| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows startet nicht!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.01.2012, 20:40
| #61 |
 |  Windows startet nicht! All processes killed ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Amelie ->Temp folder emptied: 145979421 bytes ->Temporary Internet Files folder emptied: 32404403 bytes ->Java cache emptied: 983 bytes ->FireFox cache emptied: 50360305 bytes ->Flash cache emptied: 16401 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 4320776 bytes RecycleBin emptied: 84 bytes Total Files Cleaned = 222,00 mb [EMPTYFLASH] User: All Users User: Amelie ->Flash cache emptied: 0 bytes User: Default User: Default User User: Public Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.31.0 log created on 01242012_202422 Files\Folders moved on Reboot... File\Folder C:\Users\Amelie\AppData\Local\Temp\Temp1_ZpO3e2dAqv0p.zip\Echoes Of Silence\04 XO not found! Registry entries deleted on Reboot... Files\Folders moved on Reboot... File\Folder C:\Users\Amelie\AppData\Local\Temp\Temp1_ZpO3e2dAqv0p.zip\Echoes Of Silence\04 XO not found! Registry entries deleted on Reboot... |
|
24.01.2012, 20:54
| #62 |
| | Windows startet nicht! OTL Logfile:
__________________Code:
ATTFilter OTL Extras logfile created on: 24/01/2012 20:41:52 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Amelie\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd/MM/yyyy
1,99 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 49,16% Memory free
4,21 Gb Paging File | 3,04 Gb Available in Paging File | 72,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 185,31 Gb Total Space | 92,90 Gb Free Space | 50,13% Space Free | Partition Type: NTFS
Computer Name: AMELIES-PC | User Name: Amelie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{355503C7-E1B9-4194-A6F3-8273CAD77732}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{3A7176EA-7F8C-45F0-92BB-9E23850F618B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{565869AA-B0BF-490E-87DF-517ADA58F36C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{70ECF8E6-5242-469D-8782-9420EFBE5EE4}" = protocol=6 | dir=in | app=c:\program files\windows ilivid toolbar\datamngr\toolbar\dtuser.exe |
"{7A6CF547-A564-4321-BE89-C35938A1FD30}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7F32BCE8-B8D3-4B73-BE2F-A7AB643FEE48}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{8C8417EC-1870-47F8-860C-EA84A3471D14}" = protocol=17 | dir=in | app=c:\program files\windows ilivid toolbar\datamngr\toolbar\dtuser.exe |
"{A49F0A00-E0A4-4CD9-BE4A-5A550F8C2420}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A591438E-8688-4510-863C-317DD3C440DF}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{B1FD1E28-91C8-4A11-B011-8780A186F4B7}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{D8122D29-5D2B-49B2-8C0D-8CB0A8C9ADD7}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"TCP Query User{05F95B01-F267-4B25-93BB-6BCDD2903B1D}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{BF33F72E-9863-4468-BE83-6B62DA7018B7}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{D6B342B8-B13C-4F5F-ADB5-344151D41874}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{EF6400A1-4B86-4F75-B018-A4D099863FE9}C:\users\amelie\documents\temp\teamviewer\version5\teamviewer.exe" = protocol=6 | dir=in | app=c:\users\amelie\documents\temp\teamviewer\version5\teamviewer.exe |
"UDP Query User{065B168A-1D4A-4DBA-8F7D-DE3EEEF4E452}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{26B6C023-15B4-4A64-A606-B9ED9939ED0B}C:\users\amelie\documents\temp\teamviewer\version5\teamviewer.exe" = protocol=17 | dir=in | app=c:\users\amelie\documents\temp\teamviewer\version5\teamviewer.exe |
"UDP Query User{5F15CD58-BEAD-4195-9926-0678CBEC1C23}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{6E5834A8-5A69-48BF-819E-FD169FC5C2B0}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6DE13770-01B7-4366-8DA6-48237793F445}" = VoiceOver Kit
"{6EB6C056-02BB-453E-8448-EC90B9794180}" = Nokia Multimedia Common Components 2.4
"{81717D01-32F6-449C-85E1-41AFD678E545}" = LG Intelligent Update
"{82427977-8776-4087-90CA-9F65174D3C4D}" = Nokia Connectivity Cable Driver
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DC432844-6914-4421-910C-F1B05B3A761C}" = Nokia Music
"{E70EF09E-44EB-4BE2-B80C-77AA04397A31}" = CameraBag 1.5
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_QPBVENZM" = HDAUDIO Soft Data Fax Modem with SmartCP
"DivX Setup.divx.com" = DivX-Setup
"EPSON Scanner" = EPSON Scan
"ESET Online Scanner" = ESET Online Scanner v3
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.1
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"ICQToolbar" = ICQ Toolbar
"iLivid" = iLivid
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"Picasa 3" = Picasa 3
"Scribus 1.3.9" = Scribus 1.3.9
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.8a
"Windows Searchqu Toolbar" = Windows iLivid Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Move Media Player" = Move Media Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 20/01/2012 12:42:15 | Computer Name = Amelies-PC | Source = EventSystem | ID = 4609
Description =
Error - 21/01/2012 13:04:39 | Computer Name = Amelies-PC | Source = EventSystem | ID = 4609
Description =
Error - 21/01/2012 13:08:02 | Computer Name = Amelies-PC | Source = EventSystem | ID = 4609
Description =
Error - 21/01/2012 13:09:04 | Computer Name = Amelies-PC | Source = System Restore | ID = 8193
Description =
Error - 21/01/2012 13:17:11 | Computer Name = Amelies-PC | Source = EventSystem | ID = 4609
Description =
Error - 21/01/2012 14:44:45 | Computer Name = Amelies-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6000.16771, Zeitstempel
0x4907deda, fehlerhaftes Modul ole32.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bd92,
Ausnahmecode 0xc0000005, Fehleroffset 0x00041022, Prozess-ID 0x1a4, Anwendungsstartzeit
01ccd86ca9fdd48d.
Error - 21/01/2012 14:47:04 | Computer Name = Amelies-PC | Source = EventSystem | ID = 4609
Description =
Error - 22/01/2012 07:23:18 | Computer Name = Amelies-PC | Source = EventSystem | ID = 4609
Description =
Error - 22/01/2012 07:41:39 | Computer Name = Amelies-PC | Source = WerSvc | ID = 5007
Description =
Error - 23/01/2012 16:05:14 | Computer Name = Amelies-PC | Source = WerSvc | ID = 5007
Description =
[ System Events ]
Error - 22/01/2012 07:23:22 | Computer Name = Amelies-PC | Source = DCOM | ID = 10005
Description =
Error - 22/01/2012 07:23:25 | Computer Name = Amelies-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 22/01/2012 07:23:25 | Computer Name = Amelies-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 22/01/2012 07:25:08 | Computer Name = Amelies-PC | Source = DCOM | ID = 10005
Description =
Error - 22/01/2012 07:33:00 | Computer Name = Amelies-PC | Source = WinDefend | ID = 2004
Description = Beim Laden der Signaturen wurde von %%827 ein Fehler festgestellt.
Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen. Versuchte
Signaturen: %%824 Fehlercode: 0x8050a001 Fehlerbeschreibung: Das Programm kann keine
Definitionsdateien finden, die dazu dienen, unerwünschte Software zu erkennen.
Überprüfen Sie, ob aktualisierte Definitionsdateien vorhanden sind, und versuchen
Sie es dann erneut. Weitere Informationen zum Installieren von Updates finden Sie
unter "Hilfe und Support". Ladende Signaturen: %%825 Ladene Signaturversion: 1.117.3022.0
Ladende
Modulversion: 1.1.7903.0
Error - 22/01/2012 07:34:31 | Computer Name = Amelies-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 23/01/2012 15:03:46 | Computer Name = Amelies-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 23/01/2012 15:06:18 | Computer Name = Amelies-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24/01/2012 15:12:53 | Computer Name = Amelies-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24/01/2012 15:30:47 | Computer Name = Amelies-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
OTL Logfile: Code:
ATTFilter OTL logfile created on: 24/01/2012 20:41:52 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Amelie\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd/MM/yyyy
1,99 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 49,16% Memory free
4,21 Gb Paging File | 3,04 Gb Available in Paging File | 72,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 185,31 Gb Total Space | 92,90 Gb Free Space | 50,13% Space Free | Partition Type: NTFS
Computer Name: AMELIES-PC | User Name: Amelie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/24 20:23:01 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Amelie\Downloads\OTL(3).exe
PRC - [2011/12/06 11:17:56 | 001,694,608 | ---- | M] (Bandoo Media, inc) -- C:\Programme\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/09/01 07:39:18 | 001,164,584 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/08/01 21:25:09 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2010/07/04 18:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2010/07/04 18:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010/02/11 12:42:32 | 000,172,328 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2009/06/30 13:12:58 | 001,032,192 | ---- | M] (Nokia) -- C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2008/10/29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/15 13:31:50 | 000,068,865 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
PRC - [2008/10/15 13:29:58 | 000,151,297 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
PRC - [2008/09/30 16:51:58 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2008/09/30 16:49:34 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2008/06/12 13:28:40 | 000,266,497 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
PRC - [2008/06/10 19:26:28 | 000,222,456 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2008/06/10 03:27:04 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008/02/26 19:40:51 | 001,232,896 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2008/01/07 16:59:14 | 000,247,088 | ---- | M] (BIT LEADER) -- C:\Programme\lg_swupdate\GiljabiStart.exe
PRC - [2007/10/03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/10/03 15:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/06 14:42:30 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2010/09/01 07:39:28 | 000,095,528 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2010/09/01 07:39:18 | 001,164,584 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2009/11/03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/11/03 15:51:26 | 000,039,712 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\ASL.dll
MOD - [2009/10/17 17:16:05 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7208ffa39630e9b923331f9df0947a12\System.Xml.ni.dll
MOD - [2009/10/17 17:15:40 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1941d7639299344ae28fb6b23da65247\System.Windows.Forms.ni.dll
MOD - [2009/10/17 17:15:28 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6312464f64727a2a50d5ce3fd73ad1bb\System.Drawing.ni.dll
MOD - [2009/10/17 17:12:24 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll
MOD - [2009/10/17 17:11:57 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll
MOD - [2008/07/29 14:55:14 | 000,969,728 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll
MOD - [2008/07/27 19:00:27 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2008/07/27 19:00:27 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2008/07/27 19:00:26 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2008/07/27 19:00:24 | 000,659,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
MOD - [2008/07/27 19:00:24 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
MOD - [2008/07/27 19:00:22 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2008/07/27 19:00:17 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2008/07/27 19:00:17 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008/07/27 19:00:17 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2008/07/27 19:00:17 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_de_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
MOD - [2007/02/06 13:00:00 | 000,009,728 | ---- | M] () -- C:\Programme\lg_swupdate\AxInterop.InetCtlsObjects.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/07/04 18:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/02/11 12:42:32 | 000,172,328 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009/06/02 09:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/10/15 13:31:50 | 000,068,865 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2008/10/15 13:29:58 | 000,151,297 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2008/06/10 19:26:28 | 000,222,456 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008/02/26 16:12:47 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
========== Driver Services (SafeList) ==========
DRV - [2010/06/14 08:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/12 11:14:58 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/05/12 11:14:56 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2010/05/12 11:14:56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/04/27 03:25:12 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2010/04/27 03:25:12 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2010/04/27 03:25:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2009/05/28 17:41:26 | 000,075,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/05/28 17:41:22 | 000,052,056 | ---- | M] (Avira GmbH) [File_System | On_Demand | Running] -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
DRV - [2009/05/28 17:41:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/02/06 15:12:24 | 000,197,632 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDART.sys -- (CnxtHdAudAddService)
DRV - [2007/11/08 18:03:26 | 000,021,248 | ---- | M] (AVIRA GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007/05/30 15:40:42 | 000,735,232 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/01/30 13:23:30 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006/07/24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchqu.com/406
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/406"
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.5.1.00
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Amelie\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Amelie\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/01 21:25:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/04 11:26:18 | 000,000,000 | ---D | M]
[2012/01/14 12:45:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Amelie\AppData\Roaming\mozilla\Extensions
[2012/01/24 20:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Amelie\AppData\Roaming\mozilla\Firefox\Profiles\ab9qplj7.default\extensions
[2009/09/05 17:18:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Amelie\AppData\Roaming\mozilla\Firefox\Profiles\ab9qplj7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/09/06 10:41:44 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Amelie\AppData\Roaming\mozilla\Firefox\Profiles\ab9qplj7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012/01/14 12:45:04 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\Amelie\AppData\Roaming\mozilla\Firefox\Profiles\ab9qplj7.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2008/11/26 22:08:20 | 000,000,681 | ---- | M] () -- C:\Users\Amelie\AppData\Roaming\Mozilla\Firefox\Profiles\ab9qplj7.default\searchplugins\ask.xml
[2012/01/20 14:52:29 | 000,000,950 | ---- | M] () -- C:\Users\Amelie\AppData\Roaming\Mozilla\Firefox\Profiles\ab9qplj7.default\searchplugins\icqplugin-1.xml
[2008/11/18 13:56:02 | 000,000,944 | ---- | M] () -- C:\Users\Amelie\AppData\Roaming\Mozilla\Firefox\Profiles\ab9qplj7.default\searchplugins\icqplugin.xml
[2012/01/14 12:44:53 | 000,002,519 | ---- | M] () -- C:\Users\Amelie\AppData\Roaming\Mozilla\Firefox\Profiles\ab9qplj7.default\searchplugins\Search_Results.xml
[2012/01/21 19:47:27 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009/01/02 23:15:19 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011/10/14 17:51:59 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2008/10/11 15:50:47 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2012/01/14 12:45:14 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\WINDOWS ILIVID TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2010/08/01 21:25:15 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/08/01 21:25:15 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010/08/01 21:25:15 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/01/14 12:44:53 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2010/08/01 21:25:15 | 000,000,986 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/08/01 21:25:15 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012/01/05 01:13:41 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DATAMNGR] C:\Programme\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LG Intelligent Update] C:\Program Files\lg_swupdate\giljabistart.exe (BIT LEADER)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe (Nokia)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - Startup: C:\Users\Amelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://static.pe.schuelervz.net/photouploader/ImageUploader5.cab?nocache=1222713223 (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2EAF1430-709F-4F95-A140-E8CD1373768D}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{416638A6-4439-4918-8792-88CA7E712DD2}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll) -C:\Programme\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) -C:\Programme\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Amelie\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Amelie\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/01/23 20:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/01/22 12:19:56 | 000,000,000 | ---D | C] -- C:\Users\Amelie\AppData\Roaming\Goafto
[2012/01/20 17:38:28 | 000,000,000 | ---D | C] -- C:\Users\Amelie\AppData\Roaming\Ezuzh
[2012/01/20 17:21:40 | 000,000,000 | ---D | C] -- C:\Users\Amelie\AppData\Roaming\Ifsiofw
[2012/01/14 14:54:57 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/01/14 12:42:42 | 000,000,000 | ---D | C] -- C:\Users\Amelie\AppData\Local\Ilivid Player
[2012/01/14 12:42:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}
[2012/01/14 12:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
[2012/01/14 12:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\iLivid
[2012/01/14 12:39:12 | 000,000,000 | ---D | C] -- C:\Program Files\Windows iLivid Toolbar
[2012/01/14 12:38:15 | 000,000,000 | ---D | C] -- C:\Users\Amelie\AppData\Local\PackageAware
[2012/01/14 12:37:48 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\cro meine musik
[2012/01/08 17:32:06 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\lalala
[2012/01/08 17:25:39 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\cro
[2012/01/06 18:39:07 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/06 14:42:30 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/01/05 20:28:10 | 000,061,440 | ---- | C] ( ) -- C:\Users\Amelie\Documents\Desktop\VEW.exe
[2012/01/05 17:59:17 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/01/05 17:59:17 | 000,000,000 | ---D | C] -- C:\Users\Amelie\AppData\Local\temp
[2012/01/05 17:58:19 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/01/05 17:44:52 | 000,000,000 | ---D | C] -- C:\ComboFix.exe
[2012/01/05 01:23:26 | 000,000,000 | R--D | C] -- C:\Users\Amelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zuletzt verwendet - Verknüpfung
[2012/01/05 01:00:37 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/01/05 01:00:37 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/01/05 01:00:37 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2012/01/05 01:00:37 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/01/05 01:00:31 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/01/05 01:00:04 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/04 11:24:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/01/04 11:24:26 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/01/01 19:42:05 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\stocherkahnrennen
[2012/01/01 19:16:24 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\fasnet
[2012/01/01 19:08:38 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\zunsweier
[2012/01/01 16:57:48 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\bluuubb
[2012/01/01 16:54:38 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\silvester
========== Files - Modified Within 30 Days ==========
[2012/01/24 20:29:49 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/24 20:29:49 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/24 20:29:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/24 20:29:11 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/24 20:21:27 | 000,000,120 | ---- | M] () -- C:\Users\Amelie\Documents\Desktop\R0J9AUmv.htm.part.htm
[2012/01/14 12:45:22 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2012/01/14 12:42:41 | 000,000,115 | ---- | M] () -- C:\Users\Public\Desktop\Try New Messenger for Facebook.url
[2012/01/12 23:27:26 | 181,889,874 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/01/12 22:56:44 | 000,019,611 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\lieblings.odt
[2012/01/12 22:28:55 | 000,008,401 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\jajjaja.odt
[2012/01/12 22:25:48 | 000,019,449 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\eriiiinnerung.odt
[2012/01/10 20:00:08 | 000,016,626 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\Lebenslauf.odt
[2012/01/10 19:56:46 | 000,024,221 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\bewerbuuung.odt
[2012/01/09 20:43:37 | 000,000,082 | ---- | M] () -- C:\Users\Amelie\Documents\Desktop\file.bat
[2012/01/08 21:47:31 | 000,649,670 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/01/08 21:47:31 | 000,618,468 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/08 21:47:31 | 000,120,098 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/01/08 21:47:31 | 000,107,316 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/06 14:42:30 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/01/05 20:43:02 | 000,061,440 | ---- | M] ( ) -- C:\Users\Amelie\Documents\Desktop\VEW.exe
[2012/01/05 19:51:45 | 000,001,496 | ---- | M] () -- C:\Users\Amelie\Documents\Desktop\Partey&out of space.lnk
[2012/01/05 01:13:41 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/12/30 15:34:24 | 000,038,412 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\fuck.odt
========== Files Created - No Company Name ==========
[2012/01/24 20:21:22 | 000,000,120 | ---- | C] () -- C:\Users\Amelie\Documents\Desktop\R0J9AUmv.htm.part.htm
[2012/01/22 12:32:54 | 2137,448,448 | -HS- | C] () -- C:\hiberfil.sys
[2012/01/14 12:42:41 | 000,000,115 | ---- | C] () -- C:\Users\Public\Desktop\Try New Messenger for Facebook.url
[2012/01/14 12:42:23 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2012/01/09 20:43:37 | 000,000,082 | ---- | C] () -- C:\Users\Amelie\Documents\Desktop\file.bat
[2012/01/09 20:32:12 | 000,024,221 | ---- | C] () -- C:\Users\Amelie\Downloads\Documents\bewerbuuung.odt
[2012/01/06 19:06:13 | 007,204,545 | ---- | C] () -- C:\Users\Amelie\Documents\Desktop\06 Meine Musik.mp3
[2012/01/06 19:06:12 | 007,631,538 | ---- | C] () -- C:\Users\Amelie\Documents\Desktop\04 Immer da.mp3
[2012/01/06 19:06:12 | 006,180,378 | ---- | C] () -- C:\Users\Amelie\Documents\Desktop\05 Rockstar.mp3
[2012/01/05 01:00:37 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/01/05 01:00:37 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/01/05 01:00:37 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/01/05 01:00:37 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/01/05 01:00:37 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/01/04 11:26:18 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/12/30 15:34:23 | 000,038,412 | ---- | C] () -- C:\Users\Amelie\Downloads\Documents\fuck.odt
[2011/09/27 17:00:11 | 000,007,186 | ---- | C] () -- C:\Users\Amelie\AppData\Roaming\C2C2.4CB
[2011/01/10 18:47:09 | 000,000,680 | ---- | C] () -- C:\Users\Amelie\AppData\Local\d3d9caps.dat
[2010/10/20 15:15:50 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010/10/20 15:15:50 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010/10/19 18:43:47 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010/10/19 17:51:17 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2008/09/30 19:41:14 | 000,074,752 | ---- | C] () -- C:\Users\Amelie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/02/27 06:57:05 | 000,008,874 | ---- | C] () -- C:\Windows\lg_up.ini
[2008/02/26 15:32:17 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/02/26 15:31:51 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/02/26 15:31:51 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/02/26 15:31:51 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/02/26 15:31:51 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/02/26 15:30:13 | 000,000,196 | ---- | C] () -- C:\Windows\lgps.ini
[2006/11/02 16:33:31 | 000,649,670 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006/11/02 16:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006/11/02 16:33:31 | 000,120,098 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006/11/02 16:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 000,246,488 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,618,468 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,107,316 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 08:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/02 08:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
< End of report >
|
|
24.01.2012, 21:48
| #63 |
| /// Selecta Jahrusso   | Windows startet nicht! Besuche bitte die Microsoft-Update-Seite und lade Dir alle Updates unter Benutzerdefiniert herunter
__________________Mache das so lange bis du nichts mehr angeboten bekommst Du musst dafür mit den Internet Explorer ins Netz gehen Wenn du dies mit FireFox durchführen willst musst Du vorher das Addon IE View installieren Starte bitte OTL.exe und drücke den Quick Scan Button. Poste die OTL.txt hier in deinen Thread.
__________________ |
|
27.01.2012, 17:04
| #64 |
| /// Selecta Jahrusso | Windows startet nicht! Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomm ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
27.01.2012, 17:41
| #65 |
| | Windows startet nicht! OTL Logfile: Code:
ATTFilter OTL logfile created on: 27/01/2012 17:34:02 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Amelie\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd/MM/yyyy
1,99 Gb Total Physical Memory | 0,87 Gb Available Physical Memory | 43,73% Memory free
4,22 Gb Paging File | 2,96 Gb Available in Paging File | 70,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 185,31 Gb Total Space | 106,44 Gb Free Space | 57,44% Space Free | Partition Type: NTFS
Computer Name: AMELIES-PC | User Name: Amelie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/27 17:33:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Amelie\Downloads\OTL(4).exe
PRC - [2011/12/06 11:17:56 | 001,694,608 | ---- | M] (Bandoo Media, inc) -- C:\Programme\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/09/01 07:39:18 | 001,164,584 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/08/01 21:25:09 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2010/07/04 18:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2010/07/04 18:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010/02/11 12:42:32 | 000,172,328 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2009/06/30 13:12:58 | 001,032,192 | ---- | M] (Nokia) -- C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2009/04/11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/15 13:31:50 | 000,068,865 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
PRC - [2008/10/15 13:29:58 | 000,151,297 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
PRC - [2008/09/30 16:51:58 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2008/09/30 16:49:34 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2008/06/12 13:28:40 | 000,266,497 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
PRC - [2008/06/10 19:26:28 | 000,222,456 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2008/06/10 03:27:04 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008/01/07 16:59:14 | 000,247,088 | ---- | M] (BIT LEADER) -- C:\Programme\lg_swupdate\GiljabiStart.exe
PRC - [2007/10/03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/10/03 15:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/27 17:07:24 | 001,711,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\902ba03598b46f478f3d7561ece592e6\Microsoft.VisualBasic.ni.dll
MOD - [2012/01/27 17:06:50 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll
MOD - [2012/01/27 16:31:28 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bcb66dbad2b45d05235b37a02f737eb5\Accessibility.ni.dll
MOD - [2012/01/27 16:31:25 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\311bc26c3ed83409589eb6bae0eeb86e\System.Runtime.Remoting.ni.dll
MOD - [2012/01/27 16:30:50 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2012/01/27 16:30:44 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2012/01/27 16:30:02 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2012/01/27 16:29:40 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2012/01/27 16:25:34 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2012/01/27 16:25:04 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2010/09/01 07:39:28 | 000,095,528 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2010/09/01 07:39:18 | 001,164,584 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2009/11/03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/11/03 15:51:26 | 000,039,712 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\ASL.dll
MOD - [2009/03/30 05:42:13 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
MOD - [2009/03/30 05:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009/03/30 05:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009/03/30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/03/30 05:42:11 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_de_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
MOD - [2008/07/29 14:55:14 | 000,969,728 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll
MOD - [2007/02/06 13:00:00 | 000,009,728 | ---- | M] () -- C:\Programme\lg_swupdate\AxInterop.InetCtlsObjects.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/07/04 18:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/02/11 12:42:32 | 000,172,328 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009/06/02 09:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/10/15 13:31:50 | 000,068,865 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2008/10/15 13:29:58 | 000,151,297 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2008/06/10 19:26:28 | 000,222,456 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
========== Driver Services (SafeList) ==========
DRV - [2010/06/14 08:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/12 11:14:58 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/05/12 11:14:56 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2010/05/12 11:14:56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/04/27 03:25:12 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2010/04/27 03:25:12 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2010/04/27 03:25:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2009/05/28 17:41:26 | 000,075,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/05/28 17:41:22 | 000,052,056 | ---- | M] (Avira GmbH) [File_System | On_Demand | Running] -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
DRV - [2009/05/28 17:41:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/02/06 15:12:24 | 000,197,632 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDART.sys -- (CnxtHdAudAddService)
DRV - [2007/11/08 18:03:26 | 000,021,248 | ---- | M] (AVIRA GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007/05/30 15:40:42 | 000,735,232 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/01/30 13:23:30 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006/07/24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/406"
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.3
FF - prefs.js..extensions.enabledItems: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.5.1.00
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Amelie\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Amelie\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/01 21:25:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/04 11:26:18 | 000,000,000 | ---D | M]
[2012/01/14 12:45:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Amelie\AppData\Roaming\mozilla\Extensions
[2012/01/27 15:30:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Amelie\AppData\Roaming\mozilla\Firefox\Profiles\ab9qplj7.default\extensions
[2009/09/05 17:18:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Amelie\AppData\Roaming\mozilla\Firefox\Profiles\ab9qplj7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/09/06 10:41:44 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Amelie\AppData\Roaming\mozilla\Firefox\Profiles\ab9qplj7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012/01/26 15:08:00 | 000,000,000 | ---D | M] (IE View) -- C:\Users\Amelie\AppData\Roaming\mozilla\Firefox\Profiles\ab9qplj7.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2012/01/14 12:45:04 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\Amelie\AppData\Roaming\mozilla\Firefox\Profiles\ab9qplj7.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2008/11/26 22:08:20 | 000,000,681 | ---- | M] () -- C:\Users\Amelie\AppData\Roaming\Mozilla\Firefox\Profiles\ab9qplj7.default\searchplugins\ask.xml
[2012/01/20 14:52:29 | 000,000,950 | ---- | M] () -- C:\Users\Amelie\AppData\Roaming\Mozilla\Firefox\Profiles\ab9qplj7.default\searchplugins\icqplugin-1.xml
[2008/11/18 13:56:02 | 000,000,944 | ---- | M] () -- C:\Users\Amelie\AppData\Roaming\Mozilla\Firefox\Profiles\ab9qplj7.default\searchplugins\icqplugin.xml
[2012/01/14 12:44:53 | 000,002,519 | ---- | M] () -- C:\Users\Amelie\AppData\Roaming\Mozilla\Firefox\Profiles\ab9qplj7.default\searchplugins\Search_Results.xml
[2012/01/21 19:47:27 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009/01/02 23:15:19 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011/10/14 17:51:59 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2008/10/11 15:50:47 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2012/01/14 12:45:14 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\WINDOWS ILIVID TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2010/08/01 21:25:15 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/08/01 21:25:15 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010/08/01 21:25:15 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/01/14 12:44:53 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2010/08/01 21:25:15 | 000,000,986 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/08/01 21:25:15 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012/01/05 01:13:41 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DATAMNGR] C:\Programme\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LG Intelligent Update] C:\Program Files\lg_swupdate\giljabistart.exe (BIT LEADER)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe (Nokia)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - Startup: C:\Users\Amelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://static.pe.schuelervz.net/photouploader/ImageUploader5.cab?nocache=1222713223 (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2EAF1430-709F-4F95-A140-E8CD1373768D}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{416638A6-4439-4918-8792-88CA7E712DD2}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll) -C:\Programme\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) -C:\Programme\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Amelie\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Amelie\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/01/27 16:52:12 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012/01/27 16:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2012/01/27 15:37:52 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2012/01/27 15:37:52 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2012/01/27 15:37:51 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2012/01/27 15:36:43 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012/01/27 15:36:42 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2012/01/27 15:36:42 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2012/01/27 15:36:42 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012/01/27 15:36:42 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2012/01/27 15:36:41 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012/01/27 15:35:57 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2012/01/27 15:35:57 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2012/01/27 15:35:55 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2012/01/27 15:35:53 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012/01/27 15:35:53 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2012/01/27 15:35:53 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012/01/27 15:35:53 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll
[2012/01/27 15:35:53 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2012/01/27 15:35:53 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2012/01/27 15:35:53 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2012/01/27 15:35:53 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll
[2012/01/27 15:35:53 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll
[2012/01/27 14:56:57 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2012/01/27 14:56:56 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2012/01/27 14:50:56 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2012/01/27 14:50:56 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012/01/27 14:50:56 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012/01/27 14:50:55 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2012/01/27 14:50:55 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2012/01/27 14:50:55 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012/01/27 14:50:54 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012/01/27 14:50:54 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2012/01/27 14:50:54 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2012/01/27 14:50:54 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012/01/27 14:50:52 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2012/01/27 14:50:52 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2012/01/27 14:50:08 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/01/27 14:50:08 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2012/01/27 14:50:08 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/01/27 14:50:08 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/01/27 14:50:07 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/01/27 14:50:07 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012/01/27 14:50:07 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/01/27 14:50:07 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2012/01/27 14:50:06 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012/01/27 14:50:06 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012/01/27 14:50:06 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012/01/27 14:48:16 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012/01/27 14:48:15 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/01/27 14:48:15 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/01/27 14:48:15 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/01/27 14:48:15 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/01/27 14:48:15 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/01/27 14:48:15 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/01/27 14:48:15 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/01/27 14:48:14 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/01/27 14:45:39 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/01/27 14:45:39 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/01/27 14:44:50 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012/01/27 14:44:50 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012/01/27 14:44:50 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012/01/27 14:44:50 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012/01/27 14:44:49 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012/01/27 14:44:47 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/01/27 14:41:53 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/01/27 14:40:55 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/01/27 14:40:55 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/01/27 14:40:27 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012/01/27 14:39:01 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/01/27 14:38:15 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012/01/27 14:38:11 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2012/01/27 14:38:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2012/01/27 14:37:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/01/27 14:20:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012/01/26 23:03:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2012/01/26 23:03:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2012/01/26 23:03:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2012/01/26 22:36:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012/01/26 19:39:03 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2012/01/26 19:39:03 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2012/01/26 19:39:03 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2012/01/26 19:36:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2012/01/26 19:34:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2012/01/26 19:34:07 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2012/01/26 19:34:07 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2012/01/26 19:34:07 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2012/01/26 19:34:06 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2012/01/26 19:34:06 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2012/01/26 19:34:05 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2012/01/26 19:34:05 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2012/01/26 19:34:05 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2012/01/26 19:34:05 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2012/01/26 19:34:05 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2012/01/26 19:34:00 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2012/01/26 19:34:00 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2012/01/26 19:34:00 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2012/01/26 19:34:00 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2012/01/26 19:34:00 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2012/01/26 19:12:28 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2012/01/26 19:12:23 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2012/01/26 19:12:21 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2012/01/26 19:12:21 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2012/01/26 19:12:18 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2012/01/26 19:12:16 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2012/01/26 19:12:15 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2012/01/26 19:12:14 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2012/01/26 19:12:13 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2012/01/26 19:12:12 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2012/01/26 19:12:09 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2012/01/26 19:12:09 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2012/01/26 19:12:08 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2012/01/26 19:12:07 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2012/01/26 19:12:06 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2012/01/26 19:12:05 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2012/01/26 19:12:05 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2012/01/26 19:12:05 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2012/01/26 19:12:03 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2012/01/26 19:12:03 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2012/01/26 19:12:02 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2012/01/26 19:12:01 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2012/01/26 19:12:01 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2012/01/26 19:12:01 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2012/01/26 19:12:00 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2012/01/26 19:12:00 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2012/01/26 19:11:59 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2012/01/26 19:11:59 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2012/01/26 19:11:57 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2012/01/26 19:11:57 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2012/01/26 19:11:57 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2012/01/26 19:11:55 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2012/01/26 19:11:53 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2012/01/26 19:11:53 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2012/01/26 19:11:52 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2012/01/26 19:11:52 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2012/01/26 19:11:52 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2012/01/26 19:11:51 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2012/01/26 19:11:51 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012/01/26 19:11:51 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2012/01/26 19:11:51 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2012/01/26 19:11:50 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2012/01/26 19:11:50 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2012/01/26 19:11:50 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2012/01/26 19:11:48 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2012/01/26 19:11:48 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2012/01/26 19:11:48 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2012/01/26 19:11:47 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2012/01/26 19:11:47 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2012/01/26 19:11:47 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2012/01/26 19:11:46 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2012/01/26 19:11:46 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2012/01/26 19:11:45 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2012/01/26 19:11:45 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2012/01/26 19:11:44 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2012/01/26 19:11:44 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2012/01/26 19:11:44 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2012/01/26 19:11:42 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2012/01/26 19:11:42 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2012/01/26 19:11:42 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2012/01/26 19:11:42 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2012/01/26 19:11:41 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2012/01/26 19:11:41 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2012/01/26 19:11:40 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2012/01/26 19:11:40 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2012/01/26 19:11:40 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2012/01/26 19:11:40 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012/01/26 19:11:40 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2012/01/26 19:11:39 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/01/26 19:11:39 | 000,398,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/01/26 19:11:39 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2012/01/26 19:11:38 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2012/01/26 19:11:38 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2012/01/26 19:11:38 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2012/01/26 19:11:37 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2012/01/26 19:11:37 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2012/01/26 19:11:37 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2012/01/26 19:11:36 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2012/01/26 19:11:36 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2012/01/26 19:11:33 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2012/01/26 19:11:32 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2012/01/26 19:11:32 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2012/01/26 19:11:31 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2012/01/26 19:11:31 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2012/01/26 19:11:31 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2012/01/26 19:11:30 | 000,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/01/26 19:11:30 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2012/01/26 19:11:29 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2012/01/26 19:11:28 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2012/01/26 19:11:28 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2012/01/26 19:11:28 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2012/01/26 19:11:28 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2012/01/26 19:11:27 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012/01/26 19:11:26 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2012/01/26 19:11:26 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2012/01/26 19:11:26 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2012/01/26 19:11:25 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2012/01/26 19:11:24 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2012/01/26 19:11:24 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2012/01/26 19:11:24 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2012/01/26 19:11:24 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2012/01/26 19:11:24 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2012/01/26 19:11:23 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2012/01/26 19:11:23 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2012/01/26 19:11:23 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2012/01/26 19:11:22 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2012/01/26 19:11:22 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2012/01/26 19:11:22 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2012/01/26 19:11:22 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2012/01/26 19:11:22 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2012/01/26 19:11:22 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2012/01/26 19:11:22 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2012/01/26 19:11:22 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2012/01/26 19:11:21 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2012/01/26 19:11:21 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2012/01/26 19:11:21 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2012/01/26 19:11:21 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2012/01/26 19:11:20 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2012/01/26 19:11:20 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2012/01/26 19:11:20 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012/01/26 19:11:20 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2012/01/26 19:11:20 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2012/01/26 19:11:20 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2012/01/26 19:11:19 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2012/01/26 19:11:19 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2012/01/26 19:11:19 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2012/01/26 19:11:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2012/01/26 19:11:18 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2012/01/26 19:11:18 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2012/01/26 19:11:18 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2012/01/26 19:11:18 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2012/01/26 19:11:17 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2012/01/26 19:11:17 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2012/01/26 19:11:17 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2012/01/26 19:11:16 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2012/01/26 19:11:16 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2012/01/26 19:11:15 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2012/01/26 19:11:15 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2012/01/26 19:11:15 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2012/01/26 19:11:15 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2012/01/26 19:11:15 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2012/01/26 19:11:15 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2012/01/26 19:11:14 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2012/01/26 19:11:14 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2012/01/26 19:11:14 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2012/01/26 19:11:14 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2012/01/26 19:11:14 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2012/01/26 19:11:13 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2012/01/26 19:11:13 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2012/01/26 19:11:13 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2012/01/26 19:11:13 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2012/01/26 19:11:12 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2012/01/26 19:11:10 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2012/01/26 19:11:10 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2012/01/26 19:11:10 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2012/01/26 19:11:10 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2012/01/26 19:11:10 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/01/26 19:11:10 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2012/01/26 19:11:10 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2012/01/26 19:11:10 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2012/01/26 19:11:09 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2012/01/26 19:11:09 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012/01/26 19:11:09 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2012/01/26 19:11:08 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2012/01/26 19:11:08 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2012/01/26 19:11:08 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2012/01/26 19:11:08 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2012/01/26 19:11:07 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2012/01/26 19:11:07 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2012/01/26 19:11:07 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2012/01/26 19:11:07 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2012/01/26 19:11:07 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2012/01/26 19:11:06 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2012/01/26 19:11:06 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2012/01/26 19:11:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2012/01/26 19:11:05 | 001,827,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/01/26 19:11:05 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2012/01/26 19:11:05 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/01/26 19:11:05 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2012/01/26 19:11:05 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2012/01/26 19:11:04 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2012/01/26 19:11:04 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2012/01/26 19:11:04 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2012/01/26 19:11:04 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2012/01/26 19:11:04 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2012/01/26 19:11:04 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2012/01/26 19:11:03 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2012/01/26 19:11:03 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2012/01/26 19:11:03 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2012/01/26 19:11:03 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2012/01/26 19:11:03 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2012/01/26 19:11:03 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2012/01/26 19:11:03 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2012/01/26 19:11:03 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2012/01/26 19:11:03 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2012/01/26 19:11:02 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2012/01/26 19:11:02 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2012/01/26 19:11:02 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2012/01/26 19:11:02 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2012/01/26 19:11:02 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2012/01/26 19:11:02 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2012/01/26 19:11:02 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2012/01/26 19:11:02 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2012/01/26 19:11:01 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2012/01/26 19:11:01 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2012/01/26 19:11:01 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2012/01/26 19:11:01 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2012/01/26 19:11:01 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2012/01/26 19:11:01 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2012/01/26 19:11:00 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2012/01/26 19:11:00 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2012/01/26 19:11:00 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2012/01/26 19:11:00 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2012/01/26 19:11:00 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2012/01/26 19:10:59 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2012/01/26 19:10:59 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2012/01/26 19:10:59 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2012/01/26 19:10:59 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2012/01/26 19:10:58 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2012/01/26 19:10:58 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2012/01/26 19:10:58 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2012/01/26 19:10:58 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2012/01/26 19:10:57 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2012/01/26 19:10:57 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2012/01/26 19:10:57 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2012/01/26 19:10:57 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2012/01/26 19:10:57 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2012/01/26 19:10:56 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2012/01/26 19:10:56 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2012/01/26 19:10:56 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2012/01/26 19:10:56 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2012/01/26 19:10:56 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2012/01/26 19:10:55 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2012/01/26 19:10:55 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2012/01/26 19:10:55 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2012/01/26 19:10:55 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2012/01/26 19:10:54 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2012/01/26 19:10:54 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2012/01/26 19:10:54 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2012/01/26 19:10:54 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/01/26 19:10:54 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2012/01/26 19:10:54 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2012/01/26 19:10:54 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2012/01/26 19:10:54 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2012/01/26 19:10:54 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2012/01/26 19:10:54 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2012/01/26 19:10:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2012/01/26 19:10:53 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2012/01/26 19:10:53 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2012/01/26 19:10:53 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2012/01/26 19:10:53 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2012/01/26 19:10:53 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2012/01/26 19:10:53 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2012/01/26 19:10:53 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2012/01/26 19:10:52 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2012/01/26 19:10:52 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2012/01/26 19:10:52 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2012/01/26 19:10:52 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2012/01/26 19:10:52 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2012/01/26 19:10:52 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2012/01/26 19:10:52 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2012/01/26 19:10:52 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2012/01/26 19:10:52 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2012/01/26 19:10:52 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2012/01/26 19:10:52 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2012/01/26 19:10:52 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2012/01/26 19:10:51 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2012/01/26 19:10:51 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012/01/26 19:10:51 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2012/01/26 19:10:51 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2012/01/26 19:10:51 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2012/01/26 19:10:51 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2012/01/26 19:10:51 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2012/01/26 19:10:51 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2012/01/26 19:10:51 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2012/01/26 19:10:51 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2012/01/26 19:10:51 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2012/01/26 19:10:50 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2012/01/26 19:10:50 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2012/01/26 19:10:50 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2012/01/26 19:10:50 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2012/01/26 19:10:49 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2012/01/26 19:10:49 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2012/01/26 19:10:49 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2012/01/26 19:10:49 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2012/01/26 19:10:49 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2012/01/26 19:10:48 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2012/01/26 19:10:48 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2012/01/26 19:10:48 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2012/01/26 19:10:48 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2012/01/26 19:10:48 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2012/01/26 19:10:48 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2012/01/26 19:10:48 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2012/01/26 19:10:47 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2012/01/26 19:10:47 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012/01/26 19:10:47 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2012/01/26 19:10:47 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/01/26 19:10:47 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2012/01/26 19:10:46 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2012/01/26 19:10:46 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2012/01/26 19:10:46 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/01/26 19:10:46 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2012/01/26 19:10:46 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2012/01/26 19:10:46 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2012/01/26 19:10:46 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2012/01/26 19:10:46 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2012/01/26 19:10:46 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2012/01/26 19:10:46 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2012/01/26 19:10:45 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2012/01/26 19:10:45 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2012/01/26 19:10:45 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2012/01/26 19:10:45 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2012/01/26 19:10:45 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2012/01/26 19:10:44 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2012/01/26 19:10:44 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2012/01/26 19:10:44 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2012/01/26 19:10:43 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2012/01/26 19:10:43 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2012/01/26 19:10:43 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2012/01/26 19:10:43 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012/01/26 19:10:43 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2012/01/26 19:10:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2012/01/26 19:10:42 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2012/01/26 19:10:42 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2012/01/26 19:10:42 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2012/01/26 19:10:42 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2012/01/26 19:10:42 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2012/01/26 19:10:42 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2012/01/26 19:10:42 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2012/01/26 19:10:42 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2012/01/26 19:10:42 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2012/01/26 19:10:42 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2012/01/26 19:10:42 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2012/01/26 19:10:42 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2012/01/26 19:10:42 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2012/01/26 19:10:42 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2012/01/26 19:10:42 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2012/01/26 19:10:42 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2012/01/26 19:10:41 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2012/01/26 19:10:41 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2012/01/26 19:10:41 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2012/01/26 19:10:41 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/01/26 19:10:41 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2012/01/26 19:10:41 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2012/01/26 19:10:41 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2012/01/26 19:10:41 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2012/01/26 19:10:41 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2012/01/26 19:10:41 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2012/01/26 19:10:41 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2012/01/26 19:10:41 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2012/01/26 19:10:40 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2012/01/26 19:10:40 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2012/01/26 19:10:40 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2012/01/26 19:10:40 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2012/01/26 19:10:39 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2012/01/26 19:10:39 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2012/01/26 19:10:39 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2012/01/26 19:10:39 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2012/01/26 19:10:39 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2012/01/26 19:10:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2012/01/26 19:10:38 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2012/01/26 19:10:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2012/01/26 19:10:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2012/01/26 19:10:38 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2012/01/26 19:10:37 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2012/01/26 19:10:36 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2012/01/26 19:10:36 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2012/01/26 19:10:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2012/01/26 19:10:34 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2012/01/26 19:10:16 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2012/01/26 19:10:13 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2012/01/26 19:10:13 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2012/01/26 19:10:06 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2012/01/26 18:40:49 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012/01/26 18:40:37 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2012/01/26 18:40:22 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/01/26 18:40:22 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2012/01/26 18:40:22 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/01/26 18:40:09 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2012/01/26 18:38:00 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2012/01/26 18:38:00 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2012/01/26 18:37:58 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2012/01/26 18:37:34 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2012/01/26 18:37:31 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2012/01/26 18:37:24 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012/01/26 18:36:55 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2012/01/26 18:36:35 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2012/01/26 18:36:00 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2012/01/26 18:35:55 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2012/01/26 18:35:54 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2012/01/26 18:35:47 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2012/01/26 18:35:44 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2012/01/26 18:35:42 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2012/01/26 18:35:42 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2012/01/26 18:35:41 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2012/01/26 18:35:27 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2012/01/26 18:35:26 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2012/01/26 18:35:26 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2012/01/26 18:35:20 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2012/01/26 18:34:05 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2012/01/26 14:52:12 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2012/01/23 20:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/01/22 12:19:56 | 000,000,000 | ---D | C] -- C:\Users\Amelie\AppData\Roaming\Goafto
[2012/01/20 17:38:28 | 000,000,000 | ---D | C] -- C:\Users\Amelie\AppData\Roaming\Ezuzh
[2012/01/20 17:21:40 | 000,000,000 | ---D | C] -- C:\Users\Amelie\AppData\Roaming\Ifsiofw
[2012/01/14 14:54:57 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/01/14 12:42:42 | 000,000,000 | ---D | C] -- C:\Users\Amelie\AppData\Local\Ilivid Player
[2012/01/14 12:42:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}
[2012/01/14 12:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
[2012/01/14 12:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\iLivid
[2012/01/14 12:39:12 | 000,000,000 | ---D | C] -- C:\Program Files\Windows iLivid Toolbar
[2012/01/14 12:38:15 | 000,000,000 | ---D | C] -- C:\Users\Amelie\AppData\Local\PackageAware
[2012/01/14 12:37:48 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\cro meine musik
[2012/01/08 17:32:06 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\lalala
[2012/01/08 17:25:39 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\cro
[2012/01/06 18:39:07 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/06 14:42:30 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/01/05 20:28:10 | 000,061,440 | ---- | C] ( ) -- C:\Users\Amelie\Documents\Desktop\VEW.exe
[2012/01/05 17:59:17 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/01/05 17:59:17 | 000,000,000 | ---D | C] -- C:\Users\Amelie\AppData\Local\temp
[2012/01/05 17:58:19 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/01/05 17:44:52 | 000,000,000 | ---D | C] -- C:\ComboFix.exe
[2012/01/05 01:23:26 | 000,000,000 | R--D | C] -- C:\Users\Amelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zuletzt verwendet - Verknüpfung
[2012/01/05 01:00:37 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/01/05 01:00:37 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/01/05 01:00:37 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2012/01/05 01:00:37 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/01/05 01:00:31 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/01/05 01:00:04 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/04 11:24:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/01/04 11:24:26 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/01/01 19:42:05 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\stocherkahnrennen
[2012/01/01 19:16:24 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\fasnet
[2012/01/01 19:08:38 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\zunsweier
[2012/01/01 16:57:48 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\bluuubb
[2012/01/01 16:54:38 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\silvester
========== Files - Modified Within 30 Days ==========
[2012/01/27 17:27:20 | 000,637,068 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/01/27 17:27:20 | 000,604,322 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/27 17:27:20 | 000,129,652 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/01/27 17:27:20 | 000,107,462 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/27 17:20:08 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/27 17:20:07 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/27 17:19:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/27 17:19:09 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/27 16:23:27 | 000,246,488 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/01/27 16:19:52 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2012/01/27 16:19:32 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012/01/27 15:58:09 | 000,019,607 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\lieblings.odt
[2012/01/27 15:55:23 | 000,011,270 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\meine wege verstaubt.odt
[2012/01/26 23:02:35 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012/01/26 23:02:05 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2012/01/26 14:32:46 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2012/01/26 14:32:25 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2012/01/24 20:21:27 | 000,000,120 | ---- | M] () -- C:\Users\Amelie\Documents\Desktop\R0J9AUmv.htm.part.htm
[2012/01/14 12:45:22 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2012/01/14 12:42:41 | 000,000,115 | ---- | M] () -- C:\Users\Public\Desktop\Try New Messenger for Facebook.url
[2012/01/12 23:27:26 | 181,889,874 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/01/12 22:28:55 | 000,008,401 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\jajjaja.odt
[2012/01/12 22:25:48 | 000,019,449 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\eriiiinnerung.odt
[2012/01/10 20:00:08 | 000,016,626 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\Lebenslauf.odt
[2012/01/10 19:56:46 | 000,024,221 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\bewerbuuung.odt
[2012/01/09 20:43:37 | 000,000,082 | ---- | M] () -- C:\Users\Amelie\Documents\Desktop\file.bat
[2012/01/06 14:42:30 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/01/05 20:43:02 | 000,061,440 | ---- | M] ( ) -- C:\Users\Amelie\Documents\Desktop\VEW.exe
[2012/01/05 19:51:45 | 000,001,496 | ---- | M] () -- C:\Users\Amelie\Documents\Desktop\Partey&out of space.lnk
[2012/01/05 01:13:41 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/12/30 15:34:24 | 000,038,412 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\fuck.odt
========== Files Created - No Company Name ==========
[2012/01/27 16:19:52 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2012/01/27 16:19:32 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012/01/26 23:02:35 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012/01/26 23:02:05 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2012/01/26 19:50:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012/01/26 19:50:23 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2012/01/26 19:34:01 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2012/01/26 19:34:01 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2012/01/26 19:34:01 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2012/01/26 19:11:50 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012/01/26 19:11:47 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2012/01/26 19:11:39 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2012/01/26 19:11:37 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012/01/26 19:11:37 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012/01/26 19:11:32 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2012/01/26 19:11:29 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2012/01/26 19:11:16 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2012/01/26 19:11:14 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2012/01/26 19:10:38 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2012/01/26 19:10:31 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2012/01/26 15:07:09 | 000,000,949 | ---- | C] () -- C:\Users\Amelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/01/24 20:21:22 | 000,000,120 | ---- | C] () -- C:\Users\Amelie\Documents\Desktop\R0J9AUmv.htm.part.htm
[2012/01/22 12:32:54 | 2137,448,448 | -HS- | C] () -- C:\hiberfil.sys
[2012/01/14 12:42:41 | 000,000,115 | ---- | C] () -- C:\Users\Public\Desktop\Try New Messenger for Facebook.url
[2012/01/14 12:42:23 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2012/01/09 20:43:37 | 000,000,082 | ---- | C] () -- C:\Users\Amelie\Documents\Desktop\file.bat
[2012/01/09 20:32:12 | 000,024,221 | ---- | C] () -- C:\Users\Amelie\Downloads\Documents\bewerbuuung.odt
[2012/01/06 19:06:13 | 007,204,545 | ---- | C] () -- C:\Users\Amelie\Documents\Desktop\06 Meine Musik.mp3
[2012/01/06 19:06:12 | 007,631,538 | ---- | C] () -- C:\Users\Amelie\Documents\Desktop\04 Immer da.mp3
[2012/01/06 19:06:12 | 006,180,378 | ---- | C] () -- C:\Users\Amelie\Documents\Desktop\05 Rockstar.mp3
[2012/01/05 01:00:37 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/01/05 01:00:37 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/01/05 01:00:37 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/01/05 01:00:37 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/01/05 01:00:37 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/01/04 11:26:18 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/12/30 15:34:23 | 000,038,412 | ---- | C] () -- C:\Users\Amelie\Downloads\Documents\fuck.odt
[2011/09/27 17:00:11 | 000,007,186 | ---- | C] () -- C:\Users\Amelie\AppData\Roaming\C2C2.4CB
[2011/01/10 18:47:09 | 000,000,680 | ---- | C] () -- C:\Users\Amelie\AppData\Local\d3d9caps.dat
[2010/10/20 15:15:50 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010/10/20 15:15:50 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010/10/19 18:43:47 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010/10/19 17:51:17 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2008/09/30 19:41:14 | 000,074,752 | ---- | C] () -- C:\Users\Amelie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/02/27 06:57:05 | 000,008,874 | ---- | C] () -- C:\Windows\lg_up.ini
[2008/02/26 15:32:17 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/02/26 15:31:51 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/02/26 15:31:51 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/02/26 15:31:51 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/02/26 15:31:51 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/02/26 15:30:13 | 000,000,196 | ---- | C] () -- C:\Windows\lgps.ini
[2006/11/02 16:33:31 | 000,637,068 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006/11/02 16:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006/11/02 16:33:31 | 000,129,652 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006/11/02 16:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 000,246,488 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,604,322 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,107,462 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
< End of report >
|
|
27.01.2012, 17:42
| #66 |
| | Windows startet nicht! OTL Logfile: Code:
ATTFilter OTL logfile created on: 27/01/2012 17:34:02 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Amelie\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd/MM/yyyy
1,99 Gb Total Physical Memory | 0,87 Gb Available Physical Memory | 43,73% Memory free
4,22 Gb Paging File | 2,96 Gb Available in Paging File | 70,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 185,31 Gb Total Space | 106,44 Gb Free Space | 57,44% Space Free | Partition Type: NTFS
Computer Name: AMELIES-PC | User Name: Amelie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/27 17:33:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Amelie\Downloads\OTL(4).exe
PRC - [2011/12/06 11:17:56 | 001,694,608 | ---- | M] (Bandoo Media, inc) -- C:\Programme\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/09/01 07:39:18 | 001,164,584 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/08/01 21:25:09 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2010/07/04 18:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2010/07/04 18:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010/02/11 12:42:32 | 000,172,328 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2009/06/30 13:12:58 | 001,032,192 | ---- | M] (Nokia) -- C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2009/04/11 07:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/15 13:31:50 | 000,068,865 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
PRC - [2008/10/15 13:29:58 | 000,151,297 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
PRC - [2008/09/30 16:51:58 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin
PRC - [2008/09/30 16:49:34 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe
PRC - [2008/06/12 13:28:40 | 000,266,497 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
PRC - [2008/06/10 19:26:28 | 000,222,456 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2008/06/10 03:27:04 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008/01/07 16:59:14 | 000,247,088 | ---- | M] (BIT LEADER) -- C:\Programme\lg_swupdate\GiljabiStart.exe
PRC - [2007/10/03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/10/03 15:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/27 17:07:24 | 001,711,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\902ba03598b46f478f3d7561ece592e6\Microsoft.VisualBasic.ni.dll
MOD - [2012/01/27 17:06:50 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll
MOD - [2012/01/27 16:31:28 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bcb66dbad2b45d05235b37a02f737eb5\Accessibility.ni.dll
MOD - [2012/01/27 16:31:25 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\311bc26c3ed83409589eb6bae0eeb86e\System.Runtime.Remoting.ni.dll
MOD - [2012/01/27 16:30:50 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2012/01/27 16:30:44 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2012/01/27 16:30:02 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2012/01/27 16:29:40 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2012/01/27 16:25:34 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2012/01/27 16:25:04 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2010/09/01 07:39:28 | 000,095,528 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2010/09/01 07:39:18 | 001,164,584 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2009/11/03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/11/03 15:51:26 | 000,039,712 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\ASL.dll
MOD - [2009/03/30 05:42:13 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
MOD - [2009/03/30 05:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009/03/30 05:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009/03/30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/03/30 05:42:11 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_de_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
MOD - [2008/07/29 14:55:14 | 000,969,728 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll
MOD - [2007/02/06 13:00:00 | 000,009,728 | ---- | M] () -- C:\Programme\lg_swupdate\AxInterop.InetCtlsObjects.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/07/04 18:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/02/11 12:42:32 | 000,172,328 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009/06/02 09:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/10/15 13:31:50 | 000,068,865 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2008/10/15 13:29:58 | 000,151,297 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2008/06/10 19:26:28 | 000,222,456 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/03 15:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
========== Driver Services (SafeList) ==========
DRV - [2010/06/14 08:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/05/12 11:14:58 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/05/12 11:14:56 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2010/05/12 11:14:56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/04/27 03:25:12 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2010/04/27 03:25:12 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2010/04/27 03:25:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2009/05/28 17:41:26 | 000,075,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/05/28 17:41:22 | 000,052,056 | ---- | M] (Avira GmbH) [File_System | On_Demand | Running] -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
DRV - [2009/05/28 17:41:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/02/06 15:12:24 | 000,197,632 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDART.sys -- (CnxtHdAudAddService)
DRV - [2007/11/08 18:03:26 | 000,021,248 | ---- | M] (AVIRA GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007/05/30 15:40:42 | 000,735,232 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/01/30 13:23:30 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006/07/24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/406"
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.3
FF - prefs.js..extensions.enabledItems: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.5.1.00
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Amelie\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Amelie\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/01 21:25:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/04 11:26:18 | 000,000,000 | ---D | M]
[2012/01/14 12:45:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Amelie\AppData\Roaming\mozilla\Extensions
[2012/01/27 15:30:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Amelie\AppData\Roaming\mozilla\Firefox\Profiles\ab9qplj7.default\extensions
[2009/09/05 17:18:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Amelie\AppData\Roaming\mozilla\Firefox\Profiles\ab9qplj7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/09/06 10:41:44 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Amelie\AppData\Roaming\mozilla\Firefox\Profiles\ab9qplj7.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012/01/26 15:08:00 | 000,000,000 | ---D | M] (IE View) -- C:\Users\Amelie\AppData\Roaming\mozilla\Firefox\Profiles\ab9qplj7.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2012/01/14 12:45:04 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\Amelie\AppData\Roaming\mozilla\Firefox\Profiles\ab9qplj7.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2008/11/26 22:08:20 | 000,000,681 | ---- | M] () -- C:\Users\Amelie\AppData\Roaming\Mozilla\Firefox\Profiles\ab9qplj7.default\searchplugins\ask.xml
[2012/01/20 14:52:29 | 000,000,950 | ---- | M] () -- C:\Users\Amelie\AppData\Roaming\Mozilla\Firefox\Profiles\ab9qplj7.default\searchplugins\icqplugin-1.xml
[2008/11/18 13:56:02 | 000,000,944 | ---- | M] () -- C:\Users\Amelie\AppData\Roaming\Mozilla\Firefox\Profiles\ab9qplj7.default\searchplugins\icqplugin.xml
[2012/01/14 12:44:53 | 000,002,519 | ---- | M] () -- C:\Users\Amelie\AppData\Roaming\Mozilla\Firefox\Profiles\ab9qplj7.default\searchplugins\Search_Results.xml
[2012/01/21 19:47:27 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009/01/02 23:15:19 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011/10/14 17:51:59 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2008/10/11 15:50:47 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2012/01/14 12:45:14 | 000,000,000 | ---D | M] (DataMngr) -- C:\PROGRAM FILES\WINDOWS ILIVID TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2010/08/01 21:25:15 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/08/01 21:25:15 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010/08/01 21:25:15 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/01/14 12:44:53 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2010/08/01 21:25:15 | 000,000,986 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/08/01 21:25:15 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012/01/05 01:13:41 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DATAMNGR] C:\Programme\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LG Intelligent Update] C:\Program Files\lg_swupdate\giljabistart.exe (BIT LEADER)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe (Nokia)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - Startup: C:\Users\Amelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://static.pe.schuelervz.net/photouploader/ImageUploader5.cab?nocache=1222713223 (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2EAF1430-709F-4F95-A140-E8CD1373768D}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{416638A6-4439-4918-8792-88CA7E712DD2}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\datamngr.dll) -C:\Programme\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI371A~1\Datamngr\IEBHO.dll) -C:\Programme\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Amelie\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Amelie\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/01/27 16:52:12 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012/01/27 16:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2012/01/27 15:37:52 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2012/01/27 15:37:52 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2012/01/27 15:37:51 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2012/01/27 15:36:43 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012/01/27 15:36:42 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2012/01/27 15:36:42 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2012/01/27 15:36:42 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012/01/27 15:36:42 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2012/01/27 15:36:41 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012/01/27 15:35:57 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2012/01/27 15:35:57 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2012/01/27 15:35:55 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2012/01/27 15:35:53 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012/01/27 15:35:53 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2012/01/27 15:35:53 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012/01/27 15:35:53 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll
[2012/01/27 15:35:53 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2012/01/27 15:35:53 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2012/01/27 15:35:53 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2012/01/27 15:35:53 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll
[2012/01/27 15:35:53 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll
[2012/01/27 14:56:57 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2012/01/27 14:56:56 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2012/01/27 14:50:56 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2012/01/27 14:50:56 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012/01/27 14:50:56 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012/01/27 14:50:55 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2012/01/27 14:50:55 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2012/01/27 14:50:55 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012/01/27 14:50:54 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012/01/27 14:50:54 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2012/01/27 14:50:54 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2012/01/27 14:50:54 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012/01/27 14:50:52 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2012/01/27 14:50:52 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2012/01/27 14:50:08 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/01/27 14:50:08 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2012/01/27 14:50:08 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/01/27 14:50:08 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/01/27 14:50:07 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/01/27 14:50:07 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012/01/27 14:50:07 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/01/27 14:50:07 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2012/01/27 14:50:06 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012/01/27 14:50:06 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012/01/27 14:50:06 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012/01/27 14:48:16 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012/01/27 14:48:15 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/01/27 14:48:15 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/01/27 14:48:15 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/01/27 14:48:15 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/01/27 14:48:15 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/01/27 14:48:15 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/01/27 14:48:15 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/01/27 14:48:14 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/01/27 14:45:39 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/01/27 14:45:39 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/01/27 14:44:50 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012/01/27 14:44:50 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012/01/27 14:44:50 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012/01/27 14:44:50 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012/01/27 14:44:49 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012/01/27 14:44:47 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/01/27 14:41:53 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/01/27 14:40:55 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/01/27 14:40:55 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/01/27 14:40:27 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012/01/27 14:39:01 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/01/27 14:38:15 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012/01/27 14:38:11 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2012/01/27 14:38:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2012/01/27 14:37:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/01/27 14:20:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012/01/26 23:03:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2012/01/26 23:03:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2012/01/26 23:03:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2012/01/26 22:36:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012/01/26 19:39:03 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2012/01/26 19:39:03 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2012/01/26 19:39:03 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2012/01/26 19:36:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2012/01/26 19:34:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2012/01/26 19:34:07 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2012/01/26 19:34:07 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2012/01/26 19:34:07 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2012/01/26 19:34:06 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2012/01/26 19:34:06 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2012/01/26 19:34:05 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2012/01/26 19:34:05 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2012/01/26 19:34:05 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2012/01/26 19:34:05 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2012/01/26 19:34:05 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2012/01/26 19:34:00 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2012/01/26 19:34:00 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2012/01/26 19:34:00 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2012/01/26 19:34:00 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2012/01/26 19:34:00 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2012/01/26 19:12:28 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2012/01/26 19:12:23 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll
[2012/01/26 19:12:21 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll
[2012/01/26 19:12:21 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe
[2012/01/26 19:12:18 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2012/01/26 19:12:16 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2012/01/26 19:12:15 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys
[2012/01/26 19:12:14 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2012/01/26 19:12:13 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2012/01/26 19:12:12 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll
[2012/01/26 19:12:09 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2012/01/26 19:12:09 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll
[2012/01/26 19:12:08 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll
[2012/01/26 19:12:07 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2012/01/26 19:12:06 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2012/01/26 19:12:05 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll
[2012/01/26 19:12:05 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2012/01/26 19:12:05 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2012/01/26 19:12:03 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2012/01/26 19:12:03 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2012/01/26 19:12:02 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2012/01/26 19:12:01 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL
[2012/01/26 19:12:01 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2012/01/26 19:12:01 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2012/01/26 19:12:00 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2012/01/26 19:12:00 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2012/01/26 19:11:59 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL
[2012/01/26 19:11:59 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll
[2012/01/26 19:11:57 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe
[2012/01/26 19:11:57 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll
[2012/01/26 19:11:57 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2012/01/26 19:11:55 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll
[2012/01/26 19:11:53 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2012/01/26 19:11:53 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll
[2012/01/26 19:11:52 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2012/01/26 19:11:52 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll
[2012/01/26 19:11:52 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2012/01/26 19:11:51 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe
[2012/01/26 19:11:51 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012/01/26 19:11:51 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2012/01/26 19:11:51 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
[2012/01/26 19:11:50 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2012/01/26 19:11:50 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll
[2012/01/26 19:11:50 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll
[2012/01/26 19:11:48 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll
[2012/01/26 19:11:48 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2012/01/26 19:11:48 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2012/01/26 19:11:47 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2012/01/26 19:11:47 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll
[2012/01/26 19:11:47 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll
[2012/01/26 19:11:46 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll
[2012/01/26 19:11:46 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2012/01/26 19:11:45 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2012/01/26 19:11:45 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2012/01/26 19:11:44 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe
[2012/01/26 19:11:44 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll
[2012/01/26 19:11:44 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2012/01/26 19:11:42 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
[2012/01/26 19:11:42 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll
[2012/01/26 19:11:42 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll
[2012/01/26 19:11:42 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll
[2012/01/26 19:11:41 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2012/01/26 19:11:41 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll
[2012/01/26 19:11:40 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll
[2012/01/26 19:11:40 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2012/01/26 19:11:40 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll
[2012/01/26 19:11:40 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012/01/26 19:11:40 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2012/01/26 19:11:39 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/01/26 19:11:39 | 000,398,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/01/26 19:11:39 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2012/01/26 19:11:38 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2012/01/26 19:11:38 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll
[2012/01/26 19:11:38 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll
[2012/01/26 19:11:37 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2012/01/26 19:11:37 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll
[2012/01/26 19:11:37 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll
[2012/01/26 19:11:36 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
[2012/01/26 19:11:36 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2012/01/26 19:11:33 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2012/01/26 19:11:32 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll
[2012/01/26 19:11:32 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll
[2012/01/26 19:11:31 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll
[2012/01/26 19:11:31 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll
[2012/01/26 19:11:31 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe
[2012/01/26 19:11:30 | 000,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/01/26 19:11:30 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2012/01/26 19:11:29 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe
[2012/01/26 19:11:28 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2012/01/26 19:11:28 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll
[2012/01/26 19:11:28 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2012/01/26 19:11:28 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2012/01/26 19:11:27 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012/01/26 19:11:26 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2012/01/26 19:11:26 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe
[2012/01/26 19:11:26 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2012/01/26 19:11:25 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2012/01/26 19:11:24 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll
[2012/01/26 19:11:24 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe
[2012/01/26 19:11:24 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll
[2012/01/26 19:11:24 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2012/01/26 19:11:24 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll
[2012/01/26 19:11:23 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll
[2012/01/26 19:11:23 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2012/01/26 19:11:23 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2012/01/26 19:11:22 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe
[2012/01/26 19:11:22 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2012/01/26 19:11:22 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime
[2012/01/26 19:11:22 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime
[2012/01/26 19:11:22 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime
[2012/01/26 19:11:22 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime
[2012/01/26 19:11:22 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime
[2012/01/26 19:11:22 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2012/01/26 19:11:21 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll
[2012/01/26 19:11:21 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2012/01/26 19:11:21 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2012/01/26 19:11:21 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll
[2012/01/26 19:11:20 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2012/01/26 19:11:20 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2012/01/26 19:11:20 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012/01/26 19:11:20 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe
[2012/01/26 19:11:20 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2012/01/26 19:11:20 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2012/01/26 19:11:19 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2012/01/26 19:11:19 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[2012/01/26 19:11:19 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2012/01/26 19:11:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2012/01/26 19:11:18 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2012/01/26 19:11:18 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2012/01/26 19:11:18 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2012/01/26 19:11:18 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe
[2012/01/26 19:11:17 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll
[2012/01/26 19:11:17 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2012/01/26 19:11:17 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2012/01/26 19:11:16 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys
[2012/01/26 19:11:16 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll
[2012/01/26 19:11:15 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2012/01/26 19:11:15 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2012/01/26 19:11:15 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2012/01/26 19:11:15 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll
[2012/01/26 19:11:15 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2012/01/26 19:11:15 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2012/01/26 19:11:14 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2012/01/26 19:11:14 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys
[2012/01/26 19:11:14 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2012/01/26 19:11:14 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL
[2012/01/26 19:11:14 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys
[2012/01/26 19:11:13 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll
[2012/01/26 19:11:13 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2012/01/26 19:11:13 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll
[2012/01/26 19:11:13 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2012/01/26 19:11:12 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2012/01/26 19:11:10 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2012/01/26 19:11:10 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2012/01/26 19:11:10 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll
[2012/01/26 19:11:10 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2012/01/26 19:11:10 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/01/26 19:11:10 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll
[2012/01/26 19:11:10 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2012/01/26 19:11:10 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2012/01/26 19:11:09 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2012/01/26 19:11:09 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012/01/26 19:11:09 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys
[2012/01/26 19:11:08 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2012/01/26 19:11:08 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll
[2012/01/26 19:11:08 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2012/01/26 19:11:08 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys
[2012/01/26 19:11:07 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll
[2012/01/26 19:11:07 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
[2012/01/26 19:11:07 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2012/01/26 19:11:07 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2012/01/26 19:11:07 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll
[2012/01/26 19:11:06 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll
[2012/01/26 19:11:06 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll
[2012/01/26 19:11:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll
[2012/01/26 19:11:05 | 001,827,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/01/26 19:11:05 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2012/01/26 19:11:05 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/01/26 19:11:05 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2012/01/26 19:11:05 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2012/01/26 19:11:04 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2012/01/26 19:11:04 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe
[2012/01/26 19:11:04 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2012/01/26 19:11:04 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
[2012/01/26 19:11:04 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2012/01/26 19:11:04 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2012/01/26 19:11:03 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll
[2012/01/26 19:11:03 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
[2012/01/26 19:11:03 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2012/01/26 19:11:03 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2012/01/26 19:11:03 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2012/01/26 19:11:03 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2012/01/26 19:11:03 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll
[2012/01/26 19:11:03 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll
[2012/01/26 19:11:03 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2012/01/26 19:11:02 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll
[2012/01/26 19:11:02 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll
[2012/01/26 19:11:02 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2012/01/26 19:11:02 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll
[2012/01/26 19:11:02 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll
[2012/01/26 19:11:02 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2012/01/26 19:11:02 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
[2012/01/26 19:11:02 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll
[2012/01/26 19:11:01 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2012/01/26 19:11:01 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll
[2012/01/26 19:11:01 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2012/01/26 19:11:01 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2012/01/26 19:11:01 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll
[2012/01/26 19:11:01 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2012/01/26 19:11:00 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2012/01/26 19:11:00 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2012/01/26 19:11:00 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2012/01/26 19:11:00 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2012/01/26 19:11:00 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2012/01/26 19:10:59 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2012/01/26 19:10:59 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2012/01/26 19:10:59 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll
[2012/01/26 19:10:59 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2012/01/26 19:10:58 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll
[2012/01/26 19:10:58 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2012/01/26 19:10:58 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2012/01/26 19:10:58 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2012/01/26 19:10:57 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2012/01/26 19:10:57 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2012/01/26 19:10:57 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2012/01/26 19:10:57 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2012/01/26 19:10:57 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2012/01/26 19:10:56 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2012/01/26 19:10:56 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2012/01/26 19:10:56 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2012/01/26 19:10:56 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll
[2012/01/26 19:10:56 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe
[2012/01/26 19:10:55 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2012/01/26 19:10:55 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2012/01/26 19:10:55 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2012/01/26 19:10:55 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll
[2012/01/26 19:10:54 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2012/01/26 19:10:54 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll
[2012/01/26 19:10:54 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2012/01/26 19:10:54 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/01/26 19:10:54 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll
[2012/01/26 19:10:54 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2012/01/26 19:10:54 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2012/01/26 19:10:54 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2012/01/26 19:10:54 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll
[2012/01/26 19:10:54 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime
[2012/01/26 19:10:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll
[2012/01/26 19:10:53 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe
[2012/01/26 19:10:53 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2012/01/26 19:10:53 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2012/01/26 19:10:53 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe
[2012/01/26 19:10:53 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll
[2012/01/26 19:10:53 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe
[2012/01/26 19:10:53 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll
[2012/01/26 19:10:52 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
[2012/01/26 19:10:52 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll
[2012/01/26 19:10:52 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2012/01/26 19:10:52 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll
[2012/01/26 19:10:52 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2012/01/26 19:10:52 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2012/01/26 19:10:52 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll
[2012/01/26 19:10:52 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe
[2012/01/26 19:10:52 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2012/01/26 19:10:52 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe
[2012/01/26 19:10:52 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe
[2012/01/26 19:10:52 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll
[2012/01/26 19:10:51 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll
[2012/01/26 19:10:51 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012/01/26 19:10:51 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2012/01/26 19:10:51 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2012/01/26 19:10:51 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
[2012/01/26 19:10:51 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll
[2012/01/26 19:10:51 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2012/01/26 19:10:51 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe
[2012/01/26 19:10:51 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll
[2012/01/26 19:10:51 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2012/01/26 19:10:51 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2012/01/26 19:10:50 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2012/01/26 19:10:50 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll
[2012/01/26 19:10:50 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe
[2012/01/26 19:10:50 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2012/01/26 19:10:49 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll
[2012/01/26 19:10:49 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2012/01/26 19:10:49 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll
[2012/01/26 19:10:49 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll
[2012/01/26 19:10:49 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe
[2012/01/26 19:10:48 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2012/01/26 19:10:48 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2012/01/26 19:10:48 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll
[2012/01/26 19:10:48 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll
[2012/01/26 19:10:48 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll
[2012/01/26 19:10:48 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2012/01/26 19:10:48 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2012/01/26 19:10:47 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2012/01/26 19:10:47 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012/01/26 19:10:47 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll
[2012/01/26 19:10:47 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/01/26 19:10:47 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll
[2012/01/26 19:10:46 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2012/01/26 19:10:46 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2012/01/26 19:10:46 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/01/26 19:10:46 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe
[2012/01/26 19:10:46 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2012/01/26 19:10:46 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2012/01/26 19:10:46 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe
[2012/01/26 19:10:46 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2012/01/26 19:10:46 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
[2012/01/26 19:10:46 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll
[2012/01/26 19:10:45 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2012/01/26 19:10:45 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2012/01/26 19:10:45 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll
[2012/01/26 19:10:45 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll
[2012/01/26 19:10:45 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
[2012/01/26 19:10:44 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2012/01/26 19:10:44 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll
[2012/01/26 19:10:44 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll
[2012/01/26 19:10:43 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2012/01/26 19:10:43 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe
[2012/01/26 19:10:43 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2012/01/26 19:10:43 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012/01/26 19:10:43 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe
[2012/01/26 19:10:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll
[2012/01/26 19:10:42 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2012/01/26 19:10:42 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime
[2012/01/26 19:10:42 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll
[2012/01/26 19:10:42 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll
[2012/01/26 19:10:42 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll
[2012/01/26 19:10:42 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll
[2012/01/26 19:10:42 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll
[2012/01/26 19:10:42 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll
[2012/01/26 19:10:42 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll
[2012/01/26 19:10:42 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll
[2012/01/26 19:10:42 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2012/01/26 19:10:42 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe
[2012/01/26 19:10:42 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll
[2012/01/26 19:10:42 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2012/01/26 19:10:42 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
[2012/01/26 19:10:42 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe
[2012/01/26 19:10:41 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2012/01/26 19:10:41 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2012/01/26 19:10:41 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2012/01/26 19:10:41 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/01/26 19:10:41 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2012/01/26 19:10:41 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll
[2012/01/26 19:10:41 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2012/01/26 19:10:41 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll
[2012/01/26 19:10:41 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2012/01/26 19:10:41 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
[2012/01/26 19:10:41 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe
[2012/01/26 19:10:41 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll
[2012/01/26 19:10:40 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll
[2012/01/26 19:10:40 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
[2012/01/26 19:10:40 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe
[2012/01/26 19:10:40 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll
[2012/01/26 19:10:39 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe
[2012/01/26 19:10:39 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2012/01/26 19:10:39 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll
[2012/01/26 19:10:39 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll
[2012/01/26 19:10:39 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll
[2012/01/26 19:10:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll
[2012/01/26 19:10:38 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys
[2012/01/26 19:10:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2012/01/26 19:10:38 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll
[2012/01/26 19:10:38 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2012/01/26 19:10:37 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys
[2012/01/26 19:10:36 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2012/01/26 19:10:36 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2012/01/26 19:10:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll
[2012/01/26 19:10:34 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2012/01/26 19:10:16 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2012/01/26 19:10:13 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2012/01/26 19:10:13 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2012/01/26 19:10:06 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2012/01/26 18:40:49 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012/01/26 18:40:37 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2012/01/26 18:40:22 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/01/26 18:40:22 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2012/01/26 18:40:22 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/01/26 18:40:09 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2012/01/26 18:38:00 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2012/01/26 18:38:00 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2012/01/26 18:37:58 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2012/01/26 18:37:34 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2012/01/26 18:37:31 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2012/01/26 18:37:24 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012/01/26 18:36:55 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2012/01/26 18:36:35 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2012/01/26 18:36:00 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2012/01/26 18:35:55 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2012/01/26 18:35:54 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2012/01/26 18:35:47 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2012/01/26 18:35:44 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2012/01/26 18:35:42 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2012/01/26 18:35:42 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2012/01/26 18:35:41 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2012/01/26 18:35:27 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2012/01/26 18:35:26 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2012/01/26 18:35:26 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2012/01/26 18:35:20 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2012/01/26 18:34:05 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe
[2012/01/26 14:52:12 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2012/01/23 20:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/01/22 12:19:56 | 000,000,000 | ---D | C] -- C:\Users\Amelie\AppData\Roaming\Goafto
[2012/01/20 17:38:28 | 000,000,000 | ---D | C] -- C:\Users\Amelie\AppData\Roaming\Ezuzh
[2012/01/20 17:21:40 | 000,000,000 | ---D | C] -- C:\Users\Amelie\AppData\Roaming\Ifsiofw
[2012/01/14 14:54:57 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012/01/14 12:42:42 | 000,000,000 | ---D | C] -- C:\Users\Amelie\AppData\Local\Ilivid Player
[2012/01/14 12:42:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318}
[2012/01/14 12:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
[2012/01/14 12:42:04 | 000,000,000 | ---D | C] -- C:\Program Files\iLivid
[2012/01/14 12:39:12 | 000,000,000 | ---D | C] -- C:\Program Files\Windows iLivid Toolbar
[2012/01/14 12:38:15 | 000,000,000 | ---D | C] -- C:\Users\Amelie\AppData\Local\PackageAware
[2012/01/14 12:37:48 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\cro meine musik
[2012/01/08 17:32:06 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\lalala
[2012/01/08 17:25:39 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\cro
[2012/01/06 18:39:07 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/06 14:42:30 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/01/05 20:28:10 | 000,061,440 | ---- | C] ( ) -- C:\Users\Amelie\Documents\Desktop\VEW.exe
[2012/01/05 17:59:17 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/01/05 17:59:17 | 000,000,000 | ---D | C] -- C:\Users\Amelie\AppData\Local\temp
[2012/01/05 17:58:19 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/01/05 17:44:52 | 000,000,000 | ---D | C] -- C:\ComboFix.exe
[2012/01/05 01:23:26 | 000,000,000 | R--D | C] -- C:\Users\Amelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zuletzt verwendet - Verknüpfung
[2012/01/05 01:00:37 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/01/05 01:00:37 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/01/05 01:00:37 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2012/01/05 01:00:37 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/01/05 01:00:31 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/01/05 01:00:04 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/01/04 11:24:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/01/04 11:24:26 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/01/01 19:42:05 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\stocherkahnrennen
[2012/01/01 19:16:24 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\fasnet
[2012/01/01 19:08:38 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\zunsweier
[2012/01/01 16:57:48 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\bluuubb
[2012/01/01 16:54:38 | 000,000,000 | ---D | C] -- C:\Users\Amelie\Documents\Desktop\silvester
========== Files - Modified Within 30 Days ==========
[2012/01/27 17:27:20 | 000,637,068 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/01/27 17:27:20 | 000,604,322 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/27 17:27:20 | 000,129,652 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/01/27 17:27:20 | 000,107,462 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/27 17:20:08 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/27 17:20:07 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/27 17:19:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/27 17:19:09 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/27 16:23:27 | 000,246,488 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/01/27 16:19:52 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2012/01/27 16:19:32 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012/01/27 15:58:09 | 000,019,607 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\lieblings.odt
[2012/01/27 15:55:23 | 000,011,270 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\meine wege verstaubt.odt
[2012/01/26 23:02:35 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012/01/26 23:02:05 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2012/01/26 14:32:46 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2012/01/26 14:32:25 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2012/01/24 20:21:27 | 000,000,120 | ---- | M] () -- C:\Users\Amelie\Documents\Desktop\R0J9AUmv.htm.part.htm
[2012/01/14 12:45:22 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2012/01/14 12:42:41 | 000,000,115 | ---- | M] () -- C:\Users\Public\Desktop\Try New Messenger for Facebook.url
[2012/01/12 23:27:26 | 181,889,874 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/01/12 22:28:55 | 000,008,401 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\jajjaja.odt
[2012/01/12 22:25:48 | 000,019,449 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\eriiiinnerung.odt
[2012/01/10 20:00:08 | 000,016,626 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\Lebenslauf.odt
[2012/01/10 19:56:46 | 000,024,221 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\bewerbuuung.odt
[2012/01/09 20:43:37 | 000,000,082 | ---- | M] () -- C:\Users\Amelie\Documents\Desktop\file.bat
[2012/01/06 14:42:30 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/01/05 20:43:02 | 000,061,440 | ---- | M] ( ) -- C:\Users\Amelie\Documents\Desktop\VEW.exe
[2012/01/05 19:51:45 | 000,001,496 | ---- | M] () -- C:\Users\Amelie\Documents\Desktop\Partey&out of space.lnk
[2012/01/05 01:13:41 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/12/30 15:34:24 | 000,038,412 | ---- | M] () -- C:\Users\Amelie\Downloads\Documents\fuck.odt
========== Files Created - No Company Name ==========
[2012/01/27 16:19:52 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2012/01/27 16:19:32 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012/01/26 23:02:35 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2012/01/26 23:02:05 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2012/01/26 19:50:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012/01/26 19:50:23 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2012/01/26 19:34:01 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2012/01/26 19:34:01 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2012/01/26 19:34:01 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2012/01/26 19:11:50 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012/01/26 19:11:47 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2012/01/26 19:11:39 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2012/01/26 19:11:37 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012/01/26 19:11:37 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012/01/26 19:11:32 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2012/01/26 19:11:29 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2012/01/26 19:11:16 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2012/01/26 19:11:14 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2012/01/26 19:10:38 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2012/01/26 19:10:31 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2012/01/26 15:07:09 | 000,000,949 | ---- | C] () -- C:\Users\Amelie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/01/24 20:21:22 | 000,000,120 | ---- | C] () -- C:\Users\Amelie\Documents\Desktop\R0J9AUmv.htm.part.htm
[2012/01/22 12:32:54 | 2137,448,448 | -HS- | C] () -- C:\hiberfil.sys
[2012/01/14 12:42:41 | 000,000,115 | ---- | C] () -- C:\Users\Public\Desktop\Try New Messenger for Facebook.url
[2012/01/14 12:42:23 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\iLivid Download Manager.lnk
[2012/01/09 20:43:37 | 000,000,082 | ---- | C] () -- C:\Users\Amelie\Documents\Desktop\file.bat
[2012/01/09 20:32:12 | 000,024,221 | ---- | C] () -- C:\Users\Amelie\Downloads\Documents\bewerbuuung.odt
[2012/01/06 19:06:13 | 007,204,545 | ---- | C] () -- C:\Users\Amelie\Documents\Desktop\06 Meine Musik.mp3
[2012/01/06 19:06:12 | 007,631,538 | ---- | C] () -- C:\Users\Amelie\Documents\Desktop\04 Immer da.mp3
[2012/01/06 19:06:12 | 006,180,378 | ---- | C] () -- C:\Users\Amelie\Documents\Desktop\05 Rockstar.mp3
[2012/01/05 01:00:37 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/01/05 01:00:37 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/01/05 01:00:37 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/01/05 01:00:37 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/01/05 01:00:37 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/01/04 11:26:18 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011/12/30 15:34:23 | 000,038,412 | ---- | C] () -- C:\Users\Amelie\Downloads\Documents\fuck.odt
[2011/09/27 17:00:11 | 000,007,186 | ---- | C] () -- C:\Users\Amelie\AppData\Roaming\C2C2.4CB
[2011/01/10 18:47:09 | 000,000,680 | ---- | C] () -- C:\Users\Amelie\AppData\Local\d3d9caps.dat
[2010/10/20 15:15:50 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010/10/20 15:15:50 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010/10/19 18:43:47 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010/10/19 17:51:17 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2008/09/30 19:41:14 | 000,074,752 | ---- | C] () -- C:\Users\Amelie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/02/27 06:57:05 | 000,008,874 | ---- | C] () -- C:\Windows\lg_up.ini
[2008/02/26 15:32:17 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/02/26 15:31:51 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/02/26 15:31:51 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/02/26 15:31:51 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/02/26 15:31:51 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/02/26 15:30:13 | 000,000,196 | ---- | C] () -- C:\Windows\lgps.ini
[2006/11/02 16:33:31 | 000,637,068 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006/11/02 16:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006/11/02 16:33:31 | 000,129,652 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006/11/02 16:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006/11/02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:47:37 | 000,246,488 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 11:33:01 | 000,604,322 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,107,462 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
< End of report >
|
|
29.01.2012, 20:09
| #67 |
| /// Selecta Jahrusso | Windows startet nicht! Noch Probleme ?
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
31.01.2012, 12:31
| #68 |
| | Windows startet nicht! nein keine probleme mehr!  |
|
31.01.2012, 16:04
| #69 |
| /// Selecta Jahrusso | Windows startet nicht! Dann sind wir hier fertig. Bitte folge den letzten paar Schritten Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
Bitte vor der folgenden Aktion wieder temporär Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren. Windows-Taste + R drücke. Kopiere nun folgende Zeile in die Kommandozeile und klicke OK. Code:
ATTFilter Combofix /Uninstall
 Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert, damit auch aus dieser die Schädlinge verschwinden. Nun die eben deaktivierten Programme wieder aktivieren. Starte bitte OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
03.02.2012, 18:01
| #70 |
| | Windows startet nicht! alles gut, tausend dank für die investierte zeit und die mühe! |
|
04.02.2012, 05:03
| #71 |
| /// Selecta Jahrusso | Windows startet nicht! Froh das wir helfen konnten  Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
| Themen zu Windows startet nicht! |
| absolute, anderen, anleitung, aufrufe, bildschirm, bitte warten, computer, einfach, einzelne, entdeck, entdeckt, funktioniert, icon, interne, internetverbindung, local disk, meldung, neustarten, not, problem, programme, riesig, startet, startet nicht, verbindung, vista, weißer, windows, windows startet nicht |
Linear-Darstellung
