|
Plagegeister aller Art und deren Bekämpfung: Startfenster.comWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
03.02.2013, 18:48 | #1 |
| Startfenster.com Hallo, leider hat auch mich vlc.de erwischt und mir startfenster.com aufs Auge gedrückt. Könnte mir bitte jemand helfen? Gruß Norman |
04.02.2013, 01:48 | #2 |
/// Helfer-Team | Startfenster.com1. Schritt Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten. danach: Systemscan mit OTL (bebilderte Anleitung) Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)- Doppelklick auf die OTL.exe
__________________ |
04.02.2013, 09:21 | #3 |
| Startfenster.com Malwarebytes Anti-Malware 1.70.0.1100
__________________www.malwarebytes.org Datenbank Version: v2013.02.04.02 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16466 Sandra :: SANOLI [Administrator] 04.02.2013 08:23:41 mbam-log-2013-02-04 (08-23-41).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 208225 Laufzeit: 4 Minute(n), 21 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) OTL Logfile: Code:
ATTFilter OTL logfile created on: 04.02.2013 08:32:17 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sandra\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16453) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,60 Gb Total Physical Memory | 5,61 Gb Available Physical Memory | 73,85% Memory free 8,72 Gb Paging File | 6,34 Gb Available in Paging File | 72,66% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 585,84 Gb Total Space | 542,87 Gb Free Space | 92,67% Space Free | Partition Type: NTFS Drive D: | 595,91 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive E: | 7,39 Gb Total Space | 0,16 Gb Free Space | 2,20% Space Free | Partition Type: FAT32 Computer Name: SANOLI | User Name: Sandra | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - C:\Users\Sandra\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe (Google Inc.) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) ========== Modules (No Company Name) ========== MOD - C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.138\pepflashplayer.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\libglesv2.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\libegl.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll () MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll () ========== Services (SafeList) ========== SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (McODS) -- C:\Program Files\mcafee\VirusScan\mcods.exe (McAfee, Inc.) SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.) SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe () SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe () SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\Teco\TecoService.exe (TOSHIBA Corporation) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation) SRV:64bit: - (TMachInfo) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (TemproMonitoringService) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) SRV - (McAWFwk) -- c:\PROGRA~1\mcafee\msc\mcawfwk.exe (McAfee, Inc.) SRV - (GFNEXSrv) -- C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe () SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (cfwids) -- C:\Windows\SysNative\Drivers\cfwids.sys (McAfee, Inc.) DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\Drivers\mfewfpk.sys (McAfee, Inc.) DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\Drivers\mferkdet.sys (McAfee, Inc.) DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\Drivers\mfehidk.sys (McAfee, Inc.) DRV:64bit: - (mfeelamk) -- C:\Windows\SysNative\Drivers\mfeelamk.sys (McAfee, Inc.) DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\Drivers\mfefirek.sys (McAfee, Inc.) DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\Drivers\mfeavfk.sys (McAfee, Inc.) DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\Drivers\mfeapfk.sys (McAfee, Inc.) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (RTWlanE) -- C:\Windows\SysNative\Drivers\rtwlane.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\Drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\Drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (Thotkey) -- C:\Windows\SysNative\Drivers\Thotkey.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek ) DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation) DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\Drivers\TVALZ_O.SYS (TOSHIBA Corporation) DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\Drivers\tdcmdpst.sys (TOSHIBA Corporation.) DRV:64bit: - (TVALZFL) -- C:\Windows\SysNative\Drivers\TVALZFL.sys (TOSHIBA Corporation) DRV:64bit: - (RtkBtFilter) -- C:\Windows\SysNative\Drivers\RtkBtfilter.sys (Realtek Microelectronics) DRV:64bit: - (tos_sps64) -- C:\Windows\SysNative\Drivers\tos_sps64.sys (TOSHIBA Corporation) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athrx.sys (Qualcomm Atheros Communications, Inc.) DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\Drivers\HipShieldK.sys (McAfee, Inc.) DRV:64bit: - (tosrfec) -- C:\Windows\SysNative\Drivers\tosrfec.sys (TOSHIBA Corporation) DRV - (PEGAGFN) -- C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys (PEGATRON) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0FBD54AD-A5CD-482E-BCDA-4829A334F008} IE:64bit: - HKLM\..\SearchScopes\{0FBD54AD-A5CD-482E-BCDA-4829A334F008}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0FBD54AD-A5CD-482E-BCDA-4829A334F008} IE - HKLM\..\SearchScopes\{0FBD54AD-A5CD-482E-BCDA-4829A334F008}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-971226063-2243585616-1632550052-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com IE - HKU\S-1-5-21-971226063-2243585616-1632550052-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startfenster.com IE - HKU\S-1-5-21-971226063-2243585616-1632550052-1001\..\SearchScopes,DefaultScope = {0FBD54AD-A5CD-482E-BCDA-4829A334F008} IE - HKU\S-1-5-21-971226063-2243585616-1632550052-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.01.14 19:53:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013.01.14 21:46:08 | 000,000,000 | ---D | M] [2013.01.14 19:54:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sandra\AppData\Roaming\mozilla\Extensions ========== Chrome ========== CHR - homepage: hxxp://google.de/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://google.de/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll CHR - Extension: Google Docs = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Google Mail = C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012.07.26 06:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [] File not found O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [SRS Premium Sound HD] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SRS Labs, Inc.) O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe () O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe File not found O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [ToshibaDynamicIconUtility] C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba) O4 - HKLM..\Run: [TPUReg] C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe (Pegatron Corporation) O4 - HKLM..\Run: [TPUReg(x86)] "C:\Program Files\TOSHIBA\Password Utility\TosPU.exe" /Retimes File not found O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75E9DD28-E8D7-4935-A0C3-5E26C3526419}: DhcpNameServer = 127.0.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6C79A99-9FEE-4516-9358-AE67412F496D}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.) O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.02.04 08:22:06 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Local\Programs [2013.02.04 08:21:06 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Roaming\Malwarebytes [2013.02.04 08:20:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.02.04 08:20:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.02.04 08:20:49 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2013.02.04 08:20:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.02.03 18:16:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2013.01.16 09:26:48 | 003,554,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tquery.dll [2013.01.16 09:26:44 | 002,116,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssrch.dll [2013.01.16 09:26:42 | 002,206,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmcore.dll [2013.01.16 09:26:39 | 002,380,944 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe [2013.01.16 09:26:38 | 002,764,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll [2013.01.16 09:26:37 | 002,115,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe [2013.01.16 09:26:36 | 001,610,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssrch.dll [2013.01.16 09:26:35 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.UI.Immersive.dll [2013.01.16 09:26:34 | 001,841,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dwmcore.dll [2013.01.16 09:26:33 | 001,265,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll [2013.01.16 09:26:32 | 000,579,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\StructuredQuery.dll [2013.01.16 09:26:31 | 001,226,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.UI.Immersive.dll [2013.01.16 09:26:31 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SHCore.dll [2013.01.16 09:26:30 | 000,793,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfplat.dll [2013.01.16 09:26:27 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Networking.dll [2013.01.16 09:26:26 | 001,403,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi [2013.01.16 09:26:25 | 001,267,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe [2013.01.16 09:26:23 | 001,093,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe [2013.01.16 09:26:23 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssph.dll [2013.01.16 09:26:23 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchProtocolHost.exe [2013.01.16 09:26:22 | 001,217,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi [2013.01.16 09:26:21 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfmp4srcsnk.dll [2013.01.16 09:26:20 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SHCore.dll [2013.01.16 09:26:19 | 000,612,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfplat.dll [2013.01.16 09:26:18 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe [2013.01.16 09:26:18 | 000,441,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys [2013.01.16 09:26:17 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Networking.dll [2013.01.16 09:26:16 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\portcls.sys [2013.01.16 09:26:15 | 001,045,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usercpl.dll [2013.01.16 09:26:14 | 000,503,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ci.dll [2013.01.16 09:26:14 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfmp4srcsnk.dll [2013.01.16 09:26:14 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Storage.Compression.dll [2013.01.16 09:26:13 | 000,336,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys [2013.01.16 09:26:13 | 000,058,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dam.sys [2013.01.16 09:26:08 | 000,962,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\usercpl.dll [2013.01.16 09:26:08 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcore6.dll [2013.01.16 09:26:05 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SpaceControl.dll [2013.01.16 09:26:05 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dhcpcore6.dll [2013.01.16 09:26:03 | 000,033,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\battc.sys [2013.01.16 09:26:02 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFilterHost.exe [2013.01.16 09:26:02 | 000,056,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sdstor.sys [2013.01.16 09:26:00 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssph.dll [2013.01.16 09:25:58 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Storage.Compression.dll [2013.01.16 09:25:57 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\input.dll [2013.01.16 09:25:56 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\input.dll [2013.01.16 09:25:54 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcsvc6.dll [2013.01.16 09:25:50 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssvp.dll [2013.01.16 09:25:47 | 000,745,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssvp.dll [2013.01.16 09:25:47 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscntrs.dll [2013.01.16 09:25:47 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\microsoft-windows-pdc.dll [2013.01.16 09:25:45 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PCPKsp.dll [2013.01.16 09:25:43 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll [2013.01.16 09:25:42 | 000,757,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FirewallAPI.dll [2013.01.16 09:25:41 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AppxSip.dll [2013.01.16 09:25:39 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppxSip.dll [2013.01.16 09:25:37 | 001,836,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll [2013.01.16 09:25:37 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SysFxUI.dll [2013.01.16 09:25:36 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssphtb.dll [2013.01.16 09:25:34 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icfupgd.dll [2013.01.16 09:25:34 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BdeUISrv.exe [2013.01.16 09:25:33 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PCPKsp.dll [2013.01.16 09:25:31 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssitlb.dll [2013.01.16 09:25:30 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssitlb.dll [2013.01.16 09:25:29 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssprxy.dll [2013.01.16 09:25:29 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscntrs.dll [2013.01.16 09:25:27 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wfapigp.dll [2013.01.16 09:25:27 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wfapigp.dll [2013.01.16 09:25:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msshooks.dll [2013.01.16 09:25:20 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msshooks.dll [2013.01.16 09:25:17 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\drmk.sys [2013.01.16 09:25:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kbdhebl3.dll [2013.01.16 09:25:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kbdhebl3.dll [2013.01.16 09:23:07 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dskquota.dll [2013.01.16 09:23:02 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dskquota.dll [2013.01.16 09:22:25 | 000,396,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hal.dll [2013.01.16 09:22:03 | 001,172,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfnetsrc.dll [2013.01.16 09:22:02 | 000,929,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfnetsrc.dll [2013.01.16 09:22:02 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfnetcore.dll [2013.01.16 09:22:01 | 000,673,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfmpeg2srcsnk.dll [2013.01.16 09:22:01 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfnetcore.dll [2013.01.16 09:22:01 | 000,513,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfmpeg2srcsnk.dll [2013.01.16 09:21:57 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfasfsrcsnk.dll [2013.01.16 09:21:57 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfasfsrcsnk.dll [2013.01.16 09:21:09 | 005,974,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll [2013.01.16 09:21:08 | 001,096,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpmde.dll [2013.01.16 09:21:07 | 005,088,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll [2013.01.16 09:21:06 | 003,245,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll [2013.01.16 09:21:06 | 001,145,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winmde.dll [2013.01.16 09:21:05 | 002,302,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll [2013.01.16 09:21:03 | 001,122,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Taskmgr.exe [2013.01.16 09:21:02 | 001,027,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Taskmgr.exe [2013.01.16 09:21:01 | 001,536,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\storagewmi.dll [2013.01.16 09:21:00 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WebcamUi.dll [2013.01.16 09:20:59 | 002,033,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll [2013.01.16 09:20:59 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UserLanguagesCpl.dll [2013.01.16 09:20:58 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WebcamUi.dll [2013.01.16 09:20:58 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usbmon.dll [2013.01.16 09:20:57 | 000,891,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\winmde.dll [2013.01.16 09:20:56 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpnapps.dll [2013.01.16 09:20:56 | 000,194,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sdbus.sys [2013.01.16 09:20:55 | 000,329,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys [2013.01.16 09:20:55 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsutil.dll [2013.01.16 09:20:55 | 000,124,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dumpsd.sys [2013.01.16 09:20:54 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UserLanguagesCpl.dll [2013.01.16 09:20:54 | 000,058,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe [2013.01.16 09:20:53 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSDMon.dll [2013.01.16 09:20:53 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wpnapps.dll [2013.01.16 09:20:52 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe [2013.01.16 09:20:52 | 000,027,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rdpvideominiport.sys [2013.01.16 09:20:51 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll [2013.01.16 09:20:50 | 001,217,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\storagewmi.dll [2013.01.16 09:20:50 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe [2013.01.16 09:20:50 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\storewuauth.dll [2013.01.16 09:20:49 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll [2013.01.16 09:20:48 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshwfp.dll [2013.01.16 09:20:45 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FWPUCLNT.DLL [2013.01.16 09:20:45 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL [2013.01.16 09:20:44 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rfxvmt.dll [2013.01.16 09:20:44 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsldr.exe [2013.01.16 09:20:42 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vds_ps.dll [2013.01.16 09:20:42 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vds_ps.dll [2013.01.16 09:20:40 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpudd.dll [2013.01.16 09:20:39 | 000,031,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\BthAvrcpTg.sys [2013.01.16 09:20:39 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\BtaMPM.sys [2013.01.16 09:20:38 | 000,029,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\BthhfHid.sys [2013.01.16 09:20:12 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msctf.dll [2013.01.16 09:20:06 | 006,971,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe [2013.01.16 09:20:06 | 000,488,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys [2013.01.16 09:20:05 | 001,184,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Display.dll [2013.01.16 09:20:04 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys [2013.01.16 09:20:03 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Display.dll [2013.01.16 09:20:03 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DevDispItemProvider.dll [2013.01.16 09:20:03 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidi2c.sys [2013.01.16 09:20:03 | 000,021,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys [2013.01.16 09:20:02 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DevDispItemProvider.dll [2013.01.16 09:20:02 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDKURD.DLL [2013.01.16 09:20:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDKURD.DLL [2013.01.16 09:19:58 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSShared.dll [2013.01.16 09:19:57 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSShared.dll [2013.01.16 09:19:57 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.ApplicationModel.Store.dll [2013.01.16 09:19:57 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll [2013.01.16 09:19:56 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll [2013.01.16 09:19:56 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.ApplicationModel.Store.dll [2013.01.16 09:17:44 | 011,459,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\glcndFilter.dll [2013.01.16 09:17:41 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twinui.dll [2013.01.16 09:17:39 | 008,856,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\twinui.dll [2013.01.16 09:17:35 | 008,552,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\glcndFilter.dll [2013.01.16 09:17:33 | 001,526,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfcore.dll [2013.01.16 09:17:32 | 001,451,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfcore.dll [2013.01.16 09:17:32 | 000,976,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll [2013.01.16 09:17:31 | 001,566,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll [2013.01.16 09:17:29 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll [2013.01.16 09:17:28 | 000,447,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll [2013.01.16 09:17:27 | 000,490,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioEng.dll [2013.01.16 09:17:26 | 000,767,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll [2013.01.16 09:17:25 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\windows\HelpPane.exe [2013.01.16 09:17:25 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ubpm.dll [2013.01.16 09:17:25 | 000,253,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\audiodg.exe [2013.01.16 09:17:24 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll [2013.01.16 09:17:23 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drvstore.dll [2013.01.16 09:17:23 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ubpm.dll [2013.01.16 09:17:22 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUSettingsProvider.dll [2013.01.16 09:17:20 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll [2013.01.16 09:17:19 | 000,549,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvstore.dll [2013.01.16 09:17:19 | 000,445,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBHUB3.SYS [2013.01.16 09:17:19 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Networking.Connectivity.dll [2013.01.16 09:17:18 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\pdc.sys [2013.01.16 09:17:13 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DevicePairing.dll [2013.01.16 09:17:12 | 000,522,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AUDIOKSE.dll [2013.01.16 09:17:12 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanapi.dll [2013.01.16 09:17:11 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanmsm.dll [2013.01.16 09:17:11 | 000,463,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AUDIOKSE.dll [2013.01.16 09:17:11 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dafWCN.dll [2013.01.16 09:17:09 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanmsm.dll [2013.01.16 09:17:09 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhostex.exe [2013.01.16 09:17:08 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlansec.dll [2013.01.16 09:17:08 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bthprops.cpl [2013.01.16 09:17:08 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Networking.Connectivity.dll [2013.01.16 09:17:08 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuaext.dll [2013.01.16 09:17:07 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DevicePairing.dll [2013.01.16 09:17:07 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MFCaptureEngine.dll [2013.01.16 09:17:07 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll [2013.01.16 09:17:06 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bthprops.cpl [2013.01.16 09:17:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe [2013.01.16 09:17:05 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlansec.dll [2013.01.16 09:17:05 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpclip.exe [2013.01.16 09:17:05 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfreadwrite.dll [2013.01.16 09:17:04 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\actxprxy.dll [2013.01.16 09:17:04 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll [2013.01.16 09:17:04 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll [2013.01.16 09:17:03 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll [2013.01.16 09:17:00 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfreadwrite.dll [2013.01.16 09:17:00 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll [2013.01.16 09:16:59 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MFCaptureEngine.dll [2013.01.16 09:16:58 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe [2013.01.16 09:16:58 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe [2013.01.16 09:16:57 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fsquirt.exe [2013.01.16 09:16:57 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanapi.dll [2013.01.16 09:16:56 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioEndpointBuilder.dll [2013.01.16 09:16:54 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WcnApi.dll [2013.01.16 09:16:54 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WcnApi.dll [2013.01.16 09:16:53 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fdWCN.dll [2013.01.16 09:16:53 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll [2013.01.16 09:16:52 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WcnEapAuthProxy.dll [2013.01.16 09:16:51 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wfdprov.dll [2013.01.16 09:16:51 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WcnEapPeerProxy.dll [2013.01.16 09:16:49 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDump.dll [2013.01.16 09:16:49 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wfdprov.dll [2013.01.16 09:16:37 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fxppm.sys [2013.01.16 09:16:36 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wushareduxresources.dll [2013.01.16 09:16:36 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanhlp.dll [2013.01.16 09:16:36 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanhlp.dll [2013.01.16 09:16:26 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iscsilog.dll [2013.01.16 09:10:38 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppXDeploymentServer.dll [2013.01.16 09:10:36 | 000,707,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppXDeploymentExtensions.dll [2013.01.16 09:10:35 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TimeBrokerServer.dll [2013.01.16 09:10:34 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SystemEventsBrokerServer.dll [2013.01.16 09:10:31 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppwinob.dll [2013.01.16 09:07:11 | 002,367,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSService.dll [2013.01.16 09:07:10 | 013,640,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.UI.Xaml.dll [2013.01.16 09:06:52 | 003,265,256 | ---- | C] (Broadcom Corporation) -- C:\windows\SysNative\drivers\evbda.sys [2013.01.16 09:06:45 | 014,259,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll [2013.01.16 09:06:44 | 010,791,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.UI.Xaml.dll [2013.01.16 09:06:35 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WpcMon.exe [2013.01.16 09:06:30 | 003,847,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll [2013.01.16 09:06:27 | 003,964,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSAT.exe [2013.01.16 09:06:25 | 011,875,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll [2013.01.16 09:06:22 | 000,533,224 | ---- | C] (Broadcom Corporation) -- C:\windows\SysNative\drivers\bxvbda.sys [2013.01.16 09:06:18 | 001,513,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vssapi.dll [2013.01.16 09:06:15 | 001,825,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll [2013.01.16 09:06:11 | 001,739,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RacEngn.dll [2013.01.16 09:06:11 | 001,019,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.dll [2013.01.16 09:06:09 | 002,219,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll [2013.01.16 09:06:08 | 001,304,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Media.Streaming.dll [2013.01.16 09:06:07 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uDWM.dll [2013.01.16 09:06:06 | 000,389,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MMDevAPI.dll [2013.01.16 09:06:05 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\provcore.dll [2013.01.16 09:06:01 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll [2013.01.16 09:05:57 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlroamextension.dll [2013.01.16 09:05:55 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSATAPI.dll [2013.01.16 09:05:49 | 000,995,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Media.Streaming.dll [2013.01.16 09:05:47 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apphelp.dll [2013.01.16 09:05:46 | 001,590,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll [2013.01.16 09:05:46 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MFMediaEngine.dll [2013.01.16 09:05:46 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IPHLPAPI.DLL [2013.01.16 09:05:44 | 000,709,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MsSpellCheckingFacility.dll [2013.01.16 09:05:43 | 001,743,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\combase.dll [2013.01.16 09:05:43 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MFPlay.dll [2013.01.16 09:05:38 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnsapi.dll [2013.01.16 09:05:38 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WWAHost.exe [2013.01.16 09:05:34 | 000,866,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinTypes.dll [2013.01.16 09:05:33 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fveapi.dll [2013.01.16 09:05:32 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rascfg.dll [2013.01.16 09:05:31 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskeng.exe [2013.01.16 09:05:31 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlidcredprov.dll [2013.01.16 09:05:30 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfsvr.dll [2013.01.16 09:05:29 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfsrcsnk.dll [2013.01.16 09:05:29 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rascfg.dll [2013.01.16 09:05:27 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcdsrv.dll [2013.01.16 09:05:25 | 000,337,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBXHCI.SYS [2013.01.16 09:05:25 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpnprv.dll [2013.01.16 09:05:24 | 001,400,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\propsys.dll [2013.01.16 09:05:24 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll [2013.01.16 09:05:21 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VAN.dll [2013.01.16 09:05:21 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlroamextension.dll [2013.01.16 09:05:21 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WinSATAPI.dll [2013.01.16 09:05:19 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSClient.dll [2013.01.16 09:05:17 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\services.exe [2013.01.16 09:05:15 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fveapibase.dll [2013.01.16 09:05:10 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appwiz.cpl [2013.01.16 09:05:10 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bisrv.dll [2013.01.16 09:05:09 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MFMediaEngine.dll [2013.01.16 09:05:06 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psmsrv.dll [2013.01.16 09:05:02 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSSync.dll [2013.01.16 09:05:01 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fhengine.dll [2013.01.16 09:05:01 | 000,028,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\msgpiowin32.sys [2013.01.16 09:05:00 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSClient.dll [2013.01.16 09:04:57 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WWAHost.exe [2013.01.16 09:04:57 | 000,120,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\msgpioclx.sys [2013.01.16 09:04:56 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PackageStateRoaming.dll [2013.01.16 09:04:55 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MFPlay.dll [2013.01.16 09:04:55 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSSync.dll [2013.01.16 09:04:54 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\appwiz.cpl [2013.01.16 09:04:51 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpncore.dll [2013.01.16 09:04:51 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmredir.dll [2013.01.16 09:04:50 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RacEngn.dll [2013.01.16 09:04:49 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TpmTasks.dll [2013.01.16 09:04:48 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Networking.BackgroundTransfer.dll [2013.01.16 09:04:47 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ProximityService.dll [2013.01.16 09:04:45 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PackageStateRoaming.dll [2013.01.16 09:04:44 | 000,256,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvproc.dll [2013.01.16 09:04:43 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\provcore.dll [2013.01.16 09:04:43 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setbcdlocale.dll [2013.01.16 09:04:39 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\twinapi.dll [2013.01.16 09:04:39 | 000,027,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\avrt.dll [2013.01.16 09:04:37 | 000,480,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\VAN.dll [2013.01.16 09:04:36 | 001,247,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\combase.dll [2013.01.16 09:04:36 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\microsoft-windows-kernel-power-events.dll [2013.01.16 09:04:34 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfsrcsnk.dll [2013.01.16 09:04:34 | 000,062,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dumpfve.sys [2013.01.16 09:04:32 | 002,007,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\batmeter.dll [2013.01.16 09:04:31 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS [2013.01.16 09:04:31 | 000,148,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tpm.sys [2013.01.16 09:04:30 | 002,016,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\batmeter.dll [2013.01.16 09:04:30 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SettingSyncHost.exe [2013.01.16 09:04:30 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\perfdisk.dll [2013.01.16 09:04:27 | 000,303,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys [2013.01.16 09:04:26 | 000,212,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\UCX01000.SYS [2013.01.16 09:04:23 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WinTypes.dll [2013.01.16 09:04:22 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perfdisk.dll [2013.01.16 09:04:21 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\svchost.exe [2013.01.16 09:04:18 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfsvr.dll [2013.01.16 09:04:16 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlidcredprov.dll [2013.01.16 09:04:14 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fhevents.dll [2013.01.16 09:04:06 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll [2013.01.16 09:04:05 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\user32.dll [2013.01.16 09:03:58 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll [2013.01.16 09:03:55 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvproc.dll [2013.01.16 09:03:55 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\perfnet.dll [2013.01.16 09:03:54 | 000,437,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfh264enc.dll [2013.01.16 09:03:54 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SettingSyncHost.exe [2013.01.16 09:03:49 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfh264enc.dll [2013.01.16 09:03:48 | 000,627,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpksetup.exe [2013.01.16 09:03:47 | 000,699,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twinapi.dll [2013.01.16 09:03:47 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DevPropMgr.dll [2013.01.16 09:03:46 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwm.exe [2013.01.16 09:03:44 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvinst.exe [2013.01.16 09:03:42 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fhcfg.dll [2013.01.16 09:03:41 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drvinst.exe [2013.01.16 09:03:37 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll [2013.01.16 09:03:37 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DAFWSD.dll [2013.01.16 09:03:36 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll [2013.01.16 09:03:36 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perfnet.dll [2013.01.16 09:03:35 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fhsrchapi.dll [2013.01.16 09:03:34 | 001,701,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll [2013.01.16 09:03:33 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll [2013.01.16 09:03:33 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\perfos.dll [2013.01.16 09:03:32 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll [2013.01.16 09:03:31 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fhcat.dll [2013.01.16 09:03:30 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fhsvc.dll [2013.01.16 09:03:26 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpremove.exe [2013.01.16 09:03:25 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll [2013.01.16 09:03:24 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptdlg.dll [2013.01.16 09:03:23 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fhshl.dll [2013.01.16 09:03:23 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rasdiag.dll [2013.01.16 09:03:23 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rasdiag.dll [2013.01.16 09:03:22 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fhmanagew.exe [2013.01.16 09:03:22 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fhlisten.dll [2013.01.16 09:03:22 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptdlg.dll [2013.01.16 09:03:21 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fhcleanup.dll [2013.01.16 09:03:20 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vsstrace.dll [2013.01.16 09:03:19 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fhsrchph.dll [2013.01.16 09:03:17 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fhtask.dll [2013.01.16 09:03:17 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sdbinst.exe [2013.01.16 09:03:17 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sdbinst.exe [2013.01.16 09:03:14 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ndptsp.tsp [2013.01.16 09:03:14 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rasmxs.dll [2013.01.16 09:03:13 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rasmxs.dll [2013.01.16 09:03:12 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fhautoplay.dll [2013.01.16 09:03:11 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rasser.dll [2013.01.16 09:03:10 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ndptsp.tsp [2013.01.16 09:03:09 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\perfctrs.dll [2013.01.16 09:03:09 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perfctrs.dll [2013.01.16 09:03:09 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rasser.dll [2013.01.16 09:03:08 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\perfproc.dll [2013.01.16 09:03:08 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perfproc.dll [2013.01.16 09:03:08 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\perfos.dll [2013.01.16 09:03:05 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kmddsp.tsp [2013.01.16 09:03:05 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kmddsp.tsp [2013.01.16 09:03:05 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll [2013.01.16 09:03:04 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fhsvcctl.dll [2013.01.16 09:03:02 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eventcls.dll [2013.01.16 09:03:01 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\eventcls.dll [2013.01.16 09:03:00 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\LangCleanupSysprepAction.dll [2013.01.16 09:02:59 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MUILanguageCleanup.dll [2013.01.16 09:02:53 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwmp.dll [2013.01.16 09:02:53 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\spwmp.dll [2013.01.16 09:02:53 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpksetupproxyserv.dll [2013.01.16 09:02:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shimeng.dll [2013.01.16 09:02:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdxm.ocx [2013.01.16 09:02:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxmasf.dll [2013.01.16 09:02:46 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdxm.ocx [2013.01.16 09:02:46 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxmasf.dll [2013.01.16 09:02:43 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll [2013.01.16 09:02:38 | 009,374,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmploc.DLL [2013.01.16 09:02:37 | 009,374,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL [2013.01.16 09:01:19 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\newdev.dll [2013.01.16 09:01:18 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\newdev.dll [2013.01.16 09:01:16 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\newdev.exe [2013.01.16 09:01:15 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ndadmin.exe [2013.01.16 09:01:15 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\newdev.exe [2013.01.16 09:01:15 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ndadmin.exe [2013.01.16 09:01:12 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanprotdim.dll [2013.01.14 23:00:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2013.01.14 21:48:02 | 000,695,640 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe [2013.01.14 21:48:02 | 000,080,728 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl [2013.01.14 21:36:36 | 000,000,000 | R--D | C] -- C:\windows\BrowserChoice [2013.01.14 20:51:54 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Roaming\OpenOffice.org [2013.01.14 20:48:23 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2013.01.14 20:47:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2013.01.14 19:54:50 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Roaming\Mozilla [2013.01.14 19:54:17 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Roaming\Thunderbird [2013.01.14 19:54:17 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Local\Thunderbird [2013.01.14 19:54:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.01.14 19:54:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013.01.14 19:53:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2013.01.14 15:43:00 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\synceng.dll [2013.01.14 15:43:00 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\synceng.dll [2013.01.14 15:30:45 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcr100_clr0400.dll [2013.01.14 15:25:46 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcr100_clr0400.dll [2013.01.14 15:14:10 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tssdisai.dll [2013.01.14 15:14:09 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appserverai.dll [2013.01.14 15:14:09 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RDWebAI.dll [2013.01.14 15:14:08 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VmHostAI.dll [2013.01.14 15:14:01 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe [2013.01.14 15:14:01 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe [2013.01.14 15:13:46 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcadm.dll [2013.01.14 15:13:46 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcalua.exe [2013.01.14 15:13:46 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcaevts.dll [2013.01.14 15:13:41 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnet.dll [2013.01.14 15:13:41 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnet.dll [2013.01.14 15:13:40 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnsvr.exe [2013.01.14 15:13:40 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnsvr.exe [2013.01.14 15:13:39 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnathlp.dll [2013.01.14 15:13:39 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnathlp.dll [2013.01.14 15:13:39 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnhupnp.dll [2013.01.14 15:13:39 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnhpast.dll [2013.01.14 15:13:38 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnhupnp.dll [2013.01.14 15:13:38 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnhpast.dll [2013.01.14 15:13:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnlobby.dll [2013.01.14 15:13:36 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnaddr.dll [2013.01.14 15:13:35 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnlobby.dll [2013.01.14 15:13:35 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnaddr.dll [2013.01.14 15:13:08 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncryptsslp.dll [2013.01.14 15:13:08 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncryptsslp.dll [2013.01.14 15:11:24 | 001,009,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\reseteng.dll [2013.01.14 15:11:24 | 000,945,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\resetengmig.dll [2013.01.14 15:11:24 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ReAgent.dll [2013.01.14 15:11:24 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgent.dll [2013.01.14 15:11:23 | 002,893,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msmpeg2vdec.dll [2013.01.14 15:11:23 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysreset.exe [2013.01.14 15:11:22 | 002,400,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msmpeg2vdec.dll [2013.01.14 15:11:19 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ReAgentc.exe [2013.01.14 15:11:18 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgentc.exe [2013.01.14 15:03:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml6r.dll [2013.01.14 15:03:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml6r.dll [2013.01.14 15:03:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll [2013.01.14 15:03:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll [2013.01.14 15:02:58 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll [2013.01.14 15:02:57 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll [2013.01.14 15:02:57 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll [2013.01.14 15:02:57 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll [2013.01.14 15:02:56 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll [2013.01.14 15:02:56 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll [2013.01.14 15:02:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll [2013.01.14 15:02:56 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll [2013.01.14 14:41:17 | 003,966,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2013.01.14 14:41:12 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxtheme.dll [2013.01.14 14:41:11 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll [2013.01.14 14:41:09 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe [2013.01.14 14:41:07 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll [2013.01.14 14:41:07 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll [2013.01.14 14:41:06 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2013.01.14 14:41:05 | 000,854,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2013.01.14 14:41:05 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UXInit.dll [2013.01.14 14:41:05 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll [2013.01.14 14:41:05 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll [2013.01.14 14:41:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll [2013.01.14 14:41:04 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UXInit.dll [2013.01.14 14:41:03 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll [2013.01.13 10:54:33 | 000,196,440 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\HipShieldK.sys [2013.01.13 10:22:06 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Roaming\vlc [2013.01.13 10:21:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013.01.13 10:21:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2013.01.11 22:31:12 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Roaming\Macromedia [2013.01.11 21:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\fotobuch.de AG [2013.01.11 21:54:18 | 000,000,000 | ---D | C] -- C:\Users\Sandra\Documents\Designer Files [2013.01.11 21:53:01 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Roaming\fotobuch.de AG [2013.01.11 21:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fotobuch.de [2013.01.11 21:48:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\fotobuch.de [2013.01.11 21:48:22 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\artworks [2013.01.11 21:01:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.01.11 20:59:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013.01.11 20:59:25 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Local\Google [2013.01.11 20:54:06 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Local\Deployment [2013.01.11 20:54:06 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Local\Apps [2013.01.11 20:32:12 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Roaming\sMedio [2013.01.11 20:27:57 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Roaming\ATI [2013.01.11 20:27:57 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Local\ATI [2013.01.11 20:24:18 | 000,000,000 | ---D | C] -- C:\ProgramData\ToshibaEurope [2013.01.11 20:23:21 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Roaming\Toshiba [2013.01.11 20:22:43 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Local\TOSHIBA [2013.01.11 20:22:41 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Local\SRS Labs [2013.01.11 20:21:36 | 000,000,000 | R--D | C] -- C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.01.11 20:21:36 | 000,000,000 | R--D | C] -- C:\Users\Sandra\Searches [2013.01.11 20:21:36 | 000,000,000 | R--D | C] -- C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.01.11 20:21:35 | 000,000,000 | R--D | C] -- C:\Users\Sandra\Contacts [2013.01.11 20:21:23 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Roaming\Adobe [2013.01.11 20:18:15 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Local\VirtualStore [2013.01.11 20:17:57 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Local\Packages [2013.01.11 20:15:52 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution [2013.01.11 20:15:40 | 000,000,000 | -HSD | C] -- C:\Users\Sandra\Vorlagen [2013.01.11 20:15:40 | 000,000,000 | -HSD | C] -- C:\Users\Sandra\AppData\Local\Verlauf [2013.01.11 20:15:40 | 000,000,000 | -HSD | C] -- C:\Users\Sandra\AppData\Local\Temporary Internet Files [2013.01.11 20:15:40 | 000,000,000 | -HSD | C] -- C:\Users\Sandra\Startmenü [2013.01.11 20:15:40 | 000,000,000 | -HSD | C] -- C:\Users\Sandra\SendTo [2013.01.11 20:15:40 | 000,000,000 | -HSD | C] -- C:\Users\Sandra\Recent [2013.01.11 20:15:40 | 000,000,000 | -HSD | C] -- C:\Users\Sandra\Netzwerkumgebung [2013.01.11 20:15:40 | 000,000,000 | -HSD | C] -- C:\Users\Sandra\Lokale Einstellungen [2013.01.11 20:15:40 | 000,000,000 | -HSD | C] -- C:\Users\Sandra\Documents\Eigene Videos [2013.01.11 20:15:40 | 000,000,000 | -HSD | C] -- C:\Users\Sandra\Documents\Eigene Musik [2013.01.11 20:15:40 | 000,000,000 | -HSD | C] -- C:\Users\Sandra\Eigene Dateien [2013.01.11 20:15:40 | 000,000,000 | -HSD | C] -- C:\Users\Sandra\Documents\Eigene Bilder [2013.01.11 20:15:40 | 000,000,000 | -HSD | C] -- C:\Users\Sandra\Druckumgebung [2013.01.11 20:15:40 | 000,000,000 | -HSD | C] -- C:\Users\Sandra\Cookies [2013.01.11 20:15:40 | 000,000,000 | -HSD | C] -- C:\Users\Sandra\AppData\Local\Anwendungsdaten [2013.01.11 20:15:40 | 000,000,000 | -HSD | C] -- C:\Users\Sandra\Anwendungsdaten [2013.01.11 20:15:39 | 000,000,000 | --SD | C] -- C:\Users\Sandra\AppData\Roaming\Microsoft [2013.01.11 20:15:39 | 000,000,000 | R--D | C] -- C:\Users\Sandra\Videos [2013.01.11 20:15:39 | 000,000,000 | R--D | C] -- C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2013.01.11 20:15:39 | 000,000,000 | R--D | C] -- C:\Users\Sandra\Saved Games [2013.01.11 20:15:39 | 000,000,000 | R--D | C] -- C:\Users\Sandra\Pictures [2013.01.11 20:15:39 | 000,000,000 | R--D | C] -- C:\Users\Sandra\Music [2013.01.11 20:15:39 | 000,000,000 | R--D | C] -- C:\Users\Sandra\Links [2013.01.11 20:15:39 | 000,000,000 | R--D | C] -- C:\Users\Sandra\Favorites [2013.01.11 20:15:39 | 000,000,000 | R--D | C] -- C:\Users\Sandra\Downloads [2013.01.11 20:15:39 | 000,000,000 | R--D | C] -- C:\Users\Sandra\Documents [2013.01.11 20:15:39 | 000,000,000 | R--D | C] -- C:\Users\Sandra\Desktop [2013.01.11 20:15:39 | 000,000,000 | R--D | C] -- C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.01.11 20:15:39 | 000,000,000 | R--D | C] -- C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2013.01.11 20:15:39 | 000,000,000 | -H-D | C] -- C:\Users\Sandra\AppData [2013.01.11 20:15:39 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Local\Temp [2013.01.11 20:15:39 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Local\Microsoft [2013.01.11 20:15:39 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance ========== Files - Modified Within 30 Days ========== [2013.02.04 08:22:23 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.02.04 08:10:46 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013.02.03 21:04:46 | 000,001,120 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013.02.03 21:04:22 | 000,001,124 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013.02.03 18:16:01 | 000,001,839 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk [2013.01.29 16:47:32 | 004,568,320 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2013.01.29 16:47:32 | 000,790,022 | ---- | M] () -- C:\windows\SysNative\perfh00C.dat [2013.01.29 16:47:32 | 000,785,550 | ---- | M] () -- C:\windows\SysNative\perfh013.dat [2013.01.29 16:47:32 | 000,780,976 | ---- | M] () -- C:\windows\SysNative\perfh010.dat [2013.01.29 16:47:32 | 000,753,134 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2013.01.29 16:47:32 | 000,710,244 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2013.01.29 16:47:32 | 000,158,586 | ---- | M] () -- C:\windows\SysNative\perfc013.dat [2013.01.29 16:47:32 | 000,155,826 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2013.01.29 16:47:32 | 000,155,084 | ---- | M] () -- C:\windows\SysNative\perfc00C.dat [2013.01.29 16:47:32 | 000,152,608 | ---- | M] () -- C:\windows\SysNative\perfc010.dat [2013.01.29 16:47:32 | 000,132,614 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2013.01.21 10:40:45 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.01.21 10:40:29 | 2231,984,127 | -HS- | M] () -- C:\hiberfil.sys [2013.01.16 16:20:12 | 000,013,857 | ---- | M] () -- C:\Users\Sandra\Documents\Basar Frühjahr Sommer.ods [2013.01.16 15:33:21 | 000,046,562 | ---- | M] () -- C:\Users\Sandra\Documents\Faschingsunterlagen.pdf [2013.01.16 15:32:40 | 000,014,511 | ---- | M] () -- C:\Users\Sandra\Documents\Faschingsunterlagen.ods [2013.01.14 20:52:19 | 000,001,246 | ---- | M] () -- C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013.01.14 20:48:24 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2013.01.14 19:54:05 | 000,002,097 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2013.01.13 10:21:58 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.01.12 14:56:21 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf [2013.01.11 22:10:13 | 000,000,050 | ---- | M] () -- C:\Users\Sandra\Desktop\Facebook.url [2013.01.11 21:52:57 | 000,002,086 | ---- | M] () -- C:\Users\Sandra\Desktop\Designer 2.0.lnk [2013.01.11 21:01:46 | 000,002,266 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.01.11 20:26:59 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf ========== Files Created - No Company Name ========== [2013.02.04 08:20:52 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.16 16:20:11 | 000,013,857 | ---- | C] () -- C:\Users\Sandra\Documents\Basar Frühjahr Sommer.ods [2013.01.16 15:33:18 | 000,046,562 | ---- | C] () -- C:\Users\Sandra\Documents\Faschingsunterlagen.pdf [2013.01.16 14:14:18 | 000,014,511 | ---- | C] () -- C:\Users\Sandra\Documents\Faschingsunterlagen.ods [2013.01.16 09:17:20 | 000,385,604 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml [2013.01.16 09:03:19 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll [2013.01.16 09:03:18 | 000,110,592 | ---- | C] () -- C:\windows\SysNative\OEMLicense.dll [2013.01.14 20:52:19 | 000,001,246 | ---- | C] () -- C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013.01.14 20:48:24 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2013.01.14 19:54:05 | 000,002,097 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2013.01.14 19:54:04 | 000,002,109 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2013.01.13 10:21:58 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.01.12 14:56:21 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf [2013.01.11 22:10:13 | 000,000,050 | ---- | C] () -- C:\Users\Sandra\Desktop\Facebook.url [2013.01.11 21:52:57 | 000,002,086 | ---- | C] () -- C:\Users\Sandra\Desktop\Designer 2.0.lnk [2013.01.11 21:01:46 | 000,002,266 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.01.11 20:59:42 | 000,001,124 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013.01.11 20:59:42 | 000,001,120 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013.01.11 20:26:59 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf [2013.01.11 20:21:23 | 000,001,449 | ---- | C] () -- C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.11.29 20:28:42 | 000,451,072 | ---- | C] () -- C:\windows\SysWow64\ISSRemoveSP.exe [2012.11.29 20:28:17 | 000,037,820 | ---- | C] () -- C:\windows\rlt8723a_chip_bt40_fw_asic_rom_patch.dll [2012.11.29 20:22:17 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin [2012.08.08 09:10:24 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat [2012.08.08 09:10:24 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat [2012.07.26 09:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat [2012.07.26 09:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT [2012.07.26 08:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat [2012.07.26 02:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll [2012.07.25 21:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2012.07.25 21:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll [2012.06.02 15:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat [2012.05.11 01:35:16 | 000,029,184 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll [2011.09.12 17:06:18 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.11.06 05:19:27 | 019,789,824 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.11.06 05:20:00 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
04.02.2013, 09:25 | #4 |
| Startfenster.com OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 04.02.2013 08:32:18 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sandra\Downloads 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16453) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,60 Gb Total Physical Memory | 5,61 Gb Available Physical Memory | 73,85% Memory free 8,72 Gb Paging File | 6,34 Gb Available in Paging File | 72,66% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 585,84 Gb Total Space | 542,87 Gb Free Space | 92,67% Space Free | Partition Type: NTFS Drive D: | 595,91 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive E: | 7,39 Gb Total Space | 0,16 Gb Free Space | 2,20% Space Free | Partition Type: FAT32 Computer Name: SANOLI | User Name: Sandra | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-971226063-2243585616-1632550052-1001\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\fotobuch.de\Designer 2.0\Designer.exe" = C:\Program Files (x86)\fotobuch.de\Designer 2.0\Designer.exe:*:Designer.exe -- () "C:\Program Files (x86)\fotobuch.de\Designer 2.0\Designer.exe" = C:\Program Files (x86)\fotobuch.de\Designer 2.0\Designer.exe:*:Designer.exe -- () ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0EA66518-83FC-4DB9-A1DB-5B9C43F516C2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{168FB12D-4732-40F0-958C-682418053F7F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{20FE6035-306A-43DF-89E9-0624BF6F078A}" = rport=137 | protocol=17 | dir=out | app=system | "{3A8FA59E-EA72-4737-8959-AC964DDE252D}" = lport=138 | protocol=17 | dir=in | app=system | "{4B599361-72A4-4EC5-85CD-775558DF76D8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{4F51DD27-6EF4-46E5-9E04-1DE32727526D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{56B6E7A2-22B0-4988-9CA9-D24BFEBFA93A}" = rport=138 | protocol=17 | dir=out | app=system | "{68AE7531-012F-4B35-B377-5E41531D9518}" = lport=2869 | protocol=6 | dir=in | app=system | "{6E29FDC9-A2CA-4C5A-A604-F8A036939FF8}" = lport=137 | protocol=17 | dir=in | app=system | "{6E4378AD-D1E4-43E0-8D6E-93C3C0B4C3CD}" = lport=139 | protocol=6 | dir=in | app=system | "{6FB666AE-F7D5-4142-B260-AE20B3FDD566}" = lport=10243 | protocol=6 | dir=in | app=system | "{70095479-3229-4FCD-AE91-11003A7130CE}" = lport=445 | protocol=6 | dir=in | app=system | "{829AC5BF-C313-428B-9A1E-278B1D28C466}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{84BFF7B8-53C8-438B-9FC2-B32A65452F80}" = rport=445 | protocol=6 | dir=out | app=system | "{91286B8A-39C3-4587-8712-245DED5723C4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{94A4410B-B364-40FF-A4CE-FC9FC0B3B6AF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{9E832979-173E-4CBC-BB07-93EFD4F04B7F}" = rport=139 | protocol=6 | dir=out | app=system | "{AEE13FF0-58A1-481A-961B-2902F2D6B1C3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{C008F4CE-D755-4EE8-AED9-3A0511DB178B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C45494FC-78F5-4E2B-BE65-1EE9027185C4}" = rport=10243 | protocol=6 | dir=out | app=system | "{FF33DFB6-8118-42CD-923A-7C5C4673CDCF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0F86F6B1-B760-41FF-801D-CACE3386CE0A}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | "{103CFC3D-B91F-434A-9111-2948C2B1DFEE}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{150B7C29-B796-4B06-96A7-5D9700F7E629}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1F846373-672E-45B9-8685-E78003348672}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{2323EE62-0BF7-4FD7-AA0C-A5EDD5A80274}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{24C3DB9B-ADAA-4076-AC3C-ADF0DAD2CCF6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2508EDCC-7D98-403E-AE2A-297D8717960A}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{250ABD47-E336-4418-86E0-B2A47792A7BA}" = dir=out | name=windows_ie_ac_001 | "{2982CF1B-FB78-469F-9EFC-B20D8764765E}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | "{2F983B8A-C3DD-483D-9203-E2EE3BE023C1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{312977D5-A3B3-4CE0-A4C7-AF868412B050}" = dir=in | name=evernote | "{36678D86-20CC-40F9-A121-08CDFF928217}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | "{3AF72E53-BEB6-4A28-B0EC-DCA681646503}" = dir=out | name=toshiba media player by smedio truelink+ | "{3C6802E2-EE04-4EC9-8F0C-31ED3FA7EE16}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe | "{3C8863E6-D684-48CC-A312-6D10BA574A78}" = protocol=6 | dir=out | app=system | "{3E74F184-252A-4268-B290-ABF0CEED3B8C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{42AD4ECB-E461-4BB3-9625-5ED164D2B0E5}" = dir=out | name=- games app - | "{467A7038-FD2B-45F9-B771-0FA0DF150046}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{480B174A-1D3E-42D8-B602-EFC96270BDF4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{492F6112-3CB1-49FF-8379-D55697135CEE}" = dir=out | name=fresh paint | "{4AE5EAD3-AAD1-4B44-A7DB-86BE845DEF97}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{4C34C944-310B-4EBF-8DB6-F5609D8B31DA}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | "{4F44F680-A7D2-485A-A1AF-1BD57769F83F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{50E87B11-CA5D-468B-A876-6BD1BA7BB35D}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{5120F470-E1A5-4C1D-B455-E487F507E944}" = dir=out | name=skype | "{51F336D6-0002-4921-AEF5-527DAD4DF95C}" = dir=out | name=ebay | "{52D265E3-C240-4D86-B0B8-59F0EA8D8FD7}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{57D8A14C-F230-47FD-916D-36AA46163B07}" = dir=out | name=evernote | "{696E9B7B-44FB-4B45-A9EF-810C30B07252}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{6A06C73F-1EF8-4A57-9DF7-A001C793CC58}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{6F54DA9C-09AD-4DA3-B59D-DC25D19F31E8}" = dir=in | name=toshiba media player by smedio truelink+ | "{71DAA1B7-0EEF-4F24-B46F-4FBD1594B93A}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{77715800-72CF-4B30-AA01-EEF6316156F1}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{7792430A-4096-4102-86A9-A18818A289B3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{77D29941-1631-42D7-9AC0-E005BDA22313}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{796B7BE8-023F-4649-A6F2-A18EC4B1BF05}" = dir=in | name=ebay | "{79957303-2884-4BA0-ADA1-48D560B78FB8}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | "{7F441B7E-2504-4E17-9886-ECA8E815E236}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{80A43CEF-75BA-430B-8921-76CEAF637C6E}" = dir=out | name=mcafee security advisor for toshiba | "{8620467B-5491-4FAD-A60F-AB1613C8C281}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{941ED60E-FB87-4901-B5CD-3390D30BEA8F}" = dir=in | name=skype | "{97B6572D-67C5-478A-BF6F-5C745BF97ACA}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | "{9977E009-3DBC-43FC-AEF3-5145009541B5}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{9AF7DCE2-B394-4E24-B263-38E5D879581E}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{9E8E4378-4E7D-4432-8E96-4BD2F25C61E4}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe | "{A644BC59-9C0F-456E-9F94-061FCA7A2F7C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{A7D23C1A-999E-4D7C-B771-D2BABF2E945D}" = dir=out | name=microsoft solitaire collection | "{B0071D90-A0BA-489A-8806-EC487DD35EC9}" = dir=in | name=amazon for windows | "{B27DC921-8F80-4AE7-8EF4-0CB62BDB480F}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{B59D158B-99E6-48A0-8D86-F4AC725473F2}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{B6021454-3855-4520-884D-26C4308FEDE1}" = dir=out | name=amazon for windows | "{C2ACF4CC-6561-4426-97D7-69CAB3B6E4A6}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | "{C88CB867-0E22-4FE4-8507-A1654C0C66F8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{C9291E15-9D70-46A7-9408-78ADB46926BA}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{CD8D9696-619E-4A96-AFE2-A1633D51DF9A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{CD9C33A7-4156-4F24-B34B-3FC7825C6BDA}" = dir=out | name=toshiba places | "{D332F96D-3BC1-4522-9BD3-581F23C43003}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{D35F1FA7-4ACD-4532-9296-0DE2497DE45D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{EA10303B-DD84-47C9-87C8-6C3AC2B7FB86}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F5B96E2B-F84A-477A-A0CE-45349BB1209A}" = dir=out | name=skitch | "{F86D952F-719E-4F31-9793-34E7A0A5A9ED}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{F9550837-09B1-448A-AFD7-498D9580CA21}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{16562A90-71BC-41A0-B890-D91B0C267120}" = TOSHIBA Function Key "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{5944B9D4-3C2A-48DE-931E-26B31714A2F7}" = TOSHIBA eco Utility "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8DE47BBC-F471-6960-2FAB-13D8983397C5}" = AMD Catalyst Install Manager "{8E7CCFB3-4102-6A32-8C4F-202B7AB7C8E3}" = AMD Accelerated Video Transcoding "{94F03B8E-CB73-4653-AFE9-79112C01FED2}" = Premium Sound HD "{95CCACF0-010D-45F0-82BF-858643D8BC02}" = TOSHIBA Desktop Assist "{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor "{A071E5FE-C9BA-0DCB-8722-8500004F9304}" = ccc-utility64 "{B8C8422F-01F1-4791-B084-047AAFF9BFCC}" = TOSHIBA Service Station "{C991A8C4-307C-4FDD-8AAE-A1BF44881E95}" = Toshiba Places Icon Utility "{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64 "{FF07604E-C860-40E9-A230-E37FA41F103A}" = TOSHIBA VIDEO PLAYER "57F58DC141BEB353704E041792E5B00606694FEA" = Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth (07/11/2012 2.3.13.3) "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0071820F-09B0-4998-8320-F89629DCBC99}" = Nero BackItUp "{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media "{05A55927-DB9B-4E26-BA44-828EBFF829F0}" = TOSHIBA System Settings "{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM) "{07BCE548-3F4B-7755-56DA-D48ABEA1C495}" = CCC Help Swedish "{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM) "{0B807A4C-9C30-813D-A0CA-EAB53CAFE2A5}" = CCC Help Russian "{0CC0980D-811D-43B8-A455-8D150EB5BC0D}" = Realtek Bluetooth Filter Driver Package "{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}" = Nero Launcher "{1001266B-D4BB-46D9-B023-2612A8CE3A31}" = Nero BurnRights "{158A29A7-EDBD-F732-FA4F-966D77F54863}" = CCC Help German "{162851FA-B8FC-2DBF-0AB1-432EDFB9E311}" = CCC Help Chinese Standard "{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic "{1E6A96A1-2BAB-43EF-8087-30437593C66C}" = TOSHIBA System Driver "{1EC5E39E-ECEE-2433-5F9C-F6BB5D81E0F3}" = CCC Help Dutch "{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM) "{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1 "{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs "{24D38277-CE6E-4E12-A2EE-F46832A4FA2F}" = Catalyst Control Center - Branding "{27097D4A-8146-4B79-D157-4871F5AFBBA2}" = CCC Help Norwegian "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer "{3C66507C-38BA-F30D-8193-49ACC455AC20}" = CCC Help Spanish "{3DD893E2-ED51-EBEF-A8EC-AC0EFBA6F124}" = CCC Help Italian "{44BF2578-5228-88C6-DB9E-F55F6CB7DF05}" = CCC Help Turkish "{450E48EF-A565-5D5F-05F2-695C2AEEBFFB}" = CCC Help Greek "{4780F387-6962-2A7A-2816-9F5DCD50B350}" = CCC Help French "{54D36E85-E3C0-85F3-A6F3-FC927823135A}" = Catalyst Control Center InstallProxy "{59776556-45C9-0D23-5C4E-734C5E5FC2F3}" = CCC Help Korean "{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}" = Nero Blu-ray Player Help (CHM) "{5DAF0789-3F9E-3529-2147-8BAABD8E1C70}" = CCC Help Japanese "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{685202C9-9DA0-9AEA-51C8-7A700CFCB175}" = CCC Help Thai "{69AE8CC0-E854-5E39-39AB-222D0AE00135}" = CCC Help Polish "{6D35FF17-A8B3-43D3-917E-5A1F2C3FB628}" = Toshiba Password Utility "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba" = WildTangent Games App (Toshiba Games) "{80D9BC7B-00CA-F1EB-C077-E66B3D0A21DC}" = Catalyst Control Center Localization All "{828175FA-7307-4DBF-95AD-9CEE086B6F45}" = Welcome App (Start-up experience) "{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express "{86372151-A7B9-BB84-9D98-0B914A55C6F1}" = CCC Help Hungarian "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{88BDB715-7ABF-5A56-F383-FF9CBB6E1390}" = CCC Help English "{8E7EABFA-BF37-4824-B792-4220C9E04233}" = Nero BurnRights Help (CHM) "{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = TOSHIBA Manuals "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office "{95A78205-B06E-0126-3D96-13D40E89E9F8}" = CCC Help Danish "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{998042A4-4186-9410-B434-03292C6FD4EE}" = CCC Help Portuguese "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver "{9FAF2E78-2830-308F-DFFB-7BEB546538A9}" = AMD VISION Engine Control Center "{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter "{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator "{B953732D-B623-4E84-B369-CFFF7B1AE06F}" = Nero RescueAgent "{BA8958DC-ADD7-41E5-8436-5883C7E871C7}" = Nero 12 Essentials Toshiba "{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components "{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM) "{D5465517-574A-0325-2248-A9F3C48452B6}" = CCC Help Chinese Traditional "{D83D5480-00CF-9FC9-95CF-60F5E92D8735}" = CCC Help Finnish "{DA6C22A8-64CD-9374-A5F4-E2A3994A6327}" = Catalyst Control Center Graphics Previews Common "{EA6358BC-1DDA-882D-8642-15DBC063192C}" = CCC Help Czech "{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM) "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F76F5214-83A8-4030-80C9-1EF57391D72A}" = Toshiba TEMPRO "Designer 2.0_is1" = Designer 2.0 "ESET Online Scanner" = ESET Online Scanner v3 "Google Chrome" = Google Chrome "InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}" = Realtek Bluetooth Filter Driver Package "InstallShield_{6D35FF17-A8B3-43D3-917E-5A1F2C3FB628}" = Toshiba Password Utility "Intel AppUp(SM) center 33268" = Intel AppUp(SM) center "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100 "Mozilla Thunderbird 17.0.2 (x86 de)" = Mozilla Thunderbird 17.0.2 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MSC" = McAfee Internet Security "VLC media player" = VLC media player 2.0.5 "WildTangent toshiba Master Uninstall" = WildTangent Games "WTA-0258dd52-bdac-483f-8713-b1c2310565ff" = Aloha TriPeaks "WTA-1627a70a-6fc7-4e55-9010-948a5db75f95" = Polar Bowler "WTA-2283faf2-a94c-464b-857a-745a946c42d6" = Plants vs. Zombies - Game of the Year "WTA-5b062b36-9e23-44dd-8086-1002dfd59887" = Chuzzle Deluxe "WTA-8afedd3d-03ea-4468-80a7-f34c2f75db2e" = Bejeweled 3 "WTA-a82bda77-a40e-4f45-ba01-4e4b473d7835" = Magic Academy "WTA-c6a1e7e5-e7b4-4d12-878c-5b401af2703c" = Peggle Nights "WTA-c758276f-12f3-4dd9-ace7-0f47e566575f" = Virtual Villagers 4 - The Tree of Life "WTA-d4fa2bf7-080f-4150-9988-1c0ecb9613a1" = Empress of the Deep - The Darkest Secret "WTA-f3ab31a4-1916-4a64-8b80-79e069f2b1e3" = Jewel Quest Solitaire 2 "WTA-f6bf20a3-9d85-49b6-8b80-62d6f0491f80" = Island Tribe ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 11.01.2013 15:29:47 | Computer Name = Sanoli | Source = .NET Runtime | ID = 1026 Description = Error - 12.01.2013 05:09:35 | Computer Name = Sanoli | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 12.01.2013 10:04:21 | Computer Name = Sanoli | Source = ESENT | ID = 489 Description = taskhostex (2112) Versuch, Datei "C:\Users\Sandra\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien. Error - 12.01.2013 11:15:43 | Computer Name = Sanoli | Source = Microsoft-Windows-Immersive-Shell | ID = 2486 Description = Die App „Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo“ wurde nicht innerhalb der vorgesehenen Zeit gestartet. Error - 12.01.2013 11:16:07 | Computer Name = Sanoli | Source = Application Hang | ID = 1002 Description = Programm wwahost.exe, Version 6.2.9200.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 14ec Startzeit: 01cdf0d7a6f713de Endzeit: 4294967295 Anwendungspfad: C:\windows\system32\wwahost.exe Berichts-ID: f04ca392-5cca-11e2-be71-2016d84b3dee Vollständiger Name des fehlerhaften Pakets: Microsoft.ZuneVideo_1.0.927.0_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.ZuneVideo Error - 12.01.2013 11:16:08 | Computer Name = Sanoli | Source = Microsoft-Windows-Immersive-Shell | ID = 5973 Description = Bei der Aktivierung der App „Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error - 13.01.2013 06:04:21 | Computer Name = Sanoli | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 14.01.2013 08:52:18 | Computer Name = Sanoli | Source = ESENT | ID = 489 Description = taskhostex (1772) Versuch, Datei "C:\Users\Sandra\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien. [ System Events ] Error - 14.01.2013 14:19:46 | Computer Name = Sanoli | Source = DCOM | ID = 10010 Description = Error - 14.01.2013 14:20:18 | Computer Name = Sanoli | Source = DCOM | ID = 10010 Description = Error - 14.01.2013 14:20:49 | Computer Name = Sanoli | Source = DCOM | ID = 10010 Description = Error - 14.01.2013 14:21:20 | Computer Name = Sanoli | Source = DCOM | ID = 10010 Description = Error - 14.01.2013 14:21:52 | Computer Name = Sanoli | Source = DCOM | ID = 10010 Description = Error - 14.01.2013 14:22:23 | Computer Name = Sanoli | Source = DCOM | ID = 10010 Description = Error - 14.01.2013 14:22:55 | Computer Name = Sanoli | Source = DCOM | ID = 10010 Description = Error - 14.01.2013 14:23:27 | Computer Name = Sanoli | Source = DCOM | ID = 10010 Description = Error - 15.01.2013 03:00:09 | Computer Name = Sanoli | Source = Microsoft-Windows-Kernel-Boot | ID = 16 Description = Error - 15.01.2013 03:00:37 | Computer Name = Sanoli | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?14.?01.?2013 um 23:46:14 unerwartet heruntergefahren. < End of report > |
04.02.2013, 14:19 | #5 |
/// Helfer-Team | Startfenster.com sieht alles gut aus. Downloade Dir bitte AdwCleaner auf deinen Desktop.
danach: Downloade Dir bitte SecurityCheck und:
|
04.02.2013, 19:57 | #6 |
| Startfenster.com AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.110 - Datei am 04/02/2013 um 19:49:23 erstellt # Aktualisiert am 03/02/2013 von Xplode # Betriebssystem : Windows 8 (64 bits) # Benutzer : Sandra - SANOLI # Bootmodus : Normal # Ausgeführt unter : C:\Users\Sandra\Downloads\adwcleaner.exe # Option [Löschen] **** [Dienste] **** ***** [Dateien / Ordner] ***** Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk Datei Gelöscht : C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk ***** [Registrierungsdatenbank] ***** ***** [Internet Browser] ***** -\\ Internet Explorer v10.0.9200.16453 Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.startfenster.com --> hxxp://www.google.com -\\ Google Chrome v24.0.1312.57 Datei : C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Preferences Gelöscht [l.15] : urls_to_restore_on_startup = [ "hxxp://www.startfenster.com" ] Gelöscht [l.1989] : urls_to_restore_on_startup = [ "hxxp://www.startfenster.com" ] ************************* AdwCleaner[S1].txt - [1060 octets] - [04/02/2013 19:49:23] ########## EOF - C:\AdwCleaner[S1].txt - [1120 octets] ########## Results of screen317's Security Check version 0.99.57 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` McAfee Anti-Virus und Anti-Spyware Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.70.0.1100 Mozilla Thunderbird (17.0.2) Google Chrome 24.0.1312.52 Google Chrome 24.0.1312.56 Google Chrome 24.0.1312.57 ````````Process Check: objlist.exe by Laurent```````` `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
05.02.2013, 03:40 | #7 |
/// Helfer-Team | Startfenster.com Sehr gut! damit bist Du sauber und entlassen! |
Themen zu Startfenster.com |
erwischt, startfenster.com, vlc.de |