|
Plagegeister aller Art und deren Bekämpfung: Startfester.com nach Installieren von Vlc.media player?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
10.01.2013, 21:40 | #16 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Startfester.com nach Installieren von Vlc.media player? Eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
11.01.2013, 16:37 | #17 |
| Startfester.com nach Installieren von Vlc.media player?Code:
ATTFilter OTL logfile created on: 11.01.2013 16:08:48 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anne\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,49 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 52,30% Memory free 5,20 Gb Paging File | 3,89 Gb Available in Paging File | 74,78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 298,09 Gb Total Space | 140,99 Gb Free Space | 47,30% Space Free | Partition Type: NTFS Computer Name: ANNE-PC | User Name: Anne | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Anne\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Programme\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG) PRC - C:\Programme\G Data\TotalProtection\AVKBackup\AVKBackupService.exe (G Data Software AG) PRC - C:\Programme\G Data\TotalProtection\AVK\AVKWCtl.exe (G Data Software AG) PRC - C:\Programme\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) PRC - C:\Programme\G Data\TotalProtection\Firewall\GDFwSvc.exe (G Data Software AG) PRC - C:\Programme\G Data\TotalProtection\TSNxG\TSNxGService.exe (G Data Software) PRC - C:\Programme\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) PRC - C:\Programme\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG) PRC - C:\Programme\G Data\TotalProtection\AVK\AVKService.exe (G Data Software AG) PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Hotkey\PowerBiosServer.exe () PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (GDBackupSvc) -- C:\Programme\G Data\TotalProtection\AVKBackup\AVKBackupService.exe (G Data Software AG) SRV - (AVKWCtl) -- C:\Programme\G Data\TotalProtection\AVK\AVKWCtl.exe (G Data Software AG) SRV - (AVKProxy) -- C:\Programme\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) SRV - (GDFwSvc) -- C:\Programme\G Data\TotalProtection\Firewall\GDFwSvc.exe (G Data Software AG) SRV - (TSNxGService) -- C:\Programme\G Data\TotalProtection\TSNxG\TSNxGService.exe (G Data Software) SRV - (GDTunerSvc) -- C:\Programme\G Data\TotalProtection\AVKTuner\AVKTunerService.exe (G Data Software AG) SRV - (GDScan) -- C:\Programme\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) SRV - (AVKService) -- C:\Programme\G Data\TotalProtection\AVK\AVKService.exe (G Data Software AG) SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (PowerBiosServer) -- C:\Programme\Hotkey\PowerBiosServer.exe () SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (GLogin) -- File not found DRV - (catchme) -- C:\Users\Anne\AppData\Local\Temp\catchme.sys File not found DRV - (GRD) -- C:\Windows\System32\drivers\GRD.sys (G Data Software) DRV - (GDPkIcpt) -- C:\Windows\System32\drivers\PktIcpt.sys (G Data Software AG) DRV - (GDMnIcpt) -- C:\Windows\System32\drivers\MiniIcpt.sys (G Data Software AG) DRV - (GDBehave) -- C:\Windows\System32\drivers\GDBehave.sys (G Data Software AG) DRV - (gdwfpcd) -- C:\Windows\System32\drivers\gdwfpcd32.sys (G Data Software AG) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (TS4NT) -- C:\Windows\System32\drivers\TS4nt.sys (G Data Software) DRV - (HookCentre) -- C:\Windows\System32\drivers\HookCentre.sys (G Data Software AG) DRV - (NETwNv32) -- C:\Windows\System32\drivers\NETwNv32.sys (Intel Corporation) DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (NETw5v32) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corp.) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-6757586-1979965592-498421705-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-6757586-1979965592-498421705-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-6757586-1979965592-498421705-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-6757586-1979965592-498421705-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-6757586-1979965592-498421705-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) ========== Chrome ========== CHR - homepage: hxxp://google.de/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://google.de/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Programme\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG) O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Programme\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [GDFirewallTray] C:\Programme\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-6757586-1979965592-498421705-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-6757586-1979965592-498421705-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A47EC58-DBD9-451B-BC97-037C6764AA50}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{20ECE4C8-9665-45EC-9ADE-15C484F9EFBE}: DhcpNameServer = 192.168.0.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.01.10 15:28:26 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Local\temp [2013.01.10 15:28:04 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.01.10 15:13:39 | 000,000,000 | ---D | C] -- C:\ComboFix [2013.01.09 17:41:14 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.01.09 17:41:14 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.01.09 17:41:14 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.01.09 17:41:03 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.01.09 17:40:10 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.01.09 15:15:45 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Anne\Desktop\aswMBR.exe [2013.01.09 13:54:48 | 000,000,000 | ---D | C] -- C:\Users\Anne\Desktop\mbar-1.01.0.1011 [2013.01.09 11:07:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Anne\Desktop\OTL.exe [2013.01.09 00:23:41 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Roaming\Malwarebytes [2013.01.09 00:23:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.01.09 00:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.01.09 00:22:55 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013.01.09 00:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013.01.08 19:01:39 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2013.01.08 16:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices [2013.01.08 12:48:43 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll [2013.01.08 12:48:43 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll [2013.01.08 12:48:43 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll [2013.01.08 12:47:19 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll [2013.01.08 12:47:19 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe [2013.01.08 12:47:18 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll [2013.01.08 12:47:17 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll [2013.01.08 12:47:17 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll [2013.01.08 12:47:17 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll [2013.01.08 12:47:17 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll [2013.01.08 12:47:17 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll [2013.01.08 12:47:17 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll [2013.01.08 12:33:21 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2013.01.08 12:33:21 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2013.01.08 12:33:21 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.01.08 12:33:20 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2013.01.08 12:33:20 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2013.01.08 12:33:20 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2013.01.08 12:33:20 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2013.01.08 12:33:20 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2013.01.08 12:33:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.01.08 12:33:20 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013.01.08 12:33:20 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2013.01.08 12:33:20 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013.01.08 12:33:20 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.01.08 12:33:20 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2013.01.08 12:33:20 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013.01.08 12:33:19 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.01.08 12:33:19 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013.01.08 12:33:19 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.01.08 12:33:19 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2013.01.08 12:33:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013.01.08 12:33:19 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2013.01.08 12:33:19 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2013.01.08 12:33:19 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013.01.08 12:33:19 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2013.01.08 12:33:19 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013.01.08 12:33:19 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2013.01.08 12:33:19 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2013.01.08 12:33:18 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.01.08 12:33:18 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2013.01.08 12:33:18 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2013.01.08 12:33:18 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2013.01.08 12:33:18 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2013.01.08 12:33:18 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2013.01.08 12:33:18 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2013.01.08 12:33:18 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2013.01.08 12:33:18 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2013.01.08 12:33:18 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2013.01.08 12:32:27 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2013.01.08 12:32:27 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll [2013.01.08 12:32:27 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll [2013.01.08 12:32:27 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll [2013.01.08 12:32:27 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2013.01.08 12:32:27 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll [2013.01.08 12:32:26 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll [2013.01.08 12:32:25 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2013.01.08 12:32:25 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2013.01.08 12:32:25 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll [2013.01.08 12:32:25 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2013.01.08 12:32:25 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe [2013.01.08 12:32:25 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2013.01.08 12:32:25 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2013.01.08 12:32:25 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2013.01.08 12:32:25 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2013.01.08 12:32:25 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2013.01.08 12:32:25 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2013.01.08 12:32:25 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2013.01.08 12:32:25 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll [2013.01.08 12:32:24 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll [2013.01.08 12:32:24 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2013.01.08 12:31:57 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2013.01.08 12:31:57 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2013.01.08 12:31:57 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll [2013.01.08 12:31:57 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe [2013.01.08 12:31:57 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll [2013.01.08 12:31:57 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll [2013.01.08 12:21:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll [2013.01.08 12:21:08 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll [2013.01.08 12:21:08 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys [2013.01.08 12:21:08 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll [2013.01.08 12:21:07 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll [2013.01.08 12:21:07 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll [2013.01.08 12:14:57 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2013.01.08 12:14:57 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2013.01.08 10:48:17 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2013.01.08 10:48:17 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax [2013.01.08 10:48:17 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax [2013.01.08 10:48:17 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax [2013.01.08 10:48:15 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013.01.08 10:48:15 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2013.01.08 10:47:58 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll [2013.01.08 10:47:56 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.01.08 10:47:41 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll [2013.01.08 10:47:17 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2013.01.08 10:46:52 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2013.01.08 10:46:52 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll [2013.01.08 10:46:52 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe [2013.01.08 10:46:51 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2013.01.08 10:46:43 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll [2013.01.08 10:46:25 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2013.01.08 10:46:24 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2013.01.08 10:46:19 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2013.01.08 10:45:35 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2013.01.08 10:45:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2013.01.08 10:45:07 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll [2013.01.08 10:45:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll [2013.01.08 10:43:55 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2013.01.08 10:43:53 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll [2013.01.08 09:39:43 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll [2013.01.08 09:28:14 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2013.01.08 09:28:14 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2013.01.08 09:27:46 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2013.01.08 09:27:46 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2013.01.08 09:27:46 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2013.01.08 09:27:35 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2013.01.08 09:27:35 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2013.01.07 18:39:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES [2013.01.07 18:39:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES [2013.01.07 18:39:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN [2013.01.07 18:23:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders [2013.01.07 18:08:42 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.01.07 12:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts [2013.01.07 12:29:23 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2013.01.07 12:29:23 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2013.01.07 12:29:22 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2013.01.07 12:29:16 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2013.01.07 12:29:15 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2013.01.07 12:29:15 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2013.01.07 12:29:15 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2013.01.07 12:29:15 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2013.01.07 12:29:14 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2013.01.07 12:29:13 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll [2013.01.07 12:29:13 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2013.01.02 13:36:13 | 000,000,000 | ---D | C] -- C:\Windows\Cache [2012.12.30 17:10:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2012.12.30 17:10:44 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2012.12.17 19:00:06 | 000,015,600 | ---- | C] (G Data Software) -- C:\Windows\System32\drivers\GdPhyMem.sys [2012.12.17 19:00:04 | 000,030,416 | ---- | C] (G Data Software) -- C:\Windows\System32\drivers\GRD.sys [2012.12.17 18:31:29 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll [2012.12.17 18:24:25 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Local\Microsoft Games [2012.12.15 11:05:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2012.12.15 11:04:16 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2012.12.15 11:04:16 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2012.12.15 11:04:16 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2012.12.15 08:55:56 | 000,000,000 | ---D | C] -- C:\Users\Anne\Documents\Gedichte [2012.12.15 08:54:41 | 000,000,000 | ---D | C] -- C:\Users\Anne\Documents\Anne [2012.12.15 08:53:13 | 000,000,000 | ---D | C] -- C:\Users\Anne\Documents\Beratung [2012.12.15 08:44:18 | 000,010,792 | ---- | C] (G Data Software AG) -- C:\Windows\System32\GdScrSv.de.dll [2012.12.14 20:46:08 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Local\ashampoo [2012.12.14 20:46:08 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo [2012.12.14 20:46:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo [2012.12.14 20:45:38 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo [2012.12.14 20:14:34 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2012.12.14 20:14:29 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll [2012.12.14 20:14:29 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2012.12.14 20:14:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011 [2012.12.14 20:13:58 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Roaming\TuneUp Software [2012.12.14 20:13:51 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2011 [2012.12.14 20:12:22 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2012.12.14 20:12:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} [2012.12.14 17:51:35 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Roaming\Intel [2012.12.14 17:49:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless [2012.12.14 17:49:28 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco [2012.12.14 17:49:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2012.12.14 17:49:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2012.12.14 16:43:03 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll [2012.12.14 16:43:01 | 001,081,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCExt.dll [2012.12.14 16:43:00 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FunctionDiscoveryFolder.dll [2012.12.14 16:43:00 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingWizard.exe [2012.12.14 16:42:59 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll [2012.12.14 16:42:57 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll [2012.12.14 16:42:56 | 001,576,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll [2012.12.14 16:42:56 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys [2012.12.14 16:42:55 | 000,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll [2012.12.14 16:42:54 | 000,928,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavenge.dll [2012.12.14 16:42:53 | 000,968,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz2.dll [2012.12.14 16:42:53 | 000,677,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll [2012.12.14 16:42:53 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WscEapPr.dll [2012.12.14 16:42:52 | 000,619,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe [2012.12.14 16:42:51 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll [2012.12.14 16:42:51 | 000,978,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmv2clt.dll [2012.12.14 16:42:51 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe [2012.12.14 16:42:51 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe [2012.12.14 16:42:50 | 000,438,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll [2012.12.14 16:42:50 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll [2012.12.14 16:42:49 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll [2012.12.14 16:42:48 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2VDEC.DLL [2012.12.14 16:42:48 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll [2012.12.14 16:42:48 | 000,351,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll [2012.12.14 16:42:48 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll [2012.12.14 16:42:47 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10K.DLL [2012.12.14 16:42:47 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairing.dll [2012.12.14 16:42:47 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll [2012.12.14 16:42:46 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sperror.dll [2012.12.14 16:42:46 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll [2012.12.14 16:42:45 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IasMigReader.exe [2012.12.14 16:42:44 | 001,589,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjet40.dll [2012.12.14 16:42:43 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME [2012.12.14 16:42:43 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexch40.dll [2012.12.14 16:42:42 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll [2012.12.14 16:42:42 | 000,986,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe [2012.12.14 16:42:42 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\P2PGraph.dll [2012.12.14 16:42:42 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll [2012.12.14 16:42:41 | 001,792,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe [2012.12.14 16:42:41 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe [2012.12.14 16:42:41 | 000,454,144 | ---- | C] (Microsoft) -- C:\Windows\System32\IasMigPlugin.dll [2012.12.14 16:42:41 | 000,203,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll [2012.12.14 16:42:40 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll [2012.12.14 16:42:40 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBth.dll [2012.12.14 16:42:39 | 002,012,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\milcore.dll [2012.12.14 16:42:39 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll [2012.12.14 16:42:39 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll [2012.12.14 16:42:39 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll [2012.12.14 16:42:38 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpedit.dll [2012.12.14 16:42:38 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjtes40.dll [2012.12.14 16:42:38 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayDriverLib.dll [2012.12.14 16:42:38 | 000,099,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll [2012.12.14 16:42:37 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe [2012.12.14 16:42:37 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Magnify.exe [2012.12.14 16:42:37 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstext40.dll [2012.12.14 16:42:37 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe [2012.12.14 16:42:37 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll [2012.12.14 16:42:36 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msexcl40.dll [2012.12.14 16:42:36 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwmi.dll [2012.12.14 16:42:35 | 001,985,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll [2012.12.14 16:42:35 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll [2012.12.14 16:42:35 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxbde40.dll [2012.12.14 16:42:34 | 001,086,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NetProjW.dll [2012.12.14 16:42:34 | 000,643,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrepl40.dll [2012.12.14 16:42:34 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl [2012.12.14 16:42:34 | 000,469,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.dll [2012.12.14 16:42:34 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll [2012.12.14 16:42:34 | 000,102,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll [2012.12.14 16:42:33 | 002,926,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2012.12.14 16:42:33 | 001,788,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll [2012.12.14 16:42:33 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbde40.dll [2012.12.14 16:42:33 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe [2012.12.14 16:42:32 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll [2012.12.14 16:42:32 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd3x40.dll [2012.12.14 16:42:32 | 000,250,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll [2012.12.14 16:42:32 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msltus40.dll [2012.12.14 16:42:32 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorPwdMgr.dll [2012.12.14 16:42:31 | 000,614,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll [2012.12.14 16:42:31 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll [2012.12.14 16:42:30 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLCommDlg.dll [2012.12.14 16:42:30 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WcnNetsh.dll [2012.12.14 16:42:30 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\compcln.exe [2012.12.14 16:42:29 | 001,730,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apds.dll [2012.12.14 16:42:29 | 000,618,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswstr10.dll [2012.12.14 16:42:29 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll [2012.12.14 16:42:28 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLUI.exe [2012.12.14 16:42:28 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrd2x40.dll [2012.12.14 16:42:28 | 000,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys [2012.12.14 16:42:28 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll [2012.12.14 16:42:27 | 000,926,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe [2012.12.14 16:42:27 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll [2012.12.14 16:42:27 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll [2012.12.14 16:42:26 | 001,856,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll [2012.12.14 16:42:26 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtutil.exe [2012.12.14 16:42:26 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll [2012.12.14 16:42:25 | 002,167,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll [2012.12.14 16:42:24 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wcnwiz.dll [2012.12.14 16:42:24 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll [2012.12.14 16:42:24 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devmgr.dll [2012.12.14 16:42:24 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvinst.exe [2012.12.14 16:42:24 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingProxy.dll [2012.12.14 16:42:24 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll [2012.12.14 16:42:24 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdBthProxy.dll [2012.12.14 16:42:23 | 001,382,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL [2012.12.14 16:42:23 | 001,143,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wercon.exe [2012.12.14 16:42:23 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll [2012.12.14 16:42:23 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quick.ime [2012.12.14 16:42:23 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qintlgnt.ime [2012.12.14 16:42:23 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\phon.ime [2012.12.14 16:42:23 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cintlgnt.ime [2012.12.14 16:42:23 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chajei.ime [2012.12.14 16:42:22 | 000,856,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mswdat10.dll [2012.12.14 16:42:22 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll [2012.12.14 16:42:22 | 000,396,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll [2012.12.14 16:42:22 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reg.exe [2012.12.14 16:42:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjter40.dll [2012.12.14 16:42:22 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll [2012.12.14 16:42:22 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll [2012.12.14 16:42:22 | 000,035,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl [2012.12.14 16:42:21 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll [2012.12.14 16:42:21 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe [2012.12.14 16:42:21 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr [2012.12.14 16:42:21 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll [2012.12.14 16:42:21 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys [2012.12.14 16:42:21 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll [2012.12.14 16:42:21 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll [2012.12.14 16:42:20 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll [2012.12.14 16:42:20 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll [2012.12.14 16:42:20 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll [2012.12.14 16:42:20 | 000,035,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsWpfWrp.exe [2012.12.14 16:42:19 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fundisc.dll [2012.12.14 16:42:19 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll [2012.12.14 16:42:19 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi.dll [2012.12.14 16:42:19 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll [2012.12.14 16:42:18 | 001,823,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll [2012.12.14 16:42:18 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll [2012.12.14 16:42:18 | 001,020,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll [2012.12.14 16:42:18 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe [2012.12.14 16:42:18 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassdo.dll [2012.12.14 16:42:18 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys [2012.12.14 16:42:18 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax [2012.12.14 16:42:18 | 000,009,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll [2012.12.14 16:42:17 | 001,107,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pidgenx.dll [2012.12.14 16:42:17 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll [2012.12.14 16:42:17 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnrollUI.dll [2012.12.14 16:42:17 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys [2012.12.14 16:42:17 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys [2012.12.14 16:42:17 | 000,050,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PSHED.DLL [2012.12.14 16:42:17 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys [2012.12.14 16:42:16 | 002,205,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll [2012.12.14 16:42:16 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx [2012.12.14 16:42:15 | 001,502,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll [2012.12.14 16:42:15 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe [2012.12.14 16:42:15 | 000,593,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comuid.dll [2012.12.14 16:42:15 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll [2012.12.14 16:42:15 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassam.dll [2012.12.14 16:42:15 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll [2012.12.14 16:42:15 | 000,017,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll [2012.12.14 16:42:14 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime [2012.12.14 16:42:14 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS [2012.12.14 16:42:14 | 000,043,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys [2012.12.14 16:42:13 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe [2012.12.14 16:42:13 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasnap.dll [2012.12.14 16:42:13 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe [2012.12.14 16:42:13 | 000,130,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll [2012.12.14 16:42:13 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe [2012.12.14 16:42:13 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys [2012.12.14 16:42:13 | 000,017,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdcom.dll [2012.12.14 16:42:12 | 000,564,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll [2012.12.14 16:42:12 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelMon.dll [2012.12.14 16:42:12 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wow32.dll [2012.12.14 16:42:12 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\osk.exe [2012.12.14 16:42:12 | 000,019,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kdusb.dll [2012.12.14 16:42:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spcmsg.dll [2012.12.14 16:42:11 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe [2012.12.14 16:42:11 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Utilman.exe [2012.12.14 16:42:11 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe [2012.12.14 16:42:11 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll [2012.12.14 16:42:11 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll [2012.12.14 16:42:10 | 000,852,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll [2012.12.14 16:42:10 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnntfy.dll [2012.12.14 16:42:10 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll [2012.12.14 16:42:10 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe [2012.12.14 16:42:10 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe [2012.12.14 16:42:10 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll [2012.12.14 16:42:10 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll [2012.12.14 16:42:10 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll [2012.12.14 16:42:10 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsmsext.dll [2012.12.14 16:42:10 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll [2012.12.14 16:42:09 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll [2012.12.14 16:42:09 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscntfy.dll [2012.12.14 16:42:09 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ulib.dll [2012.12.14 16:42:08 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\brcpl.dll [2012.12.14 16:42:08 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsecsnp.dll [2012.12.14 16:42:08 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsdyn.dll [2012.12.14 16:42:08 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll [2012.12.14 16:42:08 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpsetup.dll [2012.12.14 16:42:08 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe [2012.12.14 16:42:08 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll [2012.12.14 16:42:08 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashlpr.dll [2012.12.14 16:42:08 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdProxy.dll [2012.12.14 16:42:07 | 001,575,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL [2012.12.14 16:42:07 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll [2012.12.14 16:42:07 | 000,155,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll [2012.12.14 16:42:07 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe [2012.12.14 16:42:07 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe [2012.12.14 16:42:06 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll [2012.12.14 16:42:06 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe [2012.12.14 16:42:05 | 002,225,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll [2012.12.14 16:42:05 | 001,580,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll [2012.12.14 16:42:04 | 001,152,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll [2012.12.14 16:42:04 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll [2012.12.14 16:42:04 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iassvcs.dll [2012.12.14 16:42:04 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll [2012.12.14 16:42:03 | 000,777,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcc.dll [2012.12.14 16:42:03 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll [2012.12.14 16:42:03 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll [2012.12.14 16:42:03 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll [2012.12.14 16:42:02 | 003,072,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll [2012.12.14 16:42:02 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll [2012.12.14 16:42:02 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll [2012.12.14 16:42:02 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll [2012.12.14 16:42:02 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys [2012.12.14 16:42:02 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\newdev.exe [2012.12.14 16:42:02 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll [2012.12.14 16:42:01 | 002,515,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll [2012.12.14 16:42:01 | 001,224,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll [2012.12.14 16:42:01 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll [2012.12.14 16:42:01 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll [2012.12.14 16:42:01 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll [2012.12.14 16:42:01 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pcaui.dll [2012.12.14 16:42:01 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmci.dll [2012.12.14 16:42:00 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll [2012.12.14 16:42:00 | 000,532,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpcao.dll [2012.12.14 16:42:00 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe [2012.12.14 16:42:00 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scksp.dll [2012.12.14 16:42:00 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll [2012.12.14 16:42:00 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll [2012.12.14 16:42:00 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pintlgnt.ime [2012.12.14 16:42:00 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\feclient.dll [2012.12.14 16:41:59 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl [2012.12.14 16:41:59 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll [2012.12.14 16:41:59 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpapimig.exe [2012.12.14 16:41:59 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll [2012.12.14 16:41:59 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll [2012.12.14 16:41:59 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleprn.dll [2012.12.14 16:41:59 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll [2012.12.14 16:41:59 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rekeywiz.exe [2012.12.14 16:41:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iaspolcy.dll [2012.12.14 16:41:59 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceEject.exe [2012.12.14 16:41:59 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscisvif.dll [2012.12.14 16:41:58 | 000,642,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasgcw.dll [2012.12.14 16:41:58 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL [2012.12.14 16:41:58 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnpui.dll [2012.12.14 16:41:58 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll [2012.12.14 16:41:58 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasplap.dll [2012.12.14 16:41:58 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certreq.exe [2012.12.14 16:41:58 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll [2012.12.14 16:41:58 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys [2012.12.14 16:41:58 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll [2012.12.14 16:41:58 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hdwwiz.exe [2012.12.14 16:41:58 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWSD.dll [2012.12.14 16:41:58 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe [2012.12.14 16:41:58 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmmon32.exe [2012.12.14 16:41:58 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSTheme.exe [2012.12.14 16:41:58 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\whealogr.dll [2012.12.14 16:41:58 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys [2012.12.14 16:41:58 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys [2012.12.14 16:41:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwinsat.dll [2012.12.14 16:41:57 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL [2012.12.14 16:41:57 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiaaut.dll [2012.12.14 16:41:57 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmdial32.dll [2012.12.14 16:41:57 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll [2012.12.14 16:41:57 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SnippingTool.exe [2012.12.14 16:41:57 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll [2012.12.14 16:41:57 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsprop.dll [2012.12.14 16:41:57 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conime.exe [2012.12.14 16:41:57 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPutil.exe [2012.12.14 16:41:56 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll [2012.12.14 16:41:56 | 002,153,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oobefldr.dll [2012.12.14 16:41:56 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll [2012.12.14 16:41:56 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\modemui.dll [2012.12.14 16:41:56 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscandui.dll [2012.12.14 16:41:56 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasmontr.dll [2012.12.14 16:41:56 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll [2012.12.14 16:41:56 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dimsroam.dll [2012.12.14 16:41:55 | 000,542,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll [2012.12.14 16:41:55 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll [2012.12.14 16:41:55 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll [2012.12.14 16:41:55 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlgpclnt.dll [2012.12.14 16:41:55 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll [2012.12.14 16:41:54 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll [2012.12.14 16:41:54 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDMon.dll [2012.12.14 16:41:54 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys [2012.12.14 16:41:53 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll [2012.12.14 16:41:53 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll [2012.12.14 16:41:53 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll [2012.12.14 16:41:53 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpresult.exe [2012.12.14 16:41:53 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\softkbd.dll [2012.12.14 16:41:53 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe [2012.12.14 16:41:53 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cipher.exe [2012.12.14 16:41:53 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll [2012.12.14 16:41:53 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys [2012.12.14 16:41:53 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll [2012.12.14 16:41:53 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifmon.dll [2012.12.14 16:41:52 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll [2012.12.14 16:41:52 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll [2012.12.14 16:41:52 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll [2012.12.14 16:41:52 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiapi.dll [2012.12.14 16:41:52 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmsynth.dll [2012.12.14 16:41:52 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msctfui.dll [2012.12.14 16:41:52 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll [2012.12.14 16:41:51 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll [2012.12.14 16:41:51 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SLLUA.exe [2012.12.14 16:41:51 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tintlgnt.ime [2012.12.14 16:41:51 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dmusic.dll [2012.12.14 16:41:51 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax [2012.12.14 16:41:51 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdSSDP.dll [2012.12.14 16:41:51 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\l2nacp.dll [2012.12.14 16:41:51 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msjint40.dll [2012.12.14 16:41:51 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fc.exe [2012.12.14 16:41:51 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll [2012.12.14 16:41:51 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msisip.dll [2012.12.14 16:41:50 | 000,083,456 | ---- | C] (Microsoft) -- C:\Windows\System32\SMBHelperClass.dll [2012.12.14 16:41:50 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdWCN.dll [2012.12.14 16:41:50 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Storprop.dll [2012.12.14 16:41:50 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdiag.dll [2012.12.14 16:41:50 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll [2012.12.14 16:41:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthci.dll [2012.12.14 16:41:50 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe [2012.12.14 16:41:50 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthudtask.exe [2012.12.14 16:41:50 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipconfig.exe [2012.12.14 16:41:50 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll [2012.12.14 16:41:50 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasdial.exe [2012.12.14 16:41:49 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll [2012.12.14 16:41:49 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe [2012.12.14 16:41:49 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll [2012.12.14 16:41:49 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slcinst.dll [2012.12.14 16:41:49 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll [2012.12.14 16:41:49 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkitemfactory.dll [2012.12.14 16:41:49 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys [2012.12.14 16:41:49 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe [2012.12.14 16:41:49 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll [2012.12.14 16:41:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcico.dll [2012.12.14 16:41:49 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CHxReadingStringIME.dll [2012.12.14 16:41:48 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PNPXAssoc.dll [2012.12.14 16:41:48 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpupdate.exe [2012.12.14 16:41:47 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys [2012.12.14 16:41:47 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrstub.exe [2012.12.14 16:41:47 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe [2012.12.14 16:41:47 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll [2012.12.14 16:41:47 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsigd.dll [2012.12.14 16:41:47 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NcdProp.dll [2012.12.14 16:41:47 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdmdbg.dll [2012.12.14 16:41:47 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsilog.dll [2012.12.14 16:41:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys [2012.12.14 16:41:46 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetppui.dll [2012.12.14 16:41:46 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll [2012.12.14 16:41:45 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys [2012.12.14 16:41:45 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys [2012.12.14 16:41:45 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys [2012.12.14 16:41:44 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\f3ahvoas.dll [2012.12.14 16:41:44 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll [2012.12.14 16:41:33 | 000,705,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll [2012.12.14 16:41:31 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll [2012.12.14 16:41:31 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe [2012.12.14 16:41:28 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll [2012.12.14 16:31:13 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2012.12.14 16:31:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll [2012.12.14 16:31:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx [2012.12.14 16:31:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll [2012.12.14 16:30:53 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2012.12.14 16:30:53 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll [2012.12.14 16:30:30 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll [2012.12.14 16:30:30 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE [2012.12.14 16:30:30 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE [2012.12.14 16:30:30 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE [2012.12.14 16:30:30 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE [2012.12.14 16:30:30 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe [2012.12.14 16:30:30 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE [2012.12.14 16:30:04 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll [2012.12.14 16:30:04 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll [2012.12.14 16:30:04 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll [2012.12.14 16:30:04 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll [2012.12.14 16:30:04 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll [2012.12.14 16:29:43 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2012.12.14 16:29:43 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2012.12.14 16:29:38 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2012.12.14 16:29:32 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL [2012.12.14 16:29:31 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe [2012.12.14 16:29:31 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe [2012.12.14 16:29:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll [2012.12.14 16:29:26 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2012.12.14 16:29:18 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2012.12.14 16:28:40 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2012.12.14 16:27:28 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe [2012.12.14 16:26:59 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl [2012.12.14 16:26:53 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL [2012.12.14 16:25:39 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2012.12.14 16:25:39 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2012.12.14 16:25:27 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2012.12.14 16:25:27 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2012.12.14 16:25:27 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2012.12.14 16:25:06 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll [2012.12.14 16:24:50 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2012.12.14 16:24:40 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll [2012.12.14 16:24:39 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2012.12.14 16:24:39 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll [2012.12.14 16:24:38 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm [2012.12.14 16:24:38 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm [2012.12.14 16:24:26 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2012.12.14 16:24:26 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2012.12.14 16:24:26 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2012.12.14 16:24:15 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2012.12.14 16:23:28 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb [2012.12.14 16:23:28 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb [2012.12.14 16:23:26 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe [2012.12.14 16:23:26 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe [2012.12.14 16:23:26 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll [2012.12.14 16:23:26 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll [2012.12.14 16:23:26 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe [2012.12.14 16:23:26 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe [2012.12.14 16:23:25 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll [2012.12.14 16:23:25 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll [2012.12.14 16:23:25 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll [2012.12.14 16:23:01 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll [2012.12.14 16:23:01 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscupgrd.exe [2012.12.14 16:23:01 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll [2012.12.14 16:22:38 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll [2012.12.14 16:22:20 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll [2012.12.14 16:22:15 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL [2012.12.14 16:10:02 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Roaming\WinRAR [2012.12.13 21:06:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012.12.13 21:04:45 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2012.12.13 21:04:40 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Local\Google [2012.12.13 21:04:29 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Local\Deployment [2012.12.13 21:04:29 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Local\Apps [2012.12.13 20:56:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell [2012.12.13 20:53:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data TotalProtection 2013 [2012.12.13 20:52:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\BioAPIFFDB [2012.12.13 20:52:24 | 000,103,928 | ---- | C] (G Data Software) -- C:\Windows\System32\drivers\TS4nt.sys [2012.12.13 20:52:09 | 000,050,080 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\PktIcpt.sys [2012.12.13 20:51:42 | 000,093,728 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys [2012.12.13 20:51:42 | 000,050,040 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys [2012.12.13 20:51:41 | 000,041,888 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys [2012.12.13 20:51:20 | 000,053,664 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys [2012.12.13 20:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA Software [2012.12.13 20:49:26 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA [2012.12.13 20:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\G Data [2012.12.13 20:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\G Data [2012.12.13 20:47:10 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012.12.13 20:46:57 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Local\Downloaded Installations [2012.12.13 20:36:11 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2012.12.13 20:33:06 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe [2012.12.13 20:31:52 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll [2012.12.13 20:30:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll [2012.12.13 20:30:49 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe [2012.12.13 20:30:49 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe [2012.12.13 20:30:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe [2012.12.13 20:30:48 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll [2012.12.13 20:30:48 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll [2012.12.13 20:30:47 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll [2012.12.13 20:30:47 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe [2012.12.13 20:30:47 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll [2012.12.13 20:30:47 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll [2012.12.13 20:30:47 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll [2012.12.13 20:30:43 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll [2012.12.13 20:30:43 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe [2012.12.13 20:30:43 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll [2012.12.13 20:30:43 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll [2012.12.13 20:30:43 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll [2012.12.13 20:05:52 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe [2012.12.13 20:00:46 | 003,658,752 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\NETw5v32.sys [2012.12.13 20:00:46 | 002,756,608 | ---- | C] (Intel Corporation) -- C:\Windows\System32\NETw5r32.dll [2012.12.13 20:00:46 | 000,659,456 | ---- | C] (Intel Corporation) -- C:\Windows\System32\NETw5c32.dll [2012.12.13 19:38:38 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2012.12.13 19:36:08 | 000,007,680 | ---- | C] (Windows (R) 2000 DDK provider) -- C:\Windows\System32\CLEVOMOF.dll [2012.12.13 19:36:08 | 000,000,000 | ---D | C] -- C:\Program Files\Hotkey [2012.12.13 19:35:19 | 000,084,240 | ---- | C] (JMicron Technology Corp.) -- C:\Windows\System32\drivers\jmcr.sys [2012.12.13 19:35:18 | 000,000,000 | ---D | C] -- C:\Windows\JMCR_DIR [2012.12.13 19:33:59 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics [2012.12.13 19:32:43 | 000,118,784 | ---- | C] (Realtek Corporation ) -- C:\Windows\System32\drivers\Rtlh86.sys [2012.12.13 19:32:22 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Roaming\InstallShield [2012.12.13 19:31:18 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola [2012.12.13 19:31:06 | 001,094,272 | ---- | C] (Motorola Inc.) -- C:\Windows\System32\drivers\smserial.sys [2012.12.13 19:31:06 | 000,364,544 | ---- | C] (Motorola Inc.) -- C:\Windows\System32\sm56co81.dll [2012.12.13 19:29:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2012.12.13 19:29:31 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll [2012.12.13 19:29:29 | 001,773,568 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2012.12.13 19:29:29 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2012.12.13 19:29:29 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2012.12.13 19:29:29 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2012.12.13 19:29:29 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2012.12.13 19:29:28 | 002,172,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2012.12.13 19:29:28 | 001,196,032 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe [2012.12.13 19:29:28 | 000,694,272 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2012.12.13 19:29:28 | 000,285,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2012.12.13 19:29:28 | 000,031,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll [2012.12.13 19:29:26 | 006,111,232 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe [2012.12.13 19:29:26 | 000,532,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2012.12.13 19:29:25 | 001,929,216 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2012.12.13 19:29:25 | 000,155,648 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2012.12.13 19:29:25 | 000,140,288 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\FMAPO.dll [2012.12.13 19:29:25 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2012.12.13 19:29:25 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012.12.13 19:29:24 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2012.12.13 19:29:16 | 000,520,192 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2012.12.13 19:29:16 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe [2012.12.13 19:27:57 | 000,442,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvudisp.exe [2012.12.13 19:27:17 | 000,442,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NVUNINST.EXE [2012.12.13 19:27:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2012.12.13 19:24:14 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll [2012.12.13 19:24:14 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2012.12.13 18:55:08 | 000,000,000 | R--D | C] -- C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.12.13 18:55:08 | 000,000,000 | R--D | C] -- C:\Users\Anne\Searches [2012.12.13 18:55:08 | 000,000,000 | R--D | C] -- C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.12.13 18:54:58 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Roaming\Identities [2012.12.13 18:54:54 | 000,000,000 | R--D | C] -- C:\Users\Anne\Contacts [2012.12.13 18:54:54 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Local\VirtualStore [2012.12.13 18:54:50 | 000,000,000 | -HSD | C] -- C:\Users\Anne\Vorlagen [2012.12.13 18:54:50 | 000,000,000 | -HSD | C] -- C:\Users\Anne\AppData\Local\Verlauf [2012.12.13 18:54:50 | 000,000,000 | -HSD | C] -- C:\Users\Anne\AppData\Local\Temporary Internet Files [2012.12.13 18:54:50 | 000,000,000 | -HSD | C] -- C:\Users\Anne\Startmenü [2012.12.13 18:54:50 | 000,000,000 | -HSD | C] -- C:\Users\Anne\SendTo [2012.12.13 18:54:50 | 000,000,000 | -HSD | C] -- C:\Users\Anne\Recent [2012.12.13 18:54:50 | 000,000,000 | -HSD | C] -- C:\Users\Anne\Netzwerkumgebung [2012.12.13 18:54:50 | 000,000,000 | -HSD | C] -- C:\Users\Anne\Lokale Einstellungen [2012.12.13 18:54:50 | 000,000,000 | -HSD | C] -- C:\Users\Anne\Documents\Eigene Videos [2012.12.13 18:54:50 | 000,000,000 | -HSD | C] -- C:\Users\Anne\Documents\Eigene Musik [2012.12.13 18:54:50 | 000,000,000 | -HSD | C] -- C:\Users\Anne\Eigene Dateien [2012.12.13 18:54:50 | 000,000,000 | -HSD | C] -- C:\Users\Anne\Documents\Eigene Bilder [2012.12.13 18:54:50 | 000,000,000 | -HSD | C] -- C:\Users\Anne\Druckumgebung [2012.12.13 18:54:50 | 000,000,000 | -HSD | C] -- C:\Users\Anne\Cookies [2012.12.13 18:54:50 | 000,000,000 | -HSD | C] -- C:\Users\Anne\AppData\Local\Anwendungsdaten [2012.12.13 18:54:50 | 000,000,000 | -HSD | C] -- C:\Users\Anne\Anwendungsdaten [2012.12.13 18:54:49 | 000,000,000 | --SD | C] -- C:\Users\Anne\AppData\Roaming\Microsoft [2012.12.13 18:54:49 | 000,000,000 | R--D | C] -- C:\Users\Anne\Videos [2012.12.13 18:54:49 | 000,000,000 | R--D | C] -- C:\Users\Anne\Saved Games [2012.12.13 18:54:49 | 000,000,000 | R--D | C] -- C:\Users\Anne\Pictures [2012.12.13 18:54:49 | 000,000,000 | R--D | C] -- C:\Users\Anne\Music [2012.12.13 18:54:49 | 000,000,000 | R--D | C] -- C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.12.13 18:54:49 | 000,000,000 | R--D | C] -- C:\Users\Anne\Links [2012.12.13 18:54:49 | 000,000,000 | R--D | C] -- C:\Users\Anne\Favorites [2012.12.13 18:54:49 | 000,000,000 | R--D | C] -- C:\Users\Anne\Downloads [2012.12.13 18:54:49 | 000,000,000 | R--D | C] -- C:\Users\Anne\Documents [2012.12.13 18:54:49 | 000,000,000 | R--D | C] -- C:\Users\Anne\Desktop [2012.12.13 18:54:49 | 000,000,000 | R--D | C] -- C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.12.13 18:54:49 | 000,000,000 | -H-D | C] -- C:\Users\Anne\AppData [2012.12.13 18:54:49 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Local\Microsoft [2012.12.13 18:54:49 | 000,000,000 | ---D | C] -- C:\Users\Anne\AppData\Roaming\Media Center Programs [2012.12.13 18:52:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.12.13 18:52:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.12.13 18:52:39 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2012.12.13 18:52:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.12.13 18:52:39 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2012.12.13 18:52:39 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2012.12.13 18:52:39 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2012.12.13 18:52:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.12.13 18:52:39 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.12.13 18:52:11 | 000,000,000 | ---D | C] -- C:\Windows\Debug [2012.12.13 18:44:18 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012.12.13 18:30:37 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012.12.13 18:29:44 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2012.12.13 18:10:06 | 000,000,000 | ---D | C] -- C:\Windows.old.001 ========== Files - Modified Within 30 Days ========== [2013.01.11 16:13:26 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.01.11 16:13:25 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.01.11 16:13:25 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.01.11 16:13:25 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.01.11 16:09:14 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.01.11 16:06:01 | 000,027,744 | ---- | M] () -- C:\ProgramData\nvModes.dat [2013.01.11 16:06:01 | 000,027,744 | ---- | M] () -- C:\ProgramData\nvModes.001 [2013.01.11 16:05:58 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.01.11 16:05:45 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.11 16:05:45 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.11 16:05:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.11 16:05:12 | 2678,988,800 | -HS- | M] () -- C:\hiberfil.sys [2013.01.10 20:47:58 | 000,554,087 | ---- | M] () -- C:\Users\Anne\Desktop\adwcleaner.exe [2013.01.10 19:10:59 | 000,940,615 | ---- | M] () -- C:\Windows\System32\sig.bin [2013.01.10 19:10:59 | 000,050,877 | ---- | M] () -- C:\Windows\System32\nmp.map [2013.01.10 15:12:43 | 000,000,842 | ---- | M] () -- C:\Users\Anne\Desktop\ComboFix - Verknüpfung.lnk [2013.01.09 15:31:30 | 000,000,512 | ---- | M] () -- C:\Users\Anne\Desktop\MBR.dat [2013.01.09 15:16:45 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Anne\Desktop\aswMBR.exe [2013.01.09 13:40:33 | 013,485,902 | ---- | M] () -- C:\Users\Anne\Desktop\mbar-1.01.0.1011.zip [2013.01.09 13:26:37 | 000,003,699 | ---- | M] () -- C:\Users\Anne\Documents\G Data Protokoll ID 146.html [2013.01.09 11:08:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anne\Desktop\OTL.exe [2013.01.09 08:43:56 | 000,000,000 | ---- | M] () -- C:\Users\Anne\defogger_reenable [2013.01.09 00:23:08 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.08 16:40:18 | 000,228,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.01.08 16:35:51 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf [2013.01.08 12:33:29 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat [2013.01.08 12:33:29 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat [2013.01.08 12:33:21 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2013.01.08 12:33:21 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2013.01.08 12:33:21 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.01.08 12:33:20 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2013.01.08 12:33:20 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2013.01.08 12:33:20 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2013.01.08 12:33:20 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2013.01.08 12:33:20 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2013.01.08 12:33:20 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.01.08 12:33:20 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013.01.08 12:33:20 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2013.01.08 12:33:20 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013.01.08 12:33:20 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.01.08 12:33:20 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2013.01.08 12:33:20 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2013.01.08 12:33:20 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013.01.08 12:33:19 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.01.08 12:33:19 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013.01.08 12:33:19 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.01.08 12:33:19 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2013.01.08 12:33:19 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013.01.08 12:33:19 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2013.01.08 12:33:19 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2013.01.08 12:33:19 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013.01.08 12:33:19 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2013.01.08 12:33:19 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013.01.08 12:33:19 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2013.01.08 12:33:19 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2013.01.08 12:33:18 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.01.08 12:33:18 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2013.01.08 12:33:18 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2013.01.08 12:33:18 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2013.01.08 12:33:18 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2013.01.08 12:33:18 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2013.01.08 12:33:18 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2013.01.08 12:33:18 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2013.01.08 12:33:18 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2013.01.08 12:33:18 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2013.01.08 12:32:27 | 002,873,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2013.01.08 12:32:27 | 000,979,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll [2013.01.08 12:32:27 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll [2013.01.08 12:32:27 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll [2013.01.08 12:32:27 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2013.01.08 12:32:27 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll [2013.01.08 12:32:26 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll [2013.01.08 12:32:25 | 001,554,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll [2013.01.08 12:32:25 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2013.01.08 12:32:25 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2013.01.08 12:32:25 | 000,847,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll [2013.01.08 12:32:25 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2013.01.08 12:32:25 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe [2013.01.08 12:32:25 | 000,486,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2013.01.08 12:32:25 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2013.01.08 12:32:25 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2013.01.08 12:32:25 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2013.01.08 12:32:25 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2013.01.08 12:32:25 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2013.01.08 12:32:25 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2013.01.08 12:32:25 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll [2013.01.08 12:32:24 | 000,876,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2013.01.08 12:31:58 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\dxgkrnl.sys.mui [2013.01.08 12:31:57 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2013.01.08 12:31:57 | 000,369,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2013.01.08 12:31:57 | 000,321,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll [2013.01.08 12:31:57 | 000,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe [2013.01.08 12:31:57 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll [2013.01.08 12:31:57 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll [2013.01.07 18:10:12 | 000,001,356 | ---- | M] () -- C:\Users\Anne\AppData\Local\d3d9caps.dat [2013.01.07 18:08:42 | 284,405,572 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.01.07 12:41:31 | 000,000,058 | ---- | M] () -- C:\Windows\nfsc_patch.ini [2012.12.30 17:03:50 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_xusb21_01007.Wdf [2012.12.17 19:00:06 | 000,015,600 | ---- | M] (G Data Software) -- C:\Windows\System32\drivers\GdPhyMem.sys [2012.12.17 19:00:04 | 000,030,416 | ---- | M] (G Data Software) -- C:\Windows\System32\drivers\GRD.sys [2012.12.16 14:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2012.12.16 11:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012.12.15 08:47:05 | 000,050,080 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\PktIcpt.sys [2012.12.15 08:44:19 | 000,093,728 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys [2012.12.15 08:44:19 | 000,041,888 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys [2012.12.15 08:44:18 | 000,053,664 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys [2012.12.14 20:46:06 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Photo Commander 9.lnk [2012.12.14 20:14:27 | 000,001,875 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.12.14 20:14:27 | 000,001,871 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.12.13 21:06:06 | 000,001,969 | ---- | M] () -- C:\Users\Anne\Desktop\Google Chrome.lnk [2012.12.13 21:02:41 | 000,001,595 | ---- | M] () -- C:\Users\Public\Desktop\Browserwahl.lnk [2012.12.13 20:52:24 | 000,103,928 | ---- | M] (G Data Software) -- C:\Windows\System32\drivers\TS4nt.sys [2012.12.13 20:51:42 | 000,050,040 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys [2012.12.13 20:51:12 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\G Data TotalProtection.lnk [2012.12.13 19:35:45 | 000,000,251 | ---- | M] () -- C:\Windows\xUninstall.bat [2012.12.13 19:34:06 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf [2012.12.13 19:29:31 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll [2012.12.13 19:29:16 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe [2012.12.13 19:08:22 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf [2012.12.13 18:45:44 | 000,060,826 | ---- | M] () -- C:\Windows\System32\license.rtf [2012.12.13 18:29:30 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK ========== Files Created - No Company Name ========== [2013.01.11 16:05:12 | 2678,988,800 | -HS- | C] () -- C:\hiberfil.sys [2013.01.10 20:47:56 | 000,554,087 | ---- | C] () -- C:\Users\Anne\Desktop\adwcleaner.exe [2013.01.10 15:12:43 | 000,000,842 | ---- | C] () -- C:\Users\Anne\Desktop\ComboFix - Verknüpfung.lnk [2013.01.09 17:41:14 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.01.09 17:41:14 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.01.09 17:41:14 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.01.09 17:41:14 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.01.09 17:41:14 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.01.09 15:31:30 | 000,000,512 | ---- | C] () -- C:\Users\Anne\Desktop\MBR.dat [2013.01.09 13:40:18 | 013,485,902 | ---- | C] () -- C:\Users\Anne\Desktop\mbar-1.01.0.1011.zip [2013.01.09 13:26:37 | 000,003,699 | ---- | C] () -- C:\Users\Anne\Documents\G Data Protokoll ID 146.html [2013.01.09 08:43:56 | 000,000,000 | ---- | C] () -- C:\Users\Anne\defogger_reenable [2013.01.09 00:23:08 | 000,000,912 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.08 16:43:03 | 000,000,955 | ---- | C] () -- C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.01.08 16:35:51 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf [2013.01.08 12:33:20 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2013.01.08 12:21:20 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2013.01.08 12:21:20 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2013.01.07 18:07:48 | 284,405,572 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.01.07 12:40:19 | 000,000,058 | ---- | C] () -- C:\Windows\nfsc_patch.ini [2012.12.30 17:03:50 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_xusb21_01007.Wdf [2012.12.17 18:29:56 | 000,940,615 | ---- | C] () -- C:\Windows\System32\sig.bin [2012.12.17 18:29:56 | 000,050,877 | ---- | C] () -- C:\Windows\System32\nmp.map [2012.12.14 20:46:06 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Photo Commander 9.lnk [2012.12.14 20:14:27 | 000,001,875 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.12.14 20:14:27 | 000,001,871 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk [2012.12.14 20:14:26 | 000,001,883 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk [2012.12.14 16:42:40 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd [2012.12.14 16:42:39 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man [2012.12.14 16:42:33 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf [2012.12.14 16:42:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2012.12.14 16:42:32 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2012.12.14 16:42:30 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf [2012.12.14 16:42:28 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf [2012.12.14 16:42:19 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF [2012.12.14 16:42:17 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs [2012.12.14 16:41:46 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml [2012.12.14 16:41:42 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml [2012.12.14 16:30:05 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf [2012.12.13 21:06:06 | 000,001,969 | ---- | C] () -- C:\Users\Anne\Desktop\Google Chrome.lnk [2012.12.13 21:04:56 | 000,001,094 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.12.13 21:04:52 | 000,001,090 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.12.13 21:02:41 | 000,001,595 | ---- | C] () -- C:\Users\Public\Desktop\Browserwahl.lnk [2012.12.13 20:51:12 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\G Data TotalProtection.lnk [2012.12.13 20:34:24 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2012.12.13 20:34:23 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex [2012.12.13 20:30:44 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs [2012.12.13 20:30:44 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml [2012.12.13 20:30:44 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl [2012.12.13 19:38:35 | 000,027,744 | ---- | C] () -- C:\ProgramData\nvModes.001 [2012.12.13 19:38:29 | 000,027,744 | ---- | C] () -- C:\ProgramData\nvModes.dat [2012.12.13 19:35:45 | 000,000,251 | ---- | C] () -- C:\Windows\xUninstall.bat [2012.12.13 19:34:06 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf [2012.12.13 19:33:39 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2012.12.13 19:30:50 | 000,000,553 | R--- | C] () -- C:\Windows\USetup.iss [2012.12.13 19:27:56 | 000,008,060 | ---- | C] () -- C:\Windows\System32\nvdisp.nvu [2012.12.13 19:27:21 | 000,000,354 | ---- | C] () -- C:\Windows\System32\nvhda.nvu [2012.12.13 19:08:22 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf [2012.12.13 18:55:07 | 000,000,950 | ---- | C] () -- C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2012.12.13 18:54:54 | 000,000,921 | ---- | C] () -- C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk [2012.12.13 18:54:51 | 000,001,356 | ---- | C] () -- C:\Users\Anne\AppData\Local\d3d9caps.dat [2012.12.13 18:45:21 | 000,000,604 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk ========== ZeroAccess Check ========== [2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > Code:
ATTFilter OTL Extras logfile created on: 11.01.2013 16:08:48 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anne\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,49 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 52,30% Memory free 5,20 Gb Paging File | 3,89 Gb Available in Paging File | 74,78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 298,09 Gb Total Space | 140,99 Gb Free Space | 47,30% Space Free | Partition Type: NTFS Computer Name: ANNE-PC | User Name: Anne | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-6757586-1979965592-498421705-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{2815E119-F325-4658-ACDA-3E2E64E61028}" = protocol=17 | dir=in | app=d:\dwizard300.exe | "{496D929B-0730-4DFC-BE84-2205B36784AF}" = protocol=17 | dir=in | app=d:\libneap.dll | "{9CB23B4C-2A56-4FDC-A91B-2070F2A1ECE9}" = protocol=6 | dir=in | app=d:\libneap.dll | "{D210CF26-1B54-44AD-B428-4C1FD230EC24}" = protocol=6 | dir=in | app=d:\dwizard300.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{164714B6-46BC-4649-9A30-A6ED32F03B5A}" = Hotkey "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011 "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE) "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{C8005A7B-9638-41DD-B83B-AF277754E211}" = Intel(R) PROSet/Wireless WiFi-Software "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE6217F3-6072-40E2-9157-A4695C334F8E}" = G Data TotalProtection 2013 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Ashampoo Photo Commander 9_is1" = Ashampoo Photo Commander 9 v.9.4.3 "Google Chrome" = Google Chrome "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "NVIDIA Drivers" = NVIDIA Drivers "ProInst" = Intel PROSet Wireless "SMSERIAL" = Motorola SM56 Data Fax Modem "SynTPDeinstKey" = Synaptics Pointing Device Driver "TuneUp Utilities 2011" = TuneUp Utilities 2011 ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 09.01.2013 08:39:13 | Computer Name = Anne-PC | Source = Application Error | ID = 1000 Description = Fehlerhafte Anwendung mbar.exe, Version 1.1.0.1011, Zeitstempel 0x50bd4069, fehlerhaftes Modul QtGui4.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode 0xc0000135, Fehleroffset 0x00009f5d, Prozess-ID 0x984, Anwendungsstartzeit 01cdee6652721a47. Error - 09.01.2013 09:25:22 | Computer Name = Anne-PC | Source = WinMgmt | ID = 10 Description = Error - 09.01.2013 14:51:36 | Computer Name = Anne-PC | Source = WinMgmt | ID = 10 Description = Error - 10.01.2013 09:55:38 | Computer Name = Anne-PC | Source = WinMgmt | ID = 10 Description = Error - 10.01.2013 14:23:21 | Computer Name = Anne-PC | Source = WinMgmt | ID = 10 Description = Error - 11.01.2013 10:44:02 | Computer Name = Anne-PC | Source = WinMgmt | ID = 10 Description = Error - 11.01.2013 10:53:05 | Computer Name = Anne-PC | Source = WinMgmt | ID = 10 Description = Error - 11.01.2013 10:59:18 | Computer Name = Anne-PC | Source = EventSystem | ID = 4609 Description = Error - 11.01.2013 10:59:53 | Computer Name = Anne-PC | Source = WinMgmt | ID = 10 Description = Error - 11.01.2013 11:05:48 | Computer Name = Anne-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 28.12.2012 04:09:47 | Computer Name = Anne-PC | Source = Service Control Manager | ID = 7026 Description = Error - 28.12.2012 05:29:06 | Computer Name = Anne-PC | Source = HTTP | ID = 15016 Description = Error - 28.12.2012 05:29:21 | Computer Name = Anne-PC | Source = Service Control Manager | ID = 7000 Description = Error - 28.12.2012 05:29:21 | Computer Name = Anne-PC | Source = Service Control Manager | ID = 7026 Description = Error - 28.12.2012 05:35:14 | Computer Name = Anne-PC | Source = DCOM | ID = 10005 Description = Error - 28.12.2012 05:35:14 | Computer Name = Anne-PC | Source = Service Control Manager | ID = 7009 Description = Error - 28.12.2012 05:35:14 | Computer Name = Anne-PC | Source = Service Control Manager | ID = 7000 Description = Error - 28.12.2012 12:10:24 | Computer Name = Anne-PC | Source = HTTP | ID = 15016 Description = Error - 28.12.2012 12:10:41 | Computer Name = Anne-PC | Source = Service Control Manager | ID = 7000 Description = Error - 28.12.2012 12:10:41 | Computer Name = Anne-PC | Source = Service Control Manager | ID = 7026 Description = < End of report > |
11.01.2013, 17:25 | #18 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Startfester.com nach Installieren von Vlc.media player? Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren
__________________Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ |
11.01.2013, 21:54 | #19 |
| Startfester.com nach Installieren von Vlc.media player?Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.11.09 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Anne :: ANNE-PC [Administrator] Schutz: Aktiviert 11.01.2013 18:38:57 mbam-log-2013-01-11 (18-38-57).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 192076 Laufzeit: 4 Minute(n), 30 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6844 # api_version=3.0.2 # EOSSerial=766335ea57975645851c81b99b6d76f1 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-01-11 08:48:26 # local_time=2013-01-11 09:48:26 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=5892 16776573 100 100 21937 195470034 0 0 # scanned=387223 # found=0 # cleaned=0 # scan_time=10567 |
11.01.2013, 22:09 | #20 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Startfester.com nach Installieren von Vlc.media player? Sieht soweit ok aus Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
12.01.2013, 14:29 | #21 |
| Startfester.com nach Installieren von Vlc.media player? Danke für die Hilfe, es kommt mir etwas langsamer vor als vor den ganzen scans aber ansonsten nix, meine Virensoftware hat nix weiter gefunden.... Sollen die ganzen exe wie otl adwcleaner etc auf dem >System bleiben??? ich hoffe ja das ich das irgendwann selber alles Checken kann,(wenn ihr wieder neue Schüler nehmt) beworben hab ich mich schon... Macht weiter so mfG Devilspearl |
12.01.2013, 15:56 | #22 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Startfester.com nach Installieren von Vlc.media player? Dann wären wir durch! Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Combofix entfernen: Start/Ausführen (Tastenkombination WIN+R), dort den Befehl combofix /uninstall eintippen und ausführen Mit Hilfe von OTL kannst du auch viele andere Tools entfernen: Starte dazu einfach OTL und klicke auf Bereinigung. Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken. Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Start, Systemsteuerung, Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks findest du hier => Browsers and Plugins - FilePony.de Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
13.01.2013, 14:51 | #23 |
| Startfester.com nach Installieren von Vlc.media player? nachdem ich bei "ausführen" combofix / uninstall eingegeben habe ist combofix gestartet und wieder mit nem scan angefangen soll das so sein kann ich mir eigentlich nicht vorstellen Jetzt wird es ziemlich kurios, combofix stürzt bei erstellen der Log Datei ab, nach Neustart des Systems ist otl verschwunden, ein alter Wiederherstellungspunkt wurde von Windows geladen. hnd GData meldet einen Trojaner in der Exe von gmer.... das ist doch ein program das ich mir von euch geladen hab zur erstellung des beitrags??????? |
13.01.2013, 20:36 | #24 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Startfester.com nach Installieren von Vlc.media player?Zitat:
Zwischen dem / und uninstall darf kein Leerzeichen sein! Da ist nur genau ein Leerzeichen und zwar zwischen combofix und /uninstall! Code:
ATTFilter "combofix /uninstall"
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Startfester.com nach Installieren von Vlc.media player? |
.com, benötige, browser, deinstalliert, entfernt, erstell, erstellt, fenster, gelegt, gelöscht, google, hänge, installieren, installiert, mediaplayer, player, rechner, schnellstartleiste, seite, startbrowser, startseite, sämtliche, threads, troja, trojaner, warum |