| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: alle 5 minuten erscheint der gleiche TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
02.09.2012, 13:47
| #3 |
| |  alle 5 minuten erscheint der gleiche Trojaner nachdem ich dem ersten mal Malwarebytes durchlaufen lassen haben, wurde 1 trojaner gefunden, der auch mit $Recycle.bin begonnen hat (so wie der trojaner der immer wieder gefunden wurde)
__________________OTL sagt folgendes:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 9/2/2012 2:33:13 PM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\David\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.97 Gb Total Physical Memory | 1.14 Gb Available Physical Memory | 38.59% Memory free
5.93 Gb Paging File | 3.87 Gb Available in Paging File | 65.25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.49 Gb Total Space | 110.12 Gb Free Space | 77.82% Space Free | Partition Type: NTFS
Drive D: | 141.50 Gb Total Space | 16.22 Gb Free Space | 11.46% Space Free | Partition Type: NTFS
Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07970F3E-5840-4664-B831-F8432DEFF8B3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{07AD4859-DF40-4FA8-8B58-F299F672808C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0EEC0D59-EE68-490B-B5DE-2FBAA34F4329}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2A8D83B7-02E5-44BC-B9DD-74061BACF1E1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2FB7862C-6C98-4BBD-9AFF-C5C047FAA327}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{39836AE1-0A3F-4C34-9BCF-811ECC7A0549}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{42E9A58F-D747-4E91-A995-F094E436CFD8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{609B6FAB-8908-4E32-A36B-A3DC83FF685F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{73D49BD8-61B5-47A5-B53F-53F16E463663}" = lport=445 | protocol=6 | dir=in | app=system |
"{73DB40F1-BF3D-4AD7-84DE-75A9B2808600}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8F69250C-6C1E-4560-ABB0-68D7ACE6BB8C}" = rport=137 | protocol=17 | dir=out | app=system |
"{935FC0A6-CF65-4A25-A505-6BC6E9CA2F5C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{96CAB2A6-2172-4107-8890-79484DCB7E39}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9D8E3A18-BDB1-4118-934D-975CC2ED249C}" = rport=138 | protocol=17 | dir=out | app=system |
"{A0DBD4AE-B85D-49D6-89B7-52336BB36019}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AD56E941-D9EB-4263-A82D-EA1E1C63F8D7}" = lport=138 | protocol=17 | dir=in | app=system |
"{AF140B47-72B9-4DC5-8798-C2CAA1886CD6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B3CEC21A-FDC3-49A4-AA15-8FC766E1409A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B924F32F-BF92-4E1E-A16E-7929B96F1AD1}" = rport=445 | protocol=6 | dir=out | app=system |
"{BD7B72FA-2C7A-446D-AD6F-CA5FC5BC778C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D9F5E18E-3A25-4FFB-97AC-0AC94BE2FE25}" = lport=137 | protocol=17 | dir=in | app=system |
"{DAA7E269-7266-49FE-9099-A3FC621C2E97}" = lport=139 | protocol=6 | dir=in | app=system |
"{DF752AAD-8E58-4CE6-9813-CD064429AD14}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{EEBD75F7-8819-42B0-9422-E8A355E39A14}" = rport=139 | protocol=6 | dir=out | app=system |
"{EED23EBD-7484-450A-A946-6F9248DAA86D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FF8EFB39-B312-4DEF-8948-4011353422EF}" = rport=10243 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{159BE87B-BC9F-40D6-A312-AF4EBDD12CB1}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{1C0E9985-6522-4CAC-A369-8077A6DF4BE1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1E71B238-C6A7-4F6F-9E59-539502EFCD43}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{233E1F2C-256F-44A8-B0A2-CF5DA0B98433}" = protocol=58 | dir=in | app=system |
"{28CF7431-403B-4865-938B-D1AE8553321D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3DF76BF0-153F-4205-8EDC-F49A6EC40EE4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{42D4C7F4-5914-4106-8284-4E70D05CEA98}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{54D3B8CE-D324-484C-B14F-812992802CF6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5B73AD3A-6DCA-40E6-9ACF-A5A535078651}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{63BF550D-54CB-49E1-9921-8EAF06AF7E4D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{779700F1-09AE-4255-81D0-743B3EFEB833}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{815F96DA-47E5-4EB0-8199-5232182B8F43}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8F0BD33A-8233-4548-AA32-6B3C9ABE1766}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AEC83F41-5AA8-4D6F-832A-96C2BF50E872}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{C7CEF5FD-6F9F-4585-9AB8-F751FAFF88C6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D5FF5902-4607-45D6-A00D-8CBD32B93E6A}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{D7B4A661-787C-4F0E-A129-98F20F0DC0ED}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EA0DA69C-657C-45E8-B201-56E5134F8F08}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EFBFCB46-A621-487B-B8F1-011392882360}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{F63D8541-E611-4B2D-B82E-6908B879AC44}" = protocol=6 | dir=out | app=system |
"{FEAB1F18-D9A5-44FB-8DF4-575F2E0F5312}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{20A07ADD-89F5-4AC6-BCE3-D14E2E8BC233}C:\windows\system32\taskhost.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskhost.exe |
"TCP Query User{66741F1F-D25D-4A4A-BE2D-DBAE5251F399}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{036CFA66-6AE5-422C-8708-CC56F6643CAC}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{553CFD06-5920-492F-A1D6-DC21AE0DE25D}C:\windows\system32\taskhost.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskhost.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}" = AnyPC Client
"{1D1D8ADC-BF08-4E61-9393-5FA305B16864}" = Microsoft SQL Server Native Client
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP1
"{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}" = Samsung Support Center
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5C759B74-34F4-43C6-A5D9-039CB754C5E9}" = Microsoft SQL Server VSS Writer
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{63eafc52-b963-4297-a7eb-d412944e7065}_is1" = Game Pack
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}" = Go-Go Gourmet
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115246907}" = Elf Bowling Hawaiian Vacation
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}" = BatteryLifeExtender
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{A7581D39-EA20-4883-A480-80C21047052B}" = Easy Network Manager
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP1
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"PROHYBRIDR" = 2007 Microsoft Office system
"Summer Challenge_is1" = Summer Challenge
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Gnumeric" = Gnumeric Spreadsheet 1.10.16-20110616
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8/21/2012 3:44:35 PM | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16448,
Zeitstempel: 0x4fecf1b7 Name des fehlerhaften Moduls: Flash9f.ocx, Version: 9.0.124.0,
Zeitstempel: 0x47e8643e Ausnahmecode: 0xc0000005 Fehleroffset: 0x001c9938 ID des fehlerhaften
Prozesses: 0x28c Startzeit der fehlerhaften Anwendung: 0x01cd7fd2e4828300 Pfad der
fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad des
fehlerhaften Moduls: C:\windows\system32\Macromed\Flash\Flash9f.ocx Berichtskennung:
a25fbb31-ebc8-11e1-8474-00245422abf3
Error - 8/22/2012 12:27:53 AM | Computer Name = David-PC | Source = System Restore | ID = 8193
Description =
Error - 8/25/2012 4:57:01 AM | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: gnumeric.exe, Version: 1.10.16.0,
Zeitstempel: 0x4dfa9942 Name des fehlerhaften Moduls: libspreadsheet-1-10-16.dll,
Version: 0.0.0.0, Zeitstempel: 0x4dfa9940 Ausnahmecode: 0xc0000005 Fehleroffset:
0x0002ceee ID des fehlerhaften Prozesses: 0x924 Startzeit der fehlerhaften Anwendung:
0x01cd820a53bbed75 Pfad der fehlerhaften Anwendung: C:\Program Files\Gnumeric\1.10.16\bin\gnumeric.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\Gnumeric\1.10.16\bin\libspreadsheet-1-10-16.dll
Berichtskennung:
d556daa2-ee92-11e1-bb04-00245422abf3
Error - 8/26/2012 2:36:21 PM | Computer Name = David-PC | Source = VSS | ID = 8194
Description =
[ System Events ]
Error - 8/22/2012 11:39:27 AM | Computer Name = David-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 8/23/2012 11:07:48 AM | Computer Name = David-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 8/24/2012 10:44:16 AM | Computer Name = David-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 8/25/2012 4:25:06 PM | Computer Name = David-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 8/26/2012 2:19:42 PM | Computer Name = David-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
Error - 8/27/2012 11:56:16 AM | Computer Name = David-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 8/27/2012 11:39:39 PM | Computer Name = David-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 8/28/2012 10:47:50 AM | Computer Name = David-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 8/29/2012 11:36:14 AM | Computer Name = David-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 8/30/2012 1:54:56 AM | Computer Name = David-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst AntiVirSchedulerService erreicht.
< End of report >
OTL Logfile: Code:
ATTFilter OTL logfile created on: 9/2/2012 2:33:13 PM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\David\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.97 Gb Total Physical Memory | 1.14 Gb Available Physical Memory | 38.59% Memory free
5.93 Gb Paging File | 3.87 Gb Available in Paging File | 65.25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.49 Gb Total Space | 110.12 Gb Free Space | 77.82% Space Free | Partition Type: NTFS
Drive D: | 141.50 Gb Total Space | 16.22 Gb Free Space | 11.46% Space Free | Partition Type: NTFS
Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\David\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Java\jre7\bin\java.exe (Oracle Corporation)
PRC - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2launcher.exe (Oracle Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Gnumeric\1.10.16\bin\gnumeric.exe (The Gnumeric Team)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe ()
PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\PROGRA~1\samsung\SAMSUN~2\SUPNOT~1.EXE ()
PRC - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
MOD - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2native.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\lib\gnumeric\1.10.16\plugins\excelplugins\plugin.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\lib\gnumeric\1.10.16\plugins\excelplugins\xlcall32.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\lib\gnumeric\1.10.16\plugins\sc\sc.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\bin\libspreadsheet-1-10-16.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\lib\goffice\0.8.16\plugins\plot_surface\surface.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\bin\libgoffice-0.8-8.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\lib\goffice\0.8.16\plugins\plot_barcol\barcol.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\lib\goffice\0.8.16\plugins\plot_xy\xy.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\bin\libgsf-1-114.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\bin\libbz2.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\engines\libwimp.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\bin\libpangocairo-1.0-0.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\bin\libthai-0.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\bin\libdatrie-1.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\bin\libcairo-2.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\bin\libfontconfig-1.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\bin\libfreetype-6.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\bin\libpixman-1-0.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\bin\libpng12-0.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\bin\libxml2-2.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\bin\libz.dll ()
MOD - C:\Program Files\Gnumeric\1.10.16\bin\libintl-8.dll ()
MOD - C:\PROGRA~1\samsung\SAMSUN~2\SUPNOT~1.EXE ()
MOD - C:\PROGRA~1\samsung\SAMSUN~2\HMXML.dll ()
MOD - C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll ()
========== Services (SafeList) ==========
SRV - (McAfee SiteAdvisor Service) -- c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (OberonGameConsoleService) -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe ()
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (aswSnx) -- C:\windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKU\S-1-5-21-771618654-3341757510-301361698-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE
IE - HKU\S-1-5-21-771618654-3341757510-301361698-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-771618654-3341757510-301361698-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-771618654-3341757510-301361698-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-771618654-3341757510-301361698-1000\..\SearchScopes\{800EECB5-A230-48B8-A73B-2F6C5D9505C7}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=5BB2D1C1-6380-447C-BCF6-0EE4F68588EA&apn_sauid=3BCA2737-B35E-4DC4-B54B-7A49284AAE96
IE - HKU\S-1-5-21-771618654-3341757510-301361698-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=5BB2D1C1-6380-447C-BCF6-0EE4F68588EA&apn_ptnrs=&apn_sauid=3BCA2737-B35E-4DC4-B54B-7A49284AAE96&apn_dtid=OSJ000&&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/09/02 08:24:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/29 17:37:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/29 17:37:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012/08/20 18:15:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\mozilla\Extensions
[2012/08/20 18:35:20 | 000,002,299 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\j18iqhkt.default\searchplugins\askcom.xml
[2012/08/20 18:14:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012/08/29 17:37:44 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/07/14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/08/29 17:37:44 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/07/14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/07/14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/07/14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/07/14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: hxxp://www.google.com/
CHR - homepage: hxxp://www.google.com/
CHR - Extension: YouTube = C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: Google Mail = C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-771618654-3341757510-301361698-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.185.225 83.169.185.161
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D24FC75C-5E3A-4CD8-BCAC-AF5D2F431E78}: DhcpNameServer = 83.169.185.225 83.169.185.161
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/09/02 11:17:05 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Malwarebytes
[2012/09/02 11:16:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/02 11:16:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/02 11:16:52 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2012/09/02 11:16:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/02 09:02:51 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MpSigStub.exe
[2012/09/02 08:25:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/09/02 08:25:09 | 000,355,632 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys
[2012/09/02 08:25:09 | 000,021,256 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys
[2012/09/02 08:25:08 | 000,054,232 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys
[2012/09/02 08:25:08 | 000,044,784 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswRdr2.sys
[2012/09/02 08:25:06 | 000,729,752 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys
[2012/09/02 08:25:06 | 000,058,680 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys
[2012/09/02 08:24:25 | 000,227,648 | ---- | C] (AVAST Software) -- C:\windows\System32\aswBoot.exe
[2012/09/02 08:24:25 | 000,041,224 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2012/09/02 08:24:11 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/09/02 08:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/08/31 17:35:17 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Ozepok
[2012/08/31 17:35:17 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Imxiom
[2012/08/31 17:35:17 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Cise
[2012/08/31 17:34:14 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Baizup
[2012/08/31 17:34:13 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Evepuz
[2012/08/31 17:34:13 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Artes
[2012/08/26 20:38:53 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Summer Challenge
[2012/08/26 20:38:24 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_43.dll
[2012/08/26 20:38:24 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dcsx_43.dll
[2012/08/26 20:38:24 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAudio2_7.dll
[2012/08/26 20:38:24 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine3_7.dll
[2012/08/26 20:38:24 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAPOFX1_5.dll
[2012/08/26 20:38:23 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DX9_43.dll
[2012/08/26 20:38:23 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAudio2_6.dll
[2012/08/26 20:38:23 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_43.dll
[2012/08/26 20:38:23 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx11_43.dll
[2012/08/26 20:38:23 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine3_6.dll
[2012/08/26 20:38:23 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAPOFX1_4.dll
[2012/08/26 20:38:23 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\X3DAudio1_7.dll
[2012/08/26 20:38:22 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dcsx_42.dll
[2012/08/26 20:38:22 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_42.dll
[2012/08/26 20:38:22 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAudio2_5.dll
[2012/08/26 20:38:22 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine3_5.dll
[2012/08/26 20:38:21 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DX9_41.dll
[2012/08/26 20:38:21 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DX9_42.dll
[2012/08/26 20:38:21 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_41.dll
[2012/08/26 20:38:21 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_42.dll
[2012/08/26 20:38:21 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_41.dll
[2012/08/26 20:38:21 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx11_42.dll
[2012/08/26 20:38:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DX9_40.dll
[2012/08/26 20:38:20 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_40.dll
[2012/08/26 20:38:20 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAudio2_4.dll
[2012/08/26 20:38:20 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_40.dll
[2012/08/26 20:38:20 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine3_4.dll
[2012/08/26 20:38:20 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAPOFX1_3.dll
[2012/08/26 20:38:20 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\X3DAudio1_6.dll
[2012/08/26 20:38:19 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAudio2_3.dll
[2012/08/26 20:38:19 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine3_3.dll
[2012/08/26 20:38:19 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAPOFX1_2.dll
[2012/08/26 20:38:19 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\X3DAudio1_5.dll
[2012/08/26 20:38:18 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DX9_39.dll
[2012/08/26 20:38:18 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_39.dll
[2012/08/26 20:38:18 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAudio2_2.dll
[2012/08/26 20:38:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_39.dll
[2012/08/26 20:38:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine3_2.dll
[2012/08/26 20:38:18 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAPOFX1_1.dll
[2012/08/26 20:38:17 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAudio2_1.dll
[2012/08/26 20:38:17 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAPOFX1_0.dll
[2012/08/26 20:38:16 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_38.dll
[2012/08/26 20:38:16 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_38.dll
[2012/08/26 20:38:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine3_1.dll
[2012/08/26 20:38:16 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\X3DAudio1_4.dll
[2012/08/26 20:38:15 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DX9_38.dll
[2012/08/26 20:38:15 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_37.dll
[2012/08/26 20:38:15 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XAudio2_0.dll
[2012/08/26 20:38:15 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_37.dll
[2012/08/26 20:38:15 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine3_0.dll
[2012/08/26 20:38:15 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\X3DAudio1_3.dll
[2012/08/26 20:38:14 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DX9_37.dll
[2012/08/26 20:38:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_36.dll
[2012/08/26 20:38:14 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_36.dll
[2012/08/26 20:38:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_36.dll
[2012/08/26 20:38:14 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_10.dll
[2012/08/26 20:38:13 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_35.dll
[2012/08/26 20:38:13 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_35.dll
[2012/08/26 20:38:13 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_35.dll
[2012/08/26 20:38:13 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_9.dll
[2012/08/26 20:38:12 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_34.dll
[2012/08/26 20:38:12 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_34.dll
[2012/08/26 20:38:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_34.dll
[2012/08/26 20:38:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_8.dll
[2012/08/26 20:38:12 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_7.dll
[2012/08/26 20:38:12 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xinput1_3.dll
[2012/08/26 20:38:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\X3DAudio1_2.dll
[2012/08/26 20:38:11 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_33.dll
[2012/08/26 20:38:11 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\D3DCompiler_33.dll
[2012/08/26 20:38:11 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10_33.dll
[2012/08/26 20:38:10 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx10.dll
[2012/08/26 20:38:10 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_6.dll
[2012/08/26 20:38:10 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_5.dll
[2012/08/26 20:38:10 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_4.dll
[2012/08/26 20:38:10 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\x3daudio1_1.dll
[2012/08/26 20:38:09 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_31.dll
[2012/08/26 20:38:09 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_3.dll
[2012/08/26 20:38:09 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_2.dll
[2012/08/26 20:38:09 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xinput1_2.dll
[2012/08/26 20:38:09 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xinput1_1.dll
[2012/08/26 20:38:08 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_1.dll
[2012/08/26 20:38:04 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_30.dll
[2012/08/26 20:38:03 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_29.dll
[2012/08/26 20:38:03 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xactengine2_0.dll
[2012/08/26 20:38:03 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\x3daudio1_0.dll
[2012/08/26 20:38:02 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_28.dll
[2012/08/26 20:38:02 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_27.dll
[2012/08/26 20:38:02 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_26.dll
[2012/08/26 20:38:01 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_25.dll
[2012/08/26 20:38:01 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3dx9_24.dll
[2012/08/26 20:19:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Summer Challenge
[2012/08/26 20:08:50 | 000,000,000 | ---D | C] -- C:\Program Files\Summer Challenge
[2012/08/24 17:19:28 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Diagnostics
[2012/08/22 17:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/08/22 17:17:13 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/08/21 17:31:07 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usbport.sys
[2012/08/21 17:31:07 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usbd.sys
[2012/08/21 17:31:03 | 000,146,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\storport.sys
[2012/08/21 17:31:03 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fsutil.exe
[2012/08/21 06:55:42 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PresentationHost.exe
[2012/08/21 06:55:42 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PresentationHostProxy.dll
[2012/08/21 06:55:42 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netfxperf.dll
[2012/08/21 06:32:40 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe
[2012/08/21 06:32:39 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dat
[2012/08/21 06:32:39 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2012/08/21 06:32:39 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2012/08/21 06:32:39 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2012/08/21 06:32:39 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2012/08/21 06:32:39 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dll
[2012/08/21 06:32:39 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2012/08/21 06:32:39 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtmsft.dll
[2012/08/21 06:32:39 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2012/08/21 06:32:39 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2012/08/21 06:32:39 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieaksie.dll
[2012/08/21 06:32:39 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtrans.dll
[2012/08/21 06:32:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2012/08/21 06:32:39 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieakui.dll
[2012/08/21 06:32:39 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msrating.dll
[2012/08/21 06:32:39 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msls31.dll
[2012/08/21 06:32:39 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wextract.exe
[2012/08/21 06:32:39 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iexpress.exe
[2012/08/21 06:32:39 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2012/08/21 06:32:39 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieakeng.dll
[2012/08/21 06:32:39 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2012/08/21 06:32:39 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\IEAdvpack.dll
[2012/08/21 06:32:39 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\admparse.dll
[2012/08/21 06:32:39 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2012/08/21 06:32:39 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inseng.dll
[2012/08/21 06:32:39 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SetIEInstalledDate.exe
[2012/08/21 06:32:39 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2012/08/21 06:32:39 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2012/08/21 06:32:39 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2012/08/21 06:32:39 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\pngfilt.dll
[2012/08/21 06:32:39 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtmler.dll
[2012/08/21 06:32:39 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2012/08/21 06:32:39 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\imgutil.dll
[2012/08/21 06:32:39 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2012/08/21 06:32:39 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2012/08/21 06:32:39 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2012/08/21 06:31:17 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\browserchoice.exe
[2012/08/21 06:28:09 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\ks.sys
[2012/08/20 18:46:12 | 000,000,000 | R--D | C] -- C:\Users\David\Desktop\Neuer Ordner
[2012/08/20 18:45:12 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gnumeric
[2012/08/20 18:45:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gnumeric
[2012/08/20 18:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Gnumeric
[2012/08/20 18:39:22 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\Neuer Ordner (3)
[2012/08/20 18:35:16 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2012/08/20 18:31:29 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\prevhost.exe
[2012/08/20 18:31:18 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\srcore.dll
[2012/08/20 18:31:16 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dnscacheugc.exe
[2012/08/20 18:31:14 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll
[2012/08/20 18:31:14 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll
[2012/08/20 18:31:07 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\windows\System32\ir32_32.dll
[2012/08/20 18:31:07 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\windows\System32\iccvid.dll
[2012/08/20 18:31:03 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\t2embed.dll
[2012/08/20 18:30:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/08/20 18:30:46 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdri.dll
[2012/08/20 18:30:42 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\psisdecd.dll
[2012/08/20 18:30:42 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSNP.ax
[2012/08/20 18:30:42 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\psisrndr.ax
[2012/08/20 18:30:42 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Mpeg2Data.ax
[2012/08/20 18:30:42 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSDvbNP.ax
[2012/08/20 18:30:41 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2012/08/20 18:30:38 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\timedate.cpl
[2012/08/20 18:30:32 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2012/08/20 18:30:32 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\windows\System32\java.exe
[2012/08/20 18:30:23 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/08/20 18:30:10 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
[2012/08/20 18:30:01 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskschd.dll
[2012/08/20 18:30:01 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmicmiplugin.dll
[2012/08/20 18:30:01 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskcomp.dll
[2012/08/20 18:30:01 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\schtasks.exe
[2012/08/20 18:29:54 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncrypt.dll
[2012/08/20 18:29:27 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\CertEnroll.dll
[2012/08/20 18:29:08 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\asycfilt.dll
[2012/08/20 18:29:03 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc40.dll
[2012/08/20 18:29:02 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc40u.dll
[2012/08/20 18:28:59 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2012/08/20 18:28:46 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmploc.DLL
[2012/08/20 18:28:44 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\packager.dll
[2012/08/20 18:28:41 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tquery.dll
[2012/08/20 18:28:41 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssrch.dll
[2012/08/20 18:28:40 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssvp.dll
[2012/08/20 18:28:39 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssph.dll
[2012/08/20 18:28:39 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssphtb.dll
[2012/08/20 18:28:38 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msscntrs.dll
[2012/08/20 18:28:22 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2012/08/20 18:28:22 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2012/08/20 18:28:19 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\FXSCOVER.exe
[2012/08/20 18:28:17 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fontsub.dll
[2012/08/20 18:27:50 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\EncDec.dll
[2012/08/20 18:27:48 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsPrint.dll
[2012/08/20 18:27:37 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll
[2012/08/20 18:27:36 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\csrsrv.dll
[2012/08/20 18:27:35 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mciavi32.dll
[2012/08/20 18:27:34 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sbe.dll
[2012/08/20 18:27:34 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\CPFilters.dll
[2012/08/20 18:27:34 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mpg2splt.ax
[2012/08/20 18:27:30 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\quartz.dll
[2012/08/20 18:27:30 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qdvd.dll
[2012/08/20 18:27:28 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2012/08/20 18:27:23 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\conhost.exe
[2012/08/20 18:27:23 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2012/08/20 18:27:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012/08/20 18:27:23 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012/08/20 18:27:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012/08/20 18:27:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012/08/20 18:27:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/08/20 18:27:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012/08/20 18:27:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012/08/20 18:27:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012/08/20 18:27:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012/08/20 18:27:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012/08/20 18:27:20 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\browcli.dll
[2012/08/20 18:27:19 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webio.dll
[2012/08/20 18:27:18 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sspisrv.dll
[2012/08/20 18:27:17 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbcjt32.dll
[2012/08/20 18:27:17 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbctrac.dll
[2012/08/20 18:27:17 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbccp32.dll
[2012/08/20 18:27:17 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbccu32.dll
[2012/08/20 18:27:17 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbccr32.dll
[2012/08/20 18:27:15 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcorekmts.dll
[2012/08/20 18:27:15 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpwsx.dll
[2012/08/20 18:27:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdrmemptylst.exe
[2012/08/20 18:27:05 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mf.dll
[2012/08/20 18:27:04 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMVDECOD.DLL
[2012/08/20 18:27:03 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ExplorerFrame.dll
[2012/08/20 18:27:03 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfreadwrite.dll
[2012/08/20 18:27:03 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsRasterService.dll
[2012/08/20 18:26:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wscapi.dll
[2012/08/20 18:26:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\slwga.dll
[2012/08/20 18:26:51 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmpmde.dll
[2012/08/20 18:26:51 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\consent.exe
[2012/08/20 18:26:46 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc.dll
[2012/08/20 18:26:46 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc_isv.dll
[2012/08/20 18:26:46 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate_isv.exe
[2012/08/20 18:26:46 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate.exe
[2012/08/20 18:26:46 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate_ssp.exe
[2012/08/20 18:26:46 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate_ssp_isv.exe
[2012/08/20 18:26:46 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc_ssp_isv.dll
[2012/08/20 18:26:46 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc_ssp.dll
[2012/08/20 18:26:45 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10warp.dll
[2012/08/20 18:26:45 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll
[2012/08/20 18:26:45 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d2d1.dll
[2012/08/20 18:26:45 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1core.dll
[2012/08/20 18:26:45 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1.dll
[2012/08/20 18:26:43 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42.dll
[2012/08/20 18:26:42 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42u.dll
[2012/08/20 18:26:34 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\poqexec.exe
[2012/08/20 18:26:33 | 000,026,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\Diskdump.sys
[2012/08/20 18:24:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012/08/20 18:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/08/20 18:24:38 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012/08/20 18:23:38 | 000,772,544 | ---- | C] (Oracle Corporation) -- C:\windows\System32\npDeployJava1.dll
[2012/08/20 18:23:38 | 000,687,544 | ---- | C] (Oracle Corporation) -- C:\windows\System32\deployJava1.dll
[2012/08/20 18:18:21 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Macromedia
[2012/08/20 18:18:00 | 000,696,520 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2012/08/20 18:18:00 | 000,073,416 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2012/08/20 18:15:28 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Mozilla
[2012/08/20 18:15:28 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Mozilla
[2012/08/20 18:14:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/08/20 18:14:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/08/20 18:14:45 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/08/20 18:14:02 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxgmms1.sys
[2012/08/20 18:14:02 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cdd.dll
[2012/08/20 18:11:43 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcore.dll
[2012/08/20 18:07:22 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Macromedia
[2012/08/20 18:06:32 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll
[2012/08/20 18:06:32 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups2.dll
[2012/08/20 18:06:23 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll
[2012/08/20 18:06:23 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll
[2012/08/20 18:06:23 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups.dll
[2012/08/20 18:06:16 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll
[2012/08/20 18:06:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe
[2012/08/20 18:04:30 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Adobe
[2012/08/20 18:04:06 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Google
[2012/08/20 18:04:06 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Google
========== Files - Modified Within 30 Days ==========
[2012/09/02 14:27:05 | 000,001,096 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/02 14:20:09 | 000,014,427 | ---- | M] () -- C:\Users\David\Desktop\HZ.gnumeric
[2012/09/02 14:20:09 | 000,001,923 | ---- | M] () -- C:\Users\David\.recently-used.xbel
[2012/09/02 14:05:01 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/09/02 12:38:41 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/02 12:38:41 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/02 12:31:47 | 000,001,092 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/02 12:31:26 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/09/02 12:30:41 | 2388,086,784 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/02 11:16:56 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/09/02 10:36:29 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt
[2012/09/02 08:25:10 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/08/28 05:41:47 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2012/08/28 05:41:47 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2012/08/22 17:45:45 | 000,741,138 | ---- | M] () -- C:\windows\System32\perfh00C.dat
[2012/08/22 17:45:45 | 000,735,816 | ---- | M] () -- C:\windows\System32\perfh010.dat
[2012/08/22 17:45:45 | 000,711,136 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2012/08/22 17:45:45 | 000,662,716 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/08/22 17:45:45 | 000,153,532 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2012/08/22 17:45:45 | 000,147,662 | ---- | M] () -- C:\windows\System32\perfc00C.dat
[2012/08/22 17:45:45 | 000,144,666 | ---- | M] () -- C:\windows\System32\perfc010.dat
[2012/08/22 17:45:45 | 000,123,910 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/08/22 17:30:06 | 000,002,286 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/08/21 18:42:12 | 000,056,909 | R--- | M] () -- C:\Users\David\Desktop\121569261495352022411331345567332.jpg
[2012/08/21 17:22:46 | 000,412,776 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/08/21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys
[2012/08/21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys
[2012/08/21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys
[2012/08/21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys
[2012/08/21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswRdr2.sys
[2012/08/21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys
[2012/08/21 11:12:33 | 000,041,224 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[2012/08/21 11:12:23 | 000,227,648 | ---- | M] (AVAST Software) -- C:\windows\System32\aswBoot.exe
[2012/08/21 06:32:40 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe
[2012/08/21 06:32:39 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dat
[2012/08/21 06:32:39 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2012/08/21 06:32:39 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2012/08/21 06:32:39 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2012/08/21 06:32:39 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2012/08/21 06:32:39 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dll
[2012/08/21 06:32:39 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2012/08/21 06:32:39 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dxtmsft.dll
[2012/08/21 06:32:39 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2012/08/21 06:32:39 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2012/08/21 06:32:39 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieaksie.dll
[2012/08/21 06:32:39 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dxtrans.dll
[2012/08/21 06:32:39 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2012/08/21 06:32:39 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieakui.dll
[2012/08/21 06:32:39 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msrating.dll
[2012/08/21 06:32:39 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msls31.dll
[2012/08/21 06:32:39 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wextract.exe
[2012/08/21 06:32:39 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iexpress.exe
[2012/08/21 06:32:39 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2012/08/21 06:32:39 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieakeng.dll
[2012/08/21 06:32:39 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2012/08/21 06:32:39 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\IEAdvpack.dll
[2012/08/21 06:32:39 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\admparse.dll
[2012/08/21 06:32:39 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2012/08/21 06:32:39 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\inseng.dll
[2012/08/21 06:32:39 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\SetIEInstalledDate.exe
[2012/08/21 06:32:39 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2012/08/21 06:32:39 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2012/08/21 06:32:39 | 000,072,822 | ---- | M] () -- C:\windows\System32\ieuinit.inf
[2012/08/21 06:32:39 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2012/08/21 06:32:39 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\pngfilt.dll
[2012/08/21 06:32:39 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtmler.dll
[2012/08/21 06:32:39 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2012/08/21 06:32:39 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\imgutil.dll
[2012/08/21 06:32:39 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2012/08/21 06:32:39 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2012/08/21 06:32:39 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2012/08/20 18:30:24 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2012/08/20 18:30:24 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\windows\System32\java.exe
========== Files Created - No Company Name ==========
[2012/09/02 14:20:09 | 000,001,923 | ---- | C] () -- C:\Users\David\.recently-used.xbel
[2012/09/02 14:20:08 | 000,014,427 | ---- | C] () -- C:\Users\David\Desktop\HZ.gnumeric
[2012/09/02 11:16:56 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/09/02 08:25:10 | 000,002,075 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/08/22 17:17:38 | 000,002,286 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/08/22 17:17:24 | 000,001,096 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/22 17:17:24 | 000,001,092 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/21 18:42:16 | 000,056,909 | R--- | C] () -- C:\Users\David\Desktop\121569261495352022411331345567332.jpg
[2012/08/21 06:32:39 | 000,072,822 | ---- | C] () -- C:\windows\System32\ieuinit.inf
[2012/08/20 18:18:01 | 000,000,884 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/08/20 18:14:50 | 000,001,100 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2010/07/05 17:06:33 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
========== LOP Check ==========
[2012/08/31 18:54:57 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Artes
[2012/08/31 17:34:14 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Baizup
[2012/08/31 19:26:35 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Cise
[2012/08/31 18:14:17 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Evepuz
[2012/08/31 17:35:17 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Imxiom
[2012/08/31 17:35:17 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Ozepok
[2012/08/26 20:59:07 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Summer Challenge
[2009/07/14 06:53:46 | 000,010,430 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
|
| Themen zu alle 5 minuten erscheint der gleiche Trojaner |
| 5 minuten, adobe, adobe flash player, antivirus, avast, bho, bootkit, dll, explorer, firefox, flash player, google, ics, internet, internet explorer, malware, micro, microsoft, mozilla, nvidia, plug-in, realtek, rundll, siteadvisor, software, system, trojaner, windows |
Baum-Darstellung