27 18:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-26 09:57 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-26 09:57 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-26 09:57 - 2015-08-05 18:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-26 09:57 - 2015-08-05 18:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-26 09:57 - 2015-08-05 18:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-26 09:57 - 2015-08-04 19:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-26 09:57 - 2015-08-04 19:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-26 09:57 - 2015-08-04 18:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-26 09:57 - 2015-08-04 18:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-26 09:57 - 2015-08-04 18:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-26 09:57 - 2015-08-04 18:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-26 09:57 - 2015-08-04 18:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-26 09:57 - 2015-08-04 18:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-26 09:57 - 2015-08-04 17:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-26 09:57 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-09-26 09:57 - 2015-07-30 19:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-09-26 09:57 - 2015-07-30 19:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-09-26 09:57 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-09-26 09:57 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-09-26 09:57 - 2015-07-28 21:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-09-26 09:57 - 2015-07-28 21:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-09-26 09:57 - 2015-07-28 21:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-09-26 09:57 - 2015-07-28 21:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-09-26 09:57 - 2015-07-28 21:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-09-26 09:57 - 2015-07-28 21:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-09-26 09:57 - 2015-07-28 21:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-09-26 09:57 - 2015-07-28 20:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
Ran by Antonio (administrator) on P190 (16-10-2015 22:03:37)
Running from C:\Users\Antonio\Desktop
Loaded Profiles: Antonio (Available Profiles: Antonio)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Matrox Graphics Inc) C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.Services.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Matrox Graphics Inc.) C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.Startup.exe
(Matrox Graphics Inc.) C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.Core.exe
() C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.HookHost.exe
() C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.HookHost64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1281512 2013-01-27] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Matrox PowerDesk] => C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.Startup.exe [894720 2014-08-27] (Matrox Graphics Inc.)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-3802321670-1185753832-2467123612-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3802321670-1185753832-2467123612-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3802321670-1185753832-2467123612-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3802321670-1185753832-2467123612-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3802321670-1185753832-2467123612-1001\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\S-1-5-21-3802321670-1185753832-2467123612-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3802321670-1185753832-2467123612-1001\...\MountPoints2: {fe5c40ea-eb5a-11e4-9b6d-bcaec51a069d} - E:\AutoRun.exe
IFEO: [Debugger] svchost.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2013-12-29] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2013-12-29] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2013-12-29] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2013-12-29] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2013-12-29] (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll [2013-12-29] (Hermann Schinagl)
BootExecute: autocheck autochk * OODBSsdnclean64.exe
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 01 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.74.113.58 195.74.113.62
Tcpip\..\Interfaces\{AB53C8AA-D7CD-41A3-85DA-3740974E3427}: [DhcpNameServer] 195.74.113.58 195.74.113.62
Tcpip\..\Interfaces\{DF797AFE-D98D-405E-8DEA-0085E1F9D8B6}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3802321670-1185753832-2467123612-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://uk.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScopeBefore {33BB0A4E-99AF-4226-BDF6-49120163DE86}
SearchScopes: HKLM-x32 -> DefaultScopeBefore {33BB0A4E-99AF-4226-BDF6-49120163DE86}
SearchScopes: HKLM-x32 -> {E4E012DC-1925-48E9-8010-2D195574642A} URL = hxxp://search.b1.org/?bsrc=scior&chid=c169741&qq={searchTerms}
SearchScopes: HKU\S-1-5-21-3802321670-1185753832-2467123612-1001 -> DefaultScope {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL =
SearchScopes: HKU\S-1-5-21-3802321670-1185753832-2467123612-1001 -> DefaultScopeBefore {33BB0A4E-99AF-4226-BDF6-49120163DE86}
BHO: B1 Empty Tab -> {E4E012DC-1925-48E9-8010-2D195574642A} -> C:\Program Files (x86)\Internet Explorer\alitab64.dll [2015-03-22] (B1)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-06] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-06] (Oracle Corporation)
BHO-x32: B1 Empty Tab -> {E4E012DC-1925-48E9-8010-2D195574642A} -> C:\Program Files (x86)\Internet Explorer\alitab.dll [2015-03-22] (B1)
DPF: HKLM-x32 {0972B098-DEE9-4279-AC7E-4BAAA029102D} hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20120419052443
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1307315334185
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {E55B74AB-0B51-4BAE-A5B5-2531AB5EA4D9} hxxp://assets.photobox.com/assets/v/vwUT5k0zPhTGtHP_sqElr5P2dnc.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3802321670-1185753832-2467123612-1001: @Google.com/GoogleEarthPlugin -> C:\Users\Antonio\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll [2012-04-14] (Google)
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Matrox.Pdesk3.ServicesHost; C:\Program Files (x86)\Matrox Graphics\PowerDesk\Matrox.PDesk.Services.exe [3875072 2014-08-27] (Matrox Graphics Inc)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22056 2013-01-27] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [379360 2013-01-27] (Microsoft Corporation)
S3 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3246920 2011-06-06] (O&O Software GmbH)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\RpcAgentSrv.exe [93848 2008-09-18] (SiSoftware) [File not signed]
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Corporation)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2013-11-14] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 AdobeARMservice; no ImagePath
S2 Apple Mobile Device Service; no ImagePath
S4 Crypkey License; crypserv.exe [X]
S2 mi-raysat_3dsmax2012_64; no ImagePath
S2 OS Selector; no ImagePath
S2 SkypeUpdate; no ImagePath
S2 UMVPFSrv; no ImagePath
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2014-09-09] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2014-09-09] ()
S3 cpuz134; C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [21480 2010-07-09] (Windows (R) Win 7 DDK provider)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-16] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [230320 2013-01-20] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [130008 2013-01-20] (Microsoft Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x64\Sandra.sys [23112 2009-08-08] (SiSoftware)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-04-08] () [File not signed]
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
U3 a2lgtkab; C:\Windows\System32\Drivers\a2lgtkab.sys [0 ] (Elaborate Bytes AG) <==== ATTENTION (zero byte File/Folder)
S3 cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [X]
S1 NetworkX; \SystemRoot\system32\ckldrv.sys [X]
S1 swsedrvr_vt_1_10_0_25; system32\drivers\swsedrvr_vt_1_10_0_25.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-16 22:03 - 2015-10-16 22:03 - 00016548 _____ C:\Users\Antonio\Desktop\FRST.txt
2015-10-16 22:02 - 2015-10-16 22:02 - 02196480 _____ (Farbar) C:\Users\Antonio\Desktop\FRST64.exe
2015-10-15 07:03 - 2015-10-16 21:47 - 00000168 _____ C:\Windows\setupact.log
2015-10-15 07:03 - 2015-10-15 07:03 - 00000000 _____ C:\Windows\setuperr.log
2015-10-14 19:06 - 2015-10-14 21:22 - 00000000 ____D C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayGem
2015-10-14 19:06 - 2015-10-14 21:22 - 00000000 ____D C:\Program Files (x86)\PlayGem
2015-10-13 23:09 - 2015-10-13 23:09 - 00000000 ____D C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FS Dreamscapes
2015-10-12 17:12 - 2015-10-12 17:12 - 00003094 _____ C:\Windows\System32\Tasks\{713264BB-963E-4B9C-8936-FA8DE211090D}
2015-10-11 22:50 - 2015-10-11 22:50 - 00003090 _____ C:\Windows\System32\Tasks\{F4F9A7A3-7E85-423B-AD93-8EBB441BE6DC}
2015-10-10 10:22 - 2015-10-10 10:22 - 00001631 _____ C:\Users\Antonio\Desktop\P3D v3.lnk
2015-10-10 10:21 - 2015-10-10 10:21 - 00001396 _____ C:\Users\Antonio\Desktop\P3D.cfg.lnk
2015-10-08 17:00 - 2015-10-08 17:00 - 00001332 _____ C:\Users\Antonio\Desktop\P3D.lnk
2015-10-08 16:36 - 2015-10-08 16:38 - 00000000 ____D C:\Program Files (x86)\Setup Support for Opera
2015-10-07 21:31 - 2015-10-07 21:31 - 00000833 _____ C:\Users\Antonio\Desktop\scenery.cfg - P3D.lnk
2015-10-07 20:32 - 2015-10-07 20:32 - 00001121 _____ C:\Users\Antonio\Desktop\ASN FSX.lnk
2015-10-07 20:21 - 2015-10-07 20:21 - 00001121 _____ C:\Users\Antonio\Desktop\ASN P3D.lnk
2015-10-05 20:11 - 2015-10-05 20:11 - 00001051 _____ C:\Users\Antonio\Desktop\P3D scenery.lnk
2015-10-04 20:29 - 2015-10-14 21:44 - 00000000 ____D C:\Users\Antonio\Documents\Prepar3D v3 Files
2015-10-04 20:29 - 2015-10-10 10:22 - 00000000 ____D C:\Users\Antonio\AppData\Roaming\Lockheed Martin
2015-10-04 20:29 - 2015-10-08 17:00 - 00000000 ____D C:\Program Files (x86)\Lockheed Martin
2015-10-04 20:29 - 2015-10-05 20:12 - 00000000 ____D C:\ProgramData\Lockheed Martin
2015-10-04 20:29 - 2015-10-04 20:29 - 00002087 _____ C:\Users\Public\Desktop\Prepar3D v3.lnk
2015-10-04 20:29 - 2015-10-04 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lockheed Martin
2015-10-04 13:44 - 2015-10-04 13:44 - 00000000 ____D C:\Users\Antonio\Documents\CCleaner backups
2015-10-04 12:40 - 2015-10-04 12:40 - 00000788 _____ C:\Windows\SysWOW64\${LOGFILE}
2015-10-04 12:36 - 2015-10-04 12:36 - 00000268 _____ C:\Windows\Tasks\{6A128791-4857-4484-9BB2-71D4C1257200}.job
2015-10-04 12:27 - 2015-10-14 21:22 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-10-04 12:25 - 2015-10-04 12:25 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-10-04 12:24 - 2015-10-14 21:22 - 00000000 ____D C:\ProgramData\ToolsUpdatePlatform
2015-10-04 12:24 - 2015-10-04 12:24 - 00000000 ____D C:\Users\Public\Documents\Guid
2015-10-04 12:12 - 2015-10-16 21:48 - 00000346 ____H C:\Windows\Tasks\TKETFIAEOGYXMQUK.job
2015-10-04 12:12 - 2015-10-04 12:12 - 00003384 _____ C:\Windows\System32\Tasks\TKETFIAEOGYXMQUK
2015-10-04 12:12 - 2015-10-04 12:12 - 00003098 _____ C:\Windows\System32\Tasks\ngs3012
2015-10-04 12:12 - 2015-10-04 12:12 - 00000000 ____D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-10-04 12:12 - 2015-07-19 13:32 - 00001186 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-10-04 12:04 - 2015-10-04 12:04 - 00000000 ____D C:\ProgramData\Flightsim Estonia
2015-10-02 21:27 - 2015-10-13 23:30 - 00000000 ____D C:\Users\Antonio\AppData\Roaming\NVIDIA
2015-10-02 16:41 - 2015-10-02 16:41 - 00186880 _____ (TODO: <Company name>) C:\Windows\system32\rsrcs.dll
2015-09-30 20:37 - 2015-09-30 20:39 - 00000000 ____D C:\symbols
2015-09-26 20:31 - 2015-09-26 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fsbuild 2.4.0.19
2015-09-26 10:35 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-09-26 10:35 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-09-26 10:35 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-09-26 10:35 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-09-26 10:15 - 2015-09-26 10:15 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-09-26 10:15 - 2015-09-26 10:15 - 00000000 ____D C:\Windows\system32\appraiser
2015-09-26 10:13 - 2015-01-09 00:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls
2015-09-26 10:13 - 2015-01-09 00:43 - 00419936 _____ C:\Windows\system32\locale.nls
2015-09-26 10:11 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-26 10:11 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-26 09:58 - 2015-08-18 02:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-26 09:58 - 2015-08-18 02:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-26 09:58 - 2015-08-15 07:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-26 09:58 - 2015-08-15 07:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-26 09:58 - 2015-08-15 07:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-26 09:58 - 2015-08-15 07:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-26 09:58 - 2015-08-15 07:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-26 09:58 - 2015-08-15 07:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-26 09:58 - 2015-08-15 07:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-26 09:58 - 2015-08-15 07:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-26 09:58 - 2015-08-15 07:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-26 09:58 - 2015-08-15 07:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-26 09:58 - 2015-08-15 07:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-26 09:58 - 2015-08-15 07:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-26 09:58 - 2015-08-15 07:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-26 09:58 - 2015-08-15 07:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-26 09:58 - 2015-08-15 07:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-26 09:58 - 2015-08-15 07:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-26 09:58 - 2015-08-15 07:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-26 09:58 - 2015-08-15 07:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-26 09:58 - 2015-08-15 06:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-26 09:58 - 2015-08-15 06:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-26 09:58 - 2015-08-15 06:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-26 09:58 - 2015-08-15 06:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-26 09:58 - 2015-08-15 06:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-26 09:58 - 2015-08-15 06:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-26 09:58 - 2015-08-15 06:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-26 09:58 - 2015-08-15 06:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-26 09:58 - 2015-08-15 06:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-26 09:58 - 2015-08-15 06:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-26 09:58 - 2015-08-15 06:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-26 09:58 - 2015-08-15 06:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-26 09:58 - 2015-08-15 06:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-26 09:58 - 2015-08-15 06:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-26 09:58 - 2015-08-15 06:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-26 09:58 - 2015-08-15 06:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-26 09:58 - 2015-08-15 06:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-26 09:58 - 2015-08-15 06:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-26 09:58 - 2015-08-15 06:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-26 09:58 - 2015-08-15 06:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-26 09:58 - 2015-08-15 06:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-26 09:58 - 2015-08-15 06:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-26 09:58 - 2015-08-15 06:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-26 09:58 - 2015-08-15 06:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-26 09:58 - 2015-08-15 06:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-26 09:58 - 2015-08-15 06:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-26 09:58 - 2015-08-15 06:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-26 09:58 - 2015-08-15 06:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-26 09:58 - 2015-08-15 06:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-26 09:58 - 2015-08-15 06:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-26 09:58 - 2015-08-15 06:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-26 09:58 - 2015-08-15 06:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-26 09:58 - 2015-08-15 06:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-26 09:58 - 2015-08-15 06:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-26 09:58 - 2015-08-15 06:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-26 09:58 - 2015-08-15 05:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-26 09:58 - 2015-08-15 05:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-26 09:58 - 2015-08-15 05:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-26 09:58 - 2015-08-15 05:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-26 09:58 - 2015-08-15 05:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-26 09:58 - 2015-07-23 01:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-26 09:58 - 2015-07-23 01:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-26 09:58 - 2015-07-23 01:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-26 09:58 - 2015-07-23 01:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-26 09:58 - 2015-07-23 01:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-26 09:58 - 2015-07-23 01:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-26 09:58 - 2015-07-23 01:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-26 09:58 - 2015-07-23 01:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-26 09:58 - 2015-07-23 01:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-26 09:58 - 2015-07-23 01:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-26 09:58 - 2015-07-23 01:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-26 09:58 - 2015-07-23 01:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-26 09:58 - 2015-07-23 01:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-26 09:58 - 2015-07-23 01:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-26 09:58 - 2015-07-23 00:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-26 09:58 - 2015-07-23 00:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-26 09:58 - 2015-07-23 00:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-26 09:58 - 2015-07-22 18:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-26 09:58 - 2015-07-22 18:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-26 09:58 - 2015-07-22 18:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-26 09:58 - 2015-07-22 18:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-26 09:58 - 2015-07-22 18:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-26 09:58 - 2015-07-22 18:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-26 09:58 - 2015-07-22 18:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-26 09:58 - 2015-07-22 18:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-26 09:58 - 2015-07-22 18:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-26 09:58 - 2015-07-22 18:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-26 09:58 - 2015-07-22 18:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-26 09:58 - 2015-07-22 18:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-26 09:58 - 2015-07-22 18:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 17:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-26 09:58 - 2015-07-22 17:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-26 09:58 - 2015-07-22 17:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-26 09:58 - 2015-07-22 17:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-26 09:58 - 2015-07-22 17:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-26 09:58 - 2015-07-22 17:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-26 09:58 - 2015-07-22 17:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 17:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-26 09:58 - 2015-07-22 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-26 09:58 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-09-26 09:57 - 2015-08-27 19:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-26 09:57 - 2015-08-27 19:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-26 09:57 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-26 09:57 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-26 09:57 - 2015-08-27 18:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-26 09:57 - 2015-08-27 18:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-26 09:57 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-26 09:57 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-26 09:57 - 2015-08-05 18:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-26 09:57 - 2015-08-05 18:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-26 09:57 - 2015-08-05 18:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-26 09:57 - 2015-08-04 19:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-26 09:57 - 2015-08-04 19:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-26 09:57 - 2015-08-04 18:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-26 09:57 - 2015-08-04 18:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-26 09:57 - 2015-08-04 18:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-26 09:57 - 2015-08-04 18:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-26 09:57 - 2015-08-04 18:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-26 09:57 - 2015-08-04 18:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-26 09:57 - 2015-08-04 17:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-26 09:57 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-09-26 09:57 - 2015-07-30 19:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-09-26 09:57 - 2015-07-30 19:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-09-26 09:57 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-09-26 09:57 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-09-26 09:57 - 2015-07-28 21:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-09-26 09:57 - 2015-07-28 21:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-09-26 09:57 - 2015-07-28 21:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-09-26 09:57 - 2015-07-28 21:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-09-26 09:57 - 2015-07-28 21:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-09-26 09:57 - 2015-07-28 21:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-09-26 09:57 - 2015-07-28 21:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-09-26 09:57 - 2015-07-28 20:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
Firefox wurde nicht geöffnet: Aktuelle Systembeschränkungen
Firefox wurde nicht geöffnet: Aktuelle Systembeschränkungen
Guten Tag,
Mein Firefox startete nicht. Die Fehlermeldung hieß "der Vorgang wurde aufgrund von aktuellen Beschränkungen auf dem Computer abgebrochen-Wenden sie sich an Ihren Systemadministrator"
Ich hab mich durchs Forum gelesen und Malwarebytes drüber laufen lassen. Nachdem einige Files in Quarantäne geschickt und der Rechner neu gestartet wurde, ist Firefox wieder startbar. Könntet ihr vorsichtshalber mal drüberschauen, ob mein System sonst in Ordnung ist?
Ich habe bereits FRST laufen lassen. Als das durch war, kam die Meldung von F-Secure:
"Anwendung blockiert: mod_frst.exe"
Ich habe die Anwendung wieder zugelassen - und hoffe das ist alles OK so.
Was ich erst später gelesen habe, ist, dass ich Defogger zuerst einsetzen soll. Ähem. Das hab ich jetzt noch nicht getan.
Hier die Log-Dateien
Malwarebytes
FRST Logfile:
Addition kommt im nächsten Post - passt hier nicht mehr rein, der Post wird zu lang...
Mein Firefox startete nicht. Die Fehlermeldung hieß "der Vorgang wurde aufgrund von aktuellen Beschränkungen auf dem Computer abgebrochen-Wenden sie sich an Ihren Systemadministrator"
Ich hab mich durchs Forum gelesen und Malwarebytes drüber laufen lassen. Nachdem einige Files in Quarantäne geschickt und der Rechner neu gestartet wurde, ist Firefox wieder startbar. Könntet ihr vorsichtshalber mal drüberschauen, ob mein System sonst in Ordnung ist?
Ich habe bereits FRST laufen lassen. Als das durch war, kam die Meldung von F-Secure:
"Anwendung blockiert: mod_frst.exe"
Ich habe die Anwendung wieder zugelassen - und hoffe das ist alles OK so.
Was ich erst später gelesen habe, ist, dass ich Defogger zuerst einsetzen soll. Ähem. Das hab ich jetzt noch nicht getan.
Hier die Log-Dateien
Malwarebytes
Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 24.08.2014 Scan Time: 12:00:17 Logfile: mwb_140824.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.08.24.02 Rootkit Database: v2014.08.21.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: ******* Scan Type: Threat Scan Result: Completed Objects Scanned: 321321 Time Elapsed: 16 min, 6 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 1 PUP.Optional.Softonic.A, HKU\S-1-5-21-1208740149-4055697789-2788075998-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Quarantined, [0260a822e8932610683acb3afa098779], Registry Values: 1 Security.Hijack, HKU\S-1-5-21-1208740149-4055697789-2788075998-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\DISALLOWRUN|1, firefox.exe, Quarantined, [e280ad1df98258dedf2fbacd020116ea] Registry Data: 0 (No malicious items detected) Folders: 7 PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\40EEB5432DB8427DB1349DD8F81F863D, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\678D9FED7C4F482DB99F335C720C6959, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\8167A672573E404DB8DE3D5B1283A827, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\OpenCandy_C0481209152C41C79FC37A0C037A84E3, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\ct3288691, Quarantined, [bea4b119ec8fac8a3e7f6f4f2ed49c64], PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\ct3297861, Quarantined, [df837159c8b390a6b508219d917131cf], Files: 19 PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nsaDD3A.exe, Quarantined, [97cb9139fb8056e0378313228f72c43c], PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nsaE047.exe, Quarantined, [79e90ebc760592a45c5e42f3ab5639c7], PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nsn670F.exe, Quarantined, [70f25179ee8df0468535ce6756aba35d], PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nsp2BEB.exe, Quarantined, [1c466a608cef58de8733b1848d74f30d], PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nspE315.exe, Quarantined, [3e2426a47407d462bdfd9d98c73add23], PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nsv2E2E.exe, Quarantined, [9ec49b2f8cef9d9905b52b0a43be649c], PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nsk331E.exe, Quarantined, [3a28e9e1e19a3df9edcdc27330d144bc], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Local\Temp\FreemakeVideoConverter_4.1.2.1.exe, Quarantined, [2042e3e7f18a40f613f6e733e9188080], PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\nsp9B78\SpSetup.exe, Quarantined, [a5bd7951adcee2540c9f270304fdd12f], PUP.Optional.Conduit.A, C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\conduit-search.xml, Quarantined, [21414c7e2d4e0a2cc3c73d0f36ce5aa6], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\40EEB5432DB8427DB1349DD8F81F863D\rcmswdlm_275.exe, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\678D9FED7C4F482DB99F335C720C6959\DivXInstaller.exe, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\8167A672573E404DB8DE3D5B1283A827\HSS-2.67-install-p76-335-conduit.exe, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\OpenCandy_C0481209152C41C79FC37A0C037A84E3\2343.ico, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\OpenCandy_C0481209152C41C79FC37A0C037A84E3\ds_DeDnCD_driverscanner.exe, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\ct3288691\chromeid.txt, Quarantined, [bea4b119ec8fac8a3e7f6f4f2ed49c64], PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\ct3288691\setup.ini.txt, Quarantined, [bea4b119ec8fac8a3e7f6f4f2ed49c64], PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\ct3297861\chromeid.txt, Quarantined, [df837159c8b390a6b508219d917131cf], PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\ct3297861\setup.ini.txt, Quarantined, [df837159c8b390a6b508219d917131cf], Physical Sectors: 0 (No malicious items detected) (end)
Hier FRSTFRST Logfile:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 01 Ran by ********** (administrator) on KARL on 24-08-2014 12:39:33 Running from D:\Downloads Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (AMD) C:\Windows\System32\atieclxx.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (cFos Software GmbH) C:\Program Files\ASUS\ROG GameFirst\spd.exe (SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE () C:\Windows\DAODx.exe (SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE (F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe () C:\Users\**********\AppData\Roaming\Hub Timer\hub.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe () C:\Users\**********\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe (Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe (Crystal Dew World) C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE (Flux Software LLC) C:\Users\**********\AppData\Local\FluxSoftware\Flux\flux.exe (PANTERASoft) C:\Program Files (x86)\HDD Health\hddhealth.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (ASUSTeK Computer Inc.) C:\Program Files\ASUS\Ai Suite\QFan4\FanHelp.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe () C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe () C:\Program Files (x86)\Razer\Diamondback 3G\razertra.exe (Razer Inc.) C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\System32\prevhost.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_6_602_180_ActiveX.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Ocs_SM] => C:\Users\**********\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2012-10-24] (OCS) HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [241789 2009-07-07] (Creative Technology Ltd) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation) HKLM-x32\...\Run: [QFan Help] => C:\Program Files\ASUS\Ai Suite\QFan4\FanHelp.exe [888960 2010-03-25] (ASUSTeK Computer Inc.) HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310312 2013-11-26] (F-Secure Corporation) HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.) HKLM-x32\...\Run: [F-Secure Hoster (666)] => C:\Program Files (x86)\F-Secure\fshoster32.exe [191528 2013-12-11] (F-Secure Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Diamondback] => C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe [228352 2010-04-28] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.) HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\Run: [f.lux] => C:\Users\**********\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC) HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: E - E:\AutoRun.exe HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {23cb5d4b-3cee-11e3-90c0-20cf305ca400} - E:\AutoRun.exe HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {636fda8e-b6ec-11e2-ab0c-20cf305ca400} - E:\AutoRun.exe HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {636fda9b-b6ec-11e2-ab0c-20cf305ca400} - I:\AutoRun.exe HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {b34435d4-b643-11e2-888c-20cf305ca400} - E:\AutoRun.exe HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {b34435e4-b643-11e2-888c-20cf305ca400} - E:\AutoRun.exe HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {b4524698-394d-11e2-9f71-20cf305ca400} - E:\LaunchU3.exe -a HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {be98e1a7-c05a-11e2-bf42-20cf305ca400} - E:\AutoRun.exe HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {c02e27bf-97af-11e3-a9ee-20cf305ca400} - E:\AutoRun.exe HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {fe3e3a5d-26d4-11e3-b1a9-20cf305ca400} - E:\AutoRun.exe HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {fe3e3a6a-26d4-11e3-b1a9-20cf305ca400} - E:\AutoRun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk ShortcutTarget: HDDHealth.lnk -> C:\Program Files (x86)\HDD Health\hddhealth.exe (PANTERASoft) Startup: C:\Users\**********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.heise.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB14AD28C1AF3CD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll (DeviceVM, Inc.) URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.) URLSearchHook: HKCU - (No Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - No File SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552 SearchScopes: HKCU - DefaultScope {42D42CF2-13F7-4f52-87DE-819065238EA6} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKCU - {006C009F-4EDB-44FD-ADA1-ABE7BE4789EA} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&k=0 SearchScopes: HKCU - {08D7B683-991A-4DDB-A835-AFCA4B26C8B7} URL = hxxp://websearch.ask.com.anonymize-me.de/?anonymto=687474703A2F2F7765627365617263682E61736B2E636F6D2F72656469726563743F636C69656E743D69652674623D4F524A266F3D267372633D63726D26713D7B7365617263685465726D737D266C6F63616C653D2661706E5F70746E72733D2661706E5F647469643D4F534A3030302661706E5F7569643D38363642354642332D373745322D343233412D394431412D3639344545384344373934322661706E5F73617569643D37304430334341462D324138422D343237412D384644392D324542303046343830313530&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&k=0 SearchScopes: HKCU - {0AA402C9-3801-4824-87D6-EE4A586C7EF9} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms} SearchScopes: HKCU - {42D42CF2-13F7-4f52-87DE-819065238EA6} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKCU - {5D6976E5-669C-45F9-AAB4-6F7A9BA1EF74} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {63D45FA9-A133-4E62-B859-EE6F533433A7} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3321902&octid=EB_ORIGINAL_CTID&ISID=MA2638A1B-6256-4BE8-AC9C-E76F95764066&SearchSource=58&CUI=&UM=5&UP=SP6F991D19-A83B-4EBD-9BF2-674453364517&q={searchTerms}&SSPV= SearchScopes: HKCU - {B406EEB3-11DE-488A-A1DC-FB29D0716140} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {C2327F89-13AE-4BFF-A0EF-2804F941F439} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {DE247C9D-DDDC-43F6-9AAE-55AB3AAD58CA} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&mode=bounce&k=0 BHO: F-Secure Online Safety -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https64.dll (F-Secure Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: F-Secure Online Safety -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: No Name -> {C32F5BF7-6918-4F78-A97A-53CDF7D07C8C} -> C:\Users\**********\AppData\LocalLow\Internet Explorer BHO\bho.dll () BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default FF DefaultSearchEngine: Google Deutschland - auf Deutsch FF SearchEngineOrder.1: Ask.com FF SelectedSearchEngine: Google Deutschland - auf Deutsch FF Homepage: hxxp://www.heise.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/wpi,version=1.4 -> C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll (Microsoft Corp) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/wpi,version=1.4 -> C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll (Microsoft Corp) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems) FF user.js: detected! => C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\user.js FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\askcom.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\duckduckgo.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\firefox-add-ons.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\google-deutschland---auf-deutsch.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\google-deutschland---aus-deutschland.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\google-images.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\google-maps.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\google-us.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\mycroft-project.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\{9BB884FC-861C-439B-B6B4-6C8219FAAEA1}.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\{C2F1423C-D646-4004-9A3B-66831ADD4467}.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\{CDD933C5-0689-4228-ABFA-EC9FC0A14E9B}.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: 20-20 3D Viewer - IKEA - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\2020Player_IKEA@2020Technologies.com [2012-11-02] FF Extension: Cliqz Beta - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\cliqz@cliqz.com [2014-07-23] FF Extension: FireJump - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\firejump@firejump.net [2012-10-24] FF Extension: Foxy-Secure v7 - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\fox@foxy.sec.com [2014-08-23] FF Extension: Shopping-preise.de - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\mail@shopping-preise.de [2012-10-24] FF Extension: SparPilot - Gutscheine & mehr... - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\sparpilot@sparpilot.com [2014-08-23] FF Extension: Hotspot Shield - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d} [2012-10-24] FF Extension: FoxLingo - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} [2014-08-06] FF Extension: Add to Amazon Wish List Button - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\amznUWL2@amazon.com.xpi [2012-08-21] FF Extension: Preispilot - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\extension@preispilot.com.xpi [2012-10-26] FF Extension: DuckDuckGo Plus - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2014-01-14] FF Extension: Noia Fox options - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\NoiaFoxoption@davidvincent.tld.xpi [2012-11-21] FF Extension: Flashblock - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi [2012-08-21] FF Extension: Noia Fox - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi [2012-11-21] FF Extension: Web Developer - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2012-08-21] FF Extension: Adblock Plus - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-21] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-07-30] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-01-23] FF HKLM-x32\...\Firefox\Extensions: [{e2f29cc9-4ed8-4c5f-8b49-529560fdf092}] - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_firefox_https FF Extension: Online Safety - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_firefox_https [2014-01-02] FF HKCU\...\Firefox\Extensions: [mail@shopping-preise.de] - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\extensions\mail@shopping-preise.de FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\extensions\firejump@firejump.net FF HKCU\...\Firefox\Extensions: [extension@preispilot.com] - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\extensions\extension@preispilot.com FF HKCU\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\extensions\cliqz@cliqz.com Chrome: ======= CHR HomePage: CHR StartupUrls: "" CHR DefaultSuggestURL: {google:baseSuggestURL}search?\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_chrome_https\fs_chrome_https.crx [2014-05-23] CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\**********\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-08-23] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] () R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed] R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.) R2 cFosSpeedS; C:\Program Files\ASUS\ROG GameFirst\spd.exe [487128 2010-02-09] (cFos Software GmbH) S4 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2011-10-30] (Creative Labs) [File not signed] S4 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-10-30] (Creative Labs) [File not signed] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed] R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed] R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [191528 2013-12-11] (F-Secure Corporation) R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2013-11-26] (F-Secure Corporation) R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60352 2013-06-25] (F-Secure Corporation) S2 HDDHealth; C:\Program Files (x86)\HDD Health\HDDHealthService.exe [72640 2012-06-07] () [File not signed] R2 HubService; C:\Users\**********\AppData\Roaming\Hub Timer\hub.exe [536576 2014-07-30] () [File not signed] S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-12-07] (Hewlett-Packard Company) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2008-11-25] () S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\RpcAgentSrv.exe [93848 2008-09-18] (SiSoftware) [File not signed] R2 SearchAnonymizer; C:\Users\**********\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2012-10-24] () [File not signed] S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [200624 2010-09-29] (Telefónica I+D) S4 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [545608 2012-09-24] () S4 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [553800 2012-09-24] (PacketVideo) S4 TwonkyWebDav; C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe [275272 2012-09-24] () R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2013-06-05] (VIA Technologies, Inc.) S2 Seagate Sync Service; "C:\Program Files (x86)\Seagate\Sync\SeaSyncServices.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11904 2013-06-05] (Advanced Micro Devices Inc.) R0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21160 2013-07-05] (Advanced Micro Devices, Inc.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [35936 2013-07-05] (Advanced Micro Devices, Inc.) S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] () R3 cFosSpeed; C:\Windows\System32\DRIVERS\cfosspeed.sys [1432792 2009-10-12] (cFos Software GmbH) R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2008-12-31] (Cyberlink Co.,Ltd.) R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [371696 2008-12-31] (CyberLink Corporation.) S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.) R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2014-06-10] (F-Secure Corporation) R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69960 2014-06-23] (F-Secure Corporation) S3 FIXUSTOR; C:\Windows\System32\DRIVERS\fixustor.sys [13696 2013-04-18] (GenesysLogic) R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-09-09] () R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42248 2013-02-28] () R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\fsni64.sys [86056 2014-06-19] (F-Secure Corporation) R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-06-24] () R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41704 2012-08-01] (AnchorFree Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-24] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] () R3 pmkbdfltr; C:\Windows\System32\DRIVERS\pmkbdfltr.sys [18832 2012-08-20] (PenMount) R3 Razerlow; C:\Windows\System32\drivers\DB3G.sys [21120 2005-11-07] (Razer (Asia-Pacific) Pte Ltd) S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [108296 2007-04-24] (MCCI Corporation) S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [19720 2007-04-24] (MCCI Corporation) S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [144648 2007-04-24] (MCCI Corporation) S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [126216 2007-04-24] (MCCI Corporation) S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [123656 2007-04-24] (MCCI Corporation) S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x64\Sandra.sys [23112 2009-08-08] (SiSoftware) R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications) R3 VMfilt; C:\Windows\System32\drivers\VMfilt64.sys [25600 2009-07-31] (Creative Technology Ltd.) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation) R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [146928 2009-08-28] (CyberLink Corp.) S3 atillk64; \??\C:\Program Files (x86)\AMD\System Monitor\atillk64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-24 12:38 - 2014-08-24 12:39 - 00000000 ____D () C:\FRST 2014-08-24 11:59 - 2014-08-24 12:26 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-24 11:59 - 2014-08-24 11:59 - 00001115 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-24 11:59 - 2014-08-24 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-24 11:58 - 2014-08-24 11:59 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-24 11:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-08-24 11:58 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-08-24 11:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-08-23 15:53 - 2014-08-23 15:55 - 00000000 ____D () C:\Zanni+Partner Ltd Businessplan Tool 2014-08-23 15:53 - 2014-08-23 15:53 - 00000186 _____ () C:\Users\**********\Desktop\Amazon.de.url 2014-08-23 15:53 - 2014-08-23 15:53 - 00000000 ____D () C:\Users\**********\ChromeExtensions 2014-08-23 15:53 - 2014-08-23 15:53 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp3cb33a567175ecd2d17721aca9c18ffe 2014-08-23 15:52 - 2014-08-23 15:53 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Security Systems 2014-08-23 15:52 - 2014-08-23 15:52 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Hub Timer 2014-08-23 15:48 - 2014-08-23 15:48 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp260923940dbb8a6436400192c6a46c1f 2014-08-21 10:07 - 2014-08-21 10:07 - 00001792 _____ () C:\Users\Public\Desktop\iTunes.0-karl-********** 2014-08-18 22:38 - 2014-08-18 22:38 - 00000000 __HDC () C:\ProgramData\{BC3827BC-FEE6-47F6-A08C-EAFB1CE3AA56} 2014-08-18 22:37 - 2014-08-18 22:37 - 00001325 _____ () C:\Users\Public\Desktop\BMWi-Softwarepaket 10.lnk 2014-08-18 22:37 - 2014-08-18 22:37 - 00000000 __HDC () C:\ProgramData\{DA8DD039-AEE2-4D03-83AC-B1E508D4A724} 2014-08-18 22:36 - 2014-08-18 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BMWi 2014-08-18 22:36 - 2014-08-18 22:38 - 00000000 ____D () C:\Program Files (x86)\BMWi 2014-08-18 22:29 - 2014-08-18 22:34 - 00000000 ____D () C:\Users\**********\Desktop\BMWI-Softwarepaket-10 2014-08-18 22:21 - 2014-08-18 22:27 - 391954486 _____ () C:\Users\**********\Desktop\BMWI-Softwarepaket-10.zip 2014-08-15 12:39 - 2014-08-15 12:39 - 00000000 ____D () C:\Program Files (x86)\simple-fax.de 2014-08-15 12:39 - 2013-08-12 09:01 - 00113152 _____ () C:\Windows\system32\redmon64.dll 2014-08-15 12:39 - 2013-08-12 09:01 - 00044032 _____ () C:\Windows\system32\unredmon64.exe 2014-08-15 12:39 - 2013-08-12 09:01 - 00028435 _____ () C:\Windows\system32\redmon.chm 2014-08-13 09:43 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-08-13 09:43 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-08-13 09:43 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-08-13 09:43 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-13 09:43 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-08-13 09:43 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-08-13 09:43 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-08-13 09:43 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2014-08-13 09:41 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-13 09:41 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-08-13 09:41 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-13 09:41 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-13 09:41 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-08-13 09:41 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-08-13 09:41 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-13 09:41 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-13 09:41 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-08-13 09:41 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-13 09:41 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-08-13 09:41 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-13 09:41 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-13 09:41 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-08-13 09:41 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-13 09:41 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-13 09:41 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-08-13 09:41 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-08-13 09:41 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-13 09:41 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-13 09:41 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-08-13 09:41 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-13 09:41 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-08-13 09:41 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-08-13 09:41 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-13 09:41 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-13 09:41 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-08-13 09:41 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-13 09:41 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-08-13 09:41 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-13 09:41 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-08-13 09:41 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-08-13 09:41 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-13 09:41 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-08-13 09:41 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-08-13 09:41 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-08-13 09:41 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-08-13 09:41 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-13 09:41 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-13 09:41 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-13 09:41 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-13 09:41 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-08-13 09:41 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-08-13 09:41 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-08-13 09:41 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-08-13 09:41 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-13 09:41 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-08-13 09:41 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-08-13 09:41 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-08-13 09:41 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-08-13 09:41 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-13 09:41 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-13 09:41 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-08-13 09:41 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-08-13 09:41 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-08-13 09:41 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-08-13 09:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-08-13 09:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-08-13 09:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-08-13 09:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-08-13 09:40 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-08-13 09:40 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-08-13 09:40 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-08-13 09:40 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-08-13 09:40 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-08-13 09:40 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-08-13 09:40 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-08-13 09:40 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-08-13 09:40 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-08-13 09:40 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-08-13 09:40 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-08-13 09:40 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-08-13 09:40 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-08-13 09:40 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-08-13 09:40 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-08-13 09:40 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-08-13 09:40 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-08-13 09:39 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-13 09:39 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-08-13 09:39 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-13 09:39 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-08-13 09:39 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-13 09:39 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-08-13 09:39 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-08-13 09:39 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-08-11 22:59 - 2014-08-11 22:59 - 00003088 _____ () C:\Windows\System32\Tasks\{2132C062-9907-4D6F-830F-DE3E53E0C0EF} 2014-08-11 14:31 - 2014-08-11 14:31 - 00004442 _____ () C:\Users\**********\Desktop\etracker-Wochenstatistik 32 - 2014 ID 12335.eml 2014-08-08 19:50 - 2014-08-08 19:50 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-08-08 19:50 - 2014-08-08 19:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-08-08 19:50 - 2014-08-08 19:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-08-08 19:50 - 2014-08-08 19:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-08-08 19:50 - 2014-08-08 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-08 10:38 - 2014-08-08 10:38 - 00001410 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk 2014-08-07 18:24 - 2014-08-07 18:24 - 00001040 _____ () C:\Users\Public\Desktop\MozBackup.lnk 2014-08-07 18:24 - 2014-08-07 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup 2014-08-07 18:24 - 2014-08-07 18:24 - 00000000 ____D () C:\Program Files (x86)\MozBackup 2014-08-07 16:20 - 2014-08-08 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate 2014-08-07 16:20 - 2014-08-08 10:41 - 00000000 ____D () C:\Program Files (x86)\Seagate 2014-07-30 11:03 - 2014-07-30 11:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-07-28 12:05 - 2014-07-28 12:05 - 00004623 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-24 12:39 - 2014-08-24 12:38 - 00000000 ____D () C:\FRST 2014-08-24 12:32 - 2009-07-14 06:45 - 00015376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-24 12:32 - 2009-07-14 06:45 - 00015376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-24 12:28 - 2011-10-30 22:55 - 01140638 _____ () C:\Windows\WindowsUpdate.log 2014-08-24 12:26 - 2014-08-24 11:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-24 12:23 - 2013-01-01 02:14 - 00083968 _____ () C:\Windows\setupact.log 2014-08-24 12:23 - 2012-11-01 18:52 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-24 12:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-24 12:23 - 2009-07-14 06:45 - 05017408 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-24 12:22 - 2013-01-01 02:13 - 01833138 _____ () C:\Windows\PFRO.log 2014-08-24 12:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Cursors 2014-08-24 12:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing 2014-08-24 12:03 - 2012-11-01 18:52 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-24 11:59 - 2014-08-24 11:59 - 00001115 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-24 11:59 - 2014-08-24 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-24 11:59 - 2014-08-24 11:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-24 11:58 - 2012-11-01 14:32 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-24 11:47 - 2014-07-18 08:46 - 00000280 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job 2014-08-24 11:43 - 2012-08-29 16:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-23 16:49 - 2011-10-30 22:04 - 00000000 ____D () C:\Users\********** 2014-08-23 16:17 - 2012-10-12 16:56 - 00000000 ____D () C:\Users\**********\AppData\Roaming\FileZilla 2014-08-23 15:55 - 2014-08-23 15:53 - 00000000 ____D () C:\Zanni+Partner Ltd Businessplan Tool 2014-08-23 15:53 - 2014-08-23 15:53 - 00000186 _____ () C:\Users\**********\Desktop\Amazon.de.url 2014-08-23 15:53 - 2014-08-23 15:53 - 00000000 ____D () C:\Users\**********\ChromeExtensions 2014-08-23 15:53 - 2014-08-23 15:53 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp3cb33a567175ecd2d17721aca9c18ffe 2014-08-23 15:53 - 2014-08-23 15:52 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Security Systems 2014-08-23 15:52 - 2014-08-23 15:52 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Hub Timer 2014-08-23 15:48 - 2014-08-23 15:48 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp260923940dbb8a6436400192c6a46c1f 2014-08-23 10:40 - 2014-08-20 13:44 - 00000000 ____D () C:\Users\**********\AppData\Local\Adobe 2014-08-21 11:50 - 2012-11-17 21:39 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Apple Computer 2014-08-21 10:07 - 2014-08-21 10:07 - 00001792 _____ () C:\Users\Public\Desktop\iTunes.dat 2014-08-20 14:29 - 2009-07-14 19:58 - 00152206 _____ () C:\Windows\system32\perfc007.dat 2014-08-20 14:29 - 2009-07-14 07:13 - 01636108 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-08-20 13:15 - 2012-08-29 16:41 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-08-20 13:15 - 2012-03-30 19:07 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-08-20 13:15 - 2011-11-04 00:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-08-19 12:21 - 2014-08-19 12:21 - 00003496 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-karl-********** 2014-08-18 22:38 - 2014-08-18 22:38 - 00000000 __HDC () C:\ProgramData\{BC3827BC-FEE6-47F6-A08C-EAFB1CE3AA56} 2014-08-18 22:38 - 2014-08-18 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BMWi 2014-08-18 22:38 - 2014-08-18 22:36 - 00000000 ____D () C:\Program Files (x86)\BMWi 2014-08-18 22:37 - 2014-08-18 22:37 - 00001325 _____ () C:\Users\Public\Desktop\BMWi-Softwarepaket 10.lnk 2014-08-18 22:37 - 2014-08-18 22:37 - 00000000 __HDC () C:\ProgramData\{DA8DD039-AEE2-4D03-83AC-B1E508D4A724} 2014-08-18 22:34 - 2014-08-18 22:29 - 00000000 ____D () C:\Users\**********\Desktop\BMWI-Softwarepaket-10 2014-08-18 22:27 - 2014-08-18 22:21 - 391954486 _____ () C:\Users\**********\Desktop\BMWI-Softwarepaket-10.zip 2014-08-18 10:03 - 2013-03-18 22:00 - 00000000 ____D () C:\Users\**********\Desktop\130319-gd 2014-08-15 12:39 - 2014-08-15 12:39 - 00000000 ____D () C:\Program Files (x86)\simple-fax.de 2014-08-13 13:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-08-13 10:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-08-13 09:59 - 2013-02-03 14:28 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-13 09:53 - 2013-07-25 16:27 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-13 09:49 - 2011-10-31 00:06 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-08-11 22:59 - 2014-08-11 22:59 - 00003088 _____ () C:\Windows\System32\Tasks\{2132C062-9907-4D6F-830F-DE3E53E0C0EF} 2014-08-11 14:31 - 2014-08-11 14:31 - 00004442 _____ () C:\Users\**********\Desktop\etracker-Wochenstatistik 32 - 2014 ID 12335.eml 2014-08-11 00:00 - 2011-11-04 16:49 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-08-08 20:16 - 2013-10-19 12:13 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-08 19:50 - 2014-08-08 19:50 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-08-08 19:50 - 2014-08-08 19:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-08-08 19:50 - 2014-08-08 19:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-08-08 19:50 - 2014-08-08 19:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-08-08 19:50 - 2014-08-08 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-08 19:50 - 2012-09-01 01:27 - 00000000 ____D () C:\Program Files (x86)\Java 2014-08-08 10:42 - 2011-10-30 22:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-08-08 10:41 - 2014-08-07 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate 2014-08-08 10:41 - 2014-08-07 16:20 - 00000000 ____D () C:\Program Files (x86)\Seagate 2014-08-08 10:38 - 2014-08-08 10:38 - 00001410 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk 2014-08-08 10:38 - 2014-03-21 18:13 - 00000000 ____D () C:\ProgramData\Package Cache 2014-08-07 22:41 - 2011-11-04 12:56 - 00000000 ____D () C:\Users\**********\AppData\Roaming\TS3Client 2014-08-07 19:21 - 2011-10-31 01:53 - 00007596 _____ () C:\Users\**********\AppData\Local\Resmon.ResmonCfg 2014-08-07 19:13 - 2011-11-01 21:29 - 00000000 ____D () C:\Users\**********\AppData\Local\Deployment 2014-08-07 18:24 - 2014-08-07 18:24 - 00001040 _____ () C:\Users\Public\Desktop\MozBackup.lnk 2014-08-07 18:24 - 2014-08-07 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup 2014-08-07 18:24 - 2014-08-07 18:24 - 00000000 ____D () C:\Program Files (x86)\MozBackup 2014-08-07 17:42 - 2013-07-30 20:41 - 00124749 _____ () C:\Users\**********\Documents\Report.html 2014-08-01 01:41 - 2014-08-13 09:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-01 01:16 - 2014-08-13 09:41 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-30 13:05 - 2012-05-15 00:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-07-30 11:03 - 2014-07-30 11:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-07-28 12:05 - 2014-07-28 12:05 - 00004623 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log 2014-07-27 10:46 - 2013-03-13 14:50 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-07-27 10:46 - 2013-03-13 14:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-26 19:22 - 2013-03-13 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-07-25 16:52 - 2014-08-13 09:41 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-25 16:02 - 2014-08-13 09:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-25 16:01 - 2014-08-13 09:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-25 15:51 - 2014-08-13 09:41 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-25 15:30 - 2014-08-13 09:41 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-25 15:28 - 2014-08-13 09:41 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-25 15:28 - 2014-08-13 09:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-25 15:25 - 2014-08-13 09:41 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-25 15:25 - 2014-08-13 09:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-25 15:11 - 2014-08-13 09:41 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-25 15:10 - 2014-08-13 09:41 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-25 15:04 - 2014-08-13 09:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-25 15:03 - 2014-08-13 09:41 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-25 15:00 - 2014-08-13 09:41 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-25 15:00 - 2014-08-13 09:41 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-25 14:59 - 2014-08-13 09:41 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-25 14:47 - 2014-08-13 09:41 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-25 14:40 - 2014-08-13 09:41 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-25 14:34 - 2014-08-13 09:41 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-25 14:34 - 2014-08-13 09:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-25 14:33 - 2014-08-13 09:41 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-25 14:30 - 2014-08-13 09:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-25 14:28 - 2014-08-13 09:41 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-25 14:28 - 2014-08-13 09:41 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-25 14:21 - 2014-08-13 09:41 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-25 14:19 - 2014-08-13 09:41 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-25 14:18 - 2014-08-13 09:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-25 14:17 - 2014-08-13 09:41 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-25 14:17 - 2014-08-13 09:41 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-25 14:12 - 2014-08-13 09:41 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-25 14:10 - 2014-08-13 09:41 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-25 14:10 - 2014-08-13 09:41 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-25 14:08 - 2014-08-13 09:41 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-25 14:06 - 2014-08-13 09:41 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-25 13:52 - 2014-08-13 09:41 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-25 13:47 - 2014-08-13 09:41 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-25 13:43 - 2014-08-13 09:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-25 13:42 - 2014-08-13 09:41 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-25 13:39 - 2014-08-13 09:41 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-25 13:39 - 2014-08-13 09:41 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-25 13:36 - 2014-08-13 09:41 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-25 13:34 - 2014-08-13 09:41 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-25 13:29 - 2014-08-13 09:41 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-25 13:23 - 2014-08-13 09:41 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-25 13:13 - 2014-08-13 09:41 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-25 13:07 - 2014-08-13 09:41 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-25 13:07 - 2014-08-13 09:41 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-25 13:03 - 2014-08-13 09:41 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-25 12:52 - 2014-08-13 09:41 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-25 12:26 - 2014-08-13 09:41 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-25 12:17 - 2014-08-13 09:41 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-25 12:09 - 2014-08-13 09:41 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-25 12:05 - 2014-08-13 09:41 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-25 12:00 - 2014-08-13 09:41 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll Some content of TEMP: ==================== C:\Users\**********\AppData\Local\Temp\13-12_win7_win8_64_dd_ccc_whql.exe C:\Users\**********\AppData\Local\Temp\amazonicon_v9.exe C:\Users\**********\AppData\Local\Temp\amazoninstallernircmdc.exe C:\Users\**********\AppData\Local\Temp\AutoDetect.exe C:\Users\**********\AppData\Local\Temp\Businessplan.exe C:\Users\**********\AppData\Local\Temp\DataCard_Setup64.exe C:\Users\**********\AppData\Local\Temp\DivXSetup.exe C:\Users\**********\AppData\Local\Temp\FoxySecurity_6.2_GIGA_FF_IE_Setup.exe C:\Users\**********\AppData\Local\Temp\FreemakeVideoConverter_3.2.1.7.exe C:\Users\**********\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.1.exe C:\Users\**********\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe C:\Users\**********\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe C:\Users\**********\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\**********\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\**********\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\**********\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\**********\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe C:\Users\**********\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\**********\AppData\Local\Temp\ose00000.exe C:\Users\**********\AppData\Local\Temp\ResetDevice.exe C:\Users\**********\AppData\Local\Temp\sdanircmdc.exe C:\Users\**********\AppData\Local\Temp\sdapskill.exe C:\Users\**********\AppData\Local\Temp\sdaspwn.exe C:\Users\**********\AppData\Local\Temp\sfamcc00001.dll C:\Users\**********\AppData\Local\Temp\SkypeSetup.exe C:\Users\**********\AppData\Local\Temp\tmp2D28.exe C:\Users\**********\AppData\Local\Temp\vcredist_x86.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-17 19:34 ==================== End Of Log ============================
--- --- ---Addition kommt im nächsten Post - passt hier nicht mehr rein, der Post wird zu lang...
Geändert von Frau-M (24.08.2014 um 12:33 Uhr)
Comassets5E1913CC0946229D2D1A0E525E1913CF0946229D2D1A0E59en_USf861ffa1f0f568800fa19b37a8fa2caa. png" in the toolbar (or use the Touch Bar). plilipClick the button for an option you want to use. ppMore formatting options are available in the Format menu in the menu bar.
.What’s New in the Sandra Pro Business 17.80.2011.10 serial key or number?
Screen Shot
System Requirements for Sandra Pro Business 17.80.2011.10 serial key or number
- First, download the Sandra Pro Business 17.80.2011.10 serial key or number
-
You can download its setup from given links: