| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Click Compare in BrowserWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
14.02.2013, 10:38
| #1 |
| |  Click Compare in Browser Hallo, habe auf mehreren Rechner sowohl in FF als auch Chrome Links, die zu Clickcompare weiterleiten. Habe gelesen, dass es sich hierbei um einen Trojaner handelt. Hier der Log von mbam: Malwarebytes Anti-Malware (Test) 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.02.14.03 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 vinexus :: PC-TANJA [Administrator] Schutz: Aktiviert 14.02.2013 10:14:30 mbam-log-2013-02-14 (10-14-30).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 194682 Laufzeit: 3 Minute(n), 58 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) OTL: HTML-Code: OTL logfile created on: 14.02.2013 10:14:32 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tanja\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 64,35% Memory free 5,99 Gb Paging File | 4,78 Gb Available in Paging File | 79,73% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 29,72 Gb Total Space | 6,54 Gb Free Space | 22,02% Space Free | Partition Type: NTFS Drive D: | 149,05 Gb Total Space | 144,55 Gb Free Space | 96,98% Space Free | Partition Type: NTFS Computer Name: PC-TANJA | User Name: tanja | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013.02.14 09:11:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tanja\Desktop\OTL.exe PRC - [2013.02.06 12:07:42 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2013.02.06 12:07:34 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2013.02.06 12:07:33 | 000,385,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.02.06 12:07:33 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2013.01.31 18:05:33 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\ielowutil.exe PRC - [2013.01.24 23:43:03 | 002,319,504 | ---- | M] (COMODO) -- C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2013.01.24 23:42:40 | 007,626,448 | ---- | M] (COMODO) -- C:\Programme\COMODO\COMODO Internet Security\cis.exe PRC - [2013.01.24 23:42:40 | 001,430,736 | ---- | M] (COMODO) -- C:\Programme\COMODO\COMODO Internet Security\cistray.exe PRC - [2013.01.24 23:42:39 | 000,404,688 | ---- | M] (COMODO) -- C:\Programme\COMODO\COMODO Internet Security\cavwp.exe PRC - [2013.01.09 17:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) -- C:\Programme\PDF Architect\ConversionService.exe PRC - [2013.01.09 17:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) -- C:\Programme\PDF Architect\HelperService.exe PRC - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.12.14 16:49:28 | 000,824,232 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbam.exe PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2011.08.31 12:15:38 | 000,532,480 | ---- | M] (3CX Ltd) -- C:\Programme\3CXPhone\3CXPhone.exe PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.11.20 22:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2009.08.18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009.08.18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013.02.06 12:10:36 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll MOD - [2013.02.06 12:10:21 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013.02.06 12:10:15 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2011.03.23 10:21:52 | 005,210,449 | ---- | M] () -- C:\Programme\3CXPhone\ffdshow\libavcodec.dll MOD - [2011.03.23 10:21:52 | 003,843,584 | ---- | M] () -- C:\Programme\3CXPhone\ffdshow\ffdshow.ax MOD - [2011.03.23 10:21:52 | 000,962,008 | ---- | M] () -- C:\Programme\3CXPhone\ffdshow\ff_x264.dll MOD - [2011.03.23 10:21:52 | 000,901,509 | ---- | M] () -- C:\Programme\3CXPhone\ffdshow\xvidcore.dll MOD - [2011.03.23 10:21:52 | 000,270,336 | ---- | M] () -- C:\Programme\3CXPhone\avfilters\lame.ax MOD - [2011.03.23 10:21:52 | 000,157,184 | ---- | M] () -- C:\Programme\3CXPhone\avfilters\libspeexdsp.dll MOD - [2011.03.23 10:21:52 | 000,100,864 | ---- | M] () -- C:\Programme\3CXPhone\ffdshow\ff_wmv9.dll MOD - [2011.03.23 10:21:52 | 000,024,848 | ---- | M] () -- C:\Programme\3CXPhone\avfilters\wavdest.ax MOD - [2010.11.13 00:19:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2013.02.08 09:37:24 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.02.07 08:48:37 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.02.06 12:07:42 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.02.06 12:07:33 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.01.24 23:43:03 | 002,319,504 | ---- | M] (COMODO) [Auto | Running] -- C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2013.01.24 23:42:41 | 000,127,184 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Programme\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth) SRV - [2013.01.09 17:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Programme\PDF Architect\ConversionService.exe -- (PDF Architect Service) SRV - [2013.01.09 17:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Programme\PDF Architect\HelperService.exe -- (PDF Architect Helper Service) SRV - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2010.11.20 22:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2009.08.18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU) DRV - [2013.02.14 10:14:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2013.01.16 20:51:42 | 000,084,416 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect) DRV - [2013.01.16 20:51:42 | 000,043,728 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2013.01.16 20:51:41 | 000,576,768 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdguard.sys -- (cmdGuard) DRV - [2013.01.16 20:51:40 | 000,020,072 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmderd.sys -- (cmderd) DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012.11.27 10:01:26 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.11.22 15:51:13 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2012.11.22 15:50:51 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012.08.27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.11.20 22:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010.11.20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010.11.20 22:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub) DRV - [2010.11.20 22:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV - [2010.11.20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc) DRV - [2010.11.20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010.11.20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010.11.20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD) DRV - [2010.11.20 22:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt) DRV - [2010.11.20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010.11.20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009.08.18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009.07.14 01:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV - [2009.07.14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B5 26 FC D8 04 05 CE 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: FFPDFArchitectConverter%40pdfarchitect.com:1.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\tanja\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\tanja\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files\PDF Architect\FFPDFArchitectExt [2013.01.30 09:57:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.07 08:48:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.07 08:48:37 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.30 09:48:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tanja\AppData\Roaming\mozilla\Extensions [2013.01.30 10:05:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tanja\AppData\Roaming\mozilla\Firefox\Profiles\rpq8pfaq.default\extensions [2013.01.30 10:05:06 | 000,000,000 | ---D | M] (SaveByclick) -- C:\Users\tanja\AppData\Roaming\mozilla\Firefox\Profiles\rpq8pfaq.default\extensions\5108dff31cf55@5108dff31cf8f.com [2013.02.07 08:48:34 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.01.30 09:57:59 | 000,000,000 | ---D | M] (PDF Architect Converter For Firefox) -- C:\PROGRAM FILES\PDF ARCHITECT\FFPDFARCHITECTEXT [2013.02.07 08:48:37 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2013.01.17 01:11:04 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.01.17 01:11:04 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2013.01.17 01:11:04 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2013.01.17 01:11:04 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2013.01.17 01:11:04 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2013.01.17 01:11:04 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = C:\Users\tanja\AppData\Local\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\tanja\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\tanja\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Update (Enabled) = C:\Users\tanja\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll CHR - Extension: Google Docs = C:\Users\tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.4_0\ CHR - Extension: Google Drive = C:\Users\tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: SaveByclick = C:\Users\tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pefkmbnbicbddjcoekkpahgnfbncldob\1\ CHR - Extension: Google Mail = C:\Users\tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Programme\PDF Architect\PDFIEHelper.dll (pdfforge GbR) O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Programme\PDF Architect\PDFIEPlugin.dll (pdfforge GbR) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [COMODO Internet Security] C:\Programme\COMODO\COMODO Internet Security\cistray.exe (COMODO) O4 - Startup: C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3CXPhone.lnk = C:\Programme\3CXPhone\3CXPhone.exe (3CX Ltd) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.180.1 0.0.0.0 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86EE4E0A-98C3-42A2-B170-301D182472BD}: DhcpNameServer = 192.168.180.1 0.0.0.0 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013.02.14 10:14:17 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2013.02.14 09:56:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt [2013.02.14 09:49:29 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Malwarebytes [2013.02.14 09:49:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.02.14 09:49:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.02.14 09:49:17 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013.02.14 09:49:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013.02.14 09:24:10 | 000,000,000 | ---D | C] -- C:\_OTL [2013.02.14 09:22:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\tanja\Desktop\OTL.exe [2013.02.07 08:48:33 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013.02.04 08:18:21 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys [2013.02.04 08:18:20 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys [2013.02.04 08:18:18 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys [2013.02.04 08:18:18 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe [2013.01.31 18:32:45 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2013.01.31 18:32:45 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2013.01.31 18:32:45 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2013.01.31 18:08:29 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys [2013.01.31 18:08:28 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll [2013.01.31 18:07:39 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll [2013.01.31 18:07:38 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll [2013.01.31 18:07:38 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll [2013.01.31 18:05:33 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2013.01.31 18:05:33 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.01.31 18:05:33 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.01.31 18:05:33 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013.01.31 18:05:33 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.01.31 18:05:33 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2013.01.31 18:05:33 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2013.01.31 18:05:33 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2013.01.31 18:05:33 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2013.01.31 18:05:33 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013.01.31 18:05:33 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2013.01.31 18:05:33 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2013.01.31 18:05:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.01.31 18:05:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2013.01.31 18:05:33 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2013.01.31 18:05:33 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2013.01.31 18:05:33 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2013.01.31 18:05:33 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2013.01.31 18:05:33 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013.01.31 18:05:33 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2013.01.31 18:05:33 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2013.01.31 18:05:33 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2013.01.31 18:05:33 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2013.01.31 18:05:33 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013.01.31 18:05:33 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2013.01.31 18:05:33 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2013.01.31 18:05:33 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013.01.31 18:05:33 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013.01.31 18:05:33 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.01.31 18:05:33 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.01.31 18:05:33 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2013.01.31 18:05:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2013.01.31 18:05:33 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2013.01.31 18:05:33 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2013.01.31 18:05:33 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013.01.31 18:05:33 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2013.01.31 18:05:33 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2013.01.31 18:04:22 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe [2013.01.31 13:13:48 | 000,000,000 | R--D | C] -- C:\Users\tanja\AppData\Roaming\Brother [2013.01.31 13:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother [2013.01.31 12:46:30 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\PDF Architect [2013.01.31 11:37:14 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\Adobe [2013.01.31 09:19:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013.01.31 09:19:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013.01.31 09:13:40 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.01.31 09:13:39 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys [2013.01.31 09:13:12 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll [2013.01.31 09:13:12 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe [2013.01.31 09:12:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2013.01.31 09:12:21 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OxpsConverter.exe [2013.01.31 09:12:18 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll [2013.01.31 09:12:17 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl [2013.01.31 09:12:17 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2013.01.31 09:12:17 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax [2013.01.31 09:12:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll [2013.01.31 09:11:58 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys [2013.01.31 09:11:58 | 000,187,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS [2013.01.31 09:11:58 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll [2013.01.31 09:11:58 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll [2013.01.31 09:11:58 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll [2013.01.31 09:11:55 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll [2013.01.31 09:11:49 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe [2013.01.31 09:11:49 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2013.01.31 09:11:49 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [2013.01.31 09:11:49 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [2013.01.31 09:11:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2013.01.31 09:11:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2013.01.31 09:11:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2013.01.31 09:11:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [2013.01.31 09:11:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [2013.01.31 09:11:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2013.01.31 09:11:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2013.01.31 09:11:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2013.01.31 09:11:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2013.01.31 09:11:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [2013.01.31 09:11:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2013.01.31 09:11:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2013.01.31 09:11:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2013.01.31 09:11:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [2013.01.31 09:11:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [2013.01.31 09:11:40 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll [2013.01.31 09:11:40 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll [2013.01.31 09:11:40 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll [2013.01.31 09:11:40 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll [2013.01.31 09:11:40 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll [2013.01.31 09:11:40 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll [2013.01.31 09:11:38 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll [2013.01.31 09:11:34 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll [2013.01.31 09:11:34 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe [2013.01.31 09:11:33 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2013.01.31 09:11:32 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2013.01.31 09:11:32 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll [2013.01.31 09:11:31 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2013.01.31 09:11:30 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2013.01.31 09:11:29 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll [2013.01.31 09:11:29 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll [2013.01.31 09:11:29 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2013.01.31 09:11:28 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2013.01.31 09:11:28 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2013.01.31 09:11:21 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2013.01.31 09:11:16 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013.01.31 09:11:16 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2013.01.31 09:11:14 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2013.01.31 09:11:00 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2013.01.31 09:11:00 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs [2013.01.31 09:11:00 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs [2013.01.31 09:11:00 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs [2013.01.31 09:11:00 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs [2013.01.31 09:11:00 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs [2013.01.31 09:11:00 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs [2013.01.31 09:11:00 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs [2013.01.31 09:11:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs [2013.01.31 09:11:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs [2013.01.31 09:11:00 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs [2013.01.31 09:10:59 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll [2013.01.31 09:10:59 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs [2013.01.31 09:10:59 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs [2013.01.31 09:10:59 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs [2013.01.31 09:10:59 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs [2013.01.31 09:10:53 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2013.01.31 09:10:52 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll [2013.01.31 09:10:51 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll [2013.01.31 09:10:51 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll [2013.01.31 09:10:51 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll [2013.01.31 09:10:51 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll [2013.01.31 09:10:51 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll [2013.01.31 09:10:51 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll [2013.01.31 09:10:49 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll [2013.01.31 09:10:49 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll [2013.01.31 09:10:49 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe [2013.01.31 09:10:48 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2013.01.31 09:10:46 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll [2013.01.31 09:10:42 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2013.01.31 09:10:42 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe [2013.01.31 09:10:39 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll [2013.01.31 09:10:39 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll [2013.01.31 09:08:12 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2013.01.31 09:08:12 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2013.01.31 09:08:08 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe [2013.01.31 09:08:07 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys [2013.01.31 09:08:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2013.01.31 09:07:56 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys [2013.01.31 09:01:26 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\Macromedia [2013.01.30 12:09:20 | 000,000,000 | ---D | C] -- C:\Users\tanja\Desktop\TANJA [2013.01.30 11:19:59 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\3CX VoIP Phone [2013.01.30 11:19:16 | 000,000,000 | ---D | C] -- C:\Program Files\3CXPhone [2013.01.30 11:19:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3CX Phone [2013.01.30 10:30:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2013.01.30 10:30:11 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2013.01.30 10:30:11 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll [2013.01.30 10:30:11 | 001,379,760 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll [2013.01.30 10:30:11 | 000,819,648 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll [2013.01.30 10:30:11 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2013.01.30 10:30:11 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2013.01.30 10:30:11 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2013.01.30 10:30:11 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2013.01.30 10:30:11 | 000,134,584 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll [2013.01.30 10:30:11 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll [2013.01.30 10:30:10 | 003,173,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2013.01.30 10:30:10 | 002,417,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2013.01.30 10:30:10 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2013.01.30 10:30:10 | 000,645,776 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2013.01.30 10:30:10 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2013.01.30 10:30:10 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll [2013.01.30 10:30:10 | 000,192,104 | ---- | C] (Sony Corporation) -- C:\Windows\System32\SFSS_APO.dll [2013.01.30 10:30:10 | 000,087,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInstII.dll [2013.01.30 10:30:10 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2013.01.30 10:30:10 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll [2013.01.30 10:30:10 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll [2013.01.30 10:30:10 | 000,013,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoLDR.dll [2013.01.30 10:30:09 | 007,783,768 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll [2013.01.30 10:30:09 | 007,161,696 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll [2013.01.30 10:30:09 | 005,096,448 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat [2013.01.30 10:30:09 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2013.01.30 10:30:09 | 001,185,112 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek2.dll [2013.01.30 10:30:09 | 000,709,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPOShell.dll [2013.01.30 10:30:09 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll [2013.01.30 10:30:09 | 000,351,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll [2013.01.30 10:30:09 | 000,350,552 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll [2013.01.30 10:30:09 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2013.01.30 10:30:09 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2013.01.30 10:30:09 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll [2013.01.30 10:30:09 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2013.01.30 10:30:09 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2013.01.30 10:30:09 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2013.01.30 10:30:09 | 000,105,824 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll [2013.01.30 10:30:09 | 000,091,488 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll [2013.01.30 10:30:09 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2013.01.30 10:30:09 | 000,061,792 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll [2013.01.30 10:30:08 | 002,193,472 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2013.01.30 10:30:08 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll [2013.01.30 10:30:08 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll [2013.01.30 10:30:08 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll [2013.01.30 10:30:08 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll [2013.01.30 10:30:08 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll [2013.01.30 10:30:08 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll [2013.01.30 10:30:08 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll [2013.01.30 10:30:08 | 000,421,744 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll [2013.01.30 10:30:08 | 000,398,192 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll [2013.01.30 10:30:08 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll [2013.01.30 10:30:08 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll [2013.01.30 10:30:08 | 000,335,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll [2013.01.30 10:30:08 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll [2013.01.30 10:30:08 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll [2013.01.30 10:30:08 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll [2013.01.30 10:30:08 | 000,176,736 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll [2013.01.30 10:30:08 | 000,095,840 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll [2013.01.30 10:30:08 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2013.01.30 10:30:07 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2013.01.30 10:30:06 | 001,706,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2013.01.30 10:30:06 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2013.01.30 10:30:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2013.01.30 10:10:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO [2013.01.30 10:09:58 | 000,000,000 | --SD | C] -- C:\ProgramData\Shared Space [2013.01.30 10:09:39 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2013.01.30 10:09:39 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2013.01.30 10:09:39 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2013.01.30 10:09:39 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2013.01.30 10:09:39 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2013.01.30 10:09:39 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2013.01.30 10:09:39 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2013.01.30 10:09:38 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2013.01.30 10:09:38 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2013.01.30 10:09:38 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2013.01.30 10:09:38 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2013.01.30 10:09:38 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2013.01.30 10:09:38 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2013.01.30 10:09:38 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2013.01.30 10:09:38 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2013.01.30 10:09:38 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2013.01.30 10:09:37 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll [2013.01.30 10:09:37 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2013.01.30 10:09:37 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll [2013.01.30 10:09:37 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2013.01.30 10:09:37 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll [2013.01.30 10:09:37 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2013.01.30 10:09:36 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2013.01.30 10:09:36 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2013.01.30 10:09:36 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2013.01.30 10:09:36 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2013.01.30 10:09:36 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2013.01.30 10:09:36 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2013.01.30 10:09:36 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2013.01.30 10:09:36 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2013.01.30 10:09:36 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2013.01.30 10:09:36 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2013.01.30 10:09:36 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2013.01.30 10:09:35 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2013.01.30 10:09:35 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2013.01.30 10:09:35 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2013.01.30 10:09:35 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2013.01.30 10:09:35 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2013.01.30 10:09:35 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2013.01.30 10:09:35 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2013.01.30 10:09:35 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2013.01.30 10:09:35 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2013.01.30 10:09:35 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2013.01.30 10:09:34 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2013.01.30 10:09:34 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2013.01.30 10:09:34 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2013.01.30 10:09:34 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2013.01.30 10:09:34 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2013.01.30 10:09:34 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2013.01.30 10:09:34 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2013.01.30 10:09:34 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2013.01.30 10:09:34 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2013.01.30 10:09:33 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2013.01.30 10:09:33 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll [2013.01.30 10:09:33 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2013.01.30 10:09:33 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll [2013.01.30 10:09:33 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2013.01.30 10:09:33 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2013.01.30 10:09:32 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2013.01.30 10:09:32 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2013.01.30 10:09:32 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll [2013.01.30 10:09:32 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll [2013.01.30 10:09:32 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2013.01.30 10:09:32 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2013.01.30 10:09:32 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll [2013.01.30 10:09:32 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll [2013.01.30 10:09:31 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2013.01.30 10:09:31 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll [2013.01.30 10:09:31 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2013.01.30 10:09:31 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2013.01.30 10:09:31 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2013.01.30 10:09:31 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2013.01.30 10:09:31 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2013.01.30 10:09:30 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2013.01.30 10:09:30 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2013.01.30 10:09:30 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2013.01.30 10:09:30 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2013.01.30 10:09:30 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2013.01.30 10:09:30 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2013.01.30 10:09:30 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2013.01.30 10:09:30 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2013.01.30 10:09:30 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2013.01.30 10:09:28 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2013.01.30 10:09:28 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2013.01.30 10:09:28 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2013.01.30 10:09:28 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2013.01.30 10:09:28 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2013.01.30 10:09:28 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2013.01.30 10:09:27 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll [2013.01.30 10:09:27 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2013.01.30 10:09:27 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2013.01.30 10:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo [2013.01.30 10:08:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader [2013.01.30 10:08:53 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO [2013.01.30 10:06:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2013.01.30 10:04:34 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Avira [2013.01.30 09:59:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2013.01.30 09:59:03 | 000,134,336 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys [2013.01.30 09:59:03 | 000,083,944 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys [2013.01.30 09:59:03 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys [2013.01.30 09:59:03 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2013.01.30 09:59:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2013.01.30 09:59:02 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2013.01.30 09:58:16 | 000,000,000 | ---D | C] -- C:\ProgramData\RightClick [2013.01.30 09:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\SaveByClick [2013.01.30 09:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\SaveByclick [2013.01.30 09:58:10 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate [2013.01.30 09:58:03 | 000,000,000 | ---D | C] -- C:\Users\tanja\Documents\PDF Architect Files [2013.01.30 09:58:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect [2013.01.30 09:57:57 | 000,000,000 | ---D | C] -- C:\Program Files\PDF Architect [2013.01.30 09:57:51 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\pdfforge [2013.01.30 09:57:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [2013.01.30 09:57:49 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX [2013.01.30 09:57:49 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX [2013.01.30 09:57:49 | 000,088,576 | ---- | C] (pdfforge GbR) -- C:\Windows\System32\pdfcmon.dll [2013.01.30 09:57:48 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6DE.DLL [2013.01.30 09:57:47 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCDE.DLL [2013.01.30 09:57:47 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2DE.DLL [2013.01.30 09:57:47 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL [2013.01.30 09:57:47 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator [2013.01.30 09:54:58 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\Programs [2013.01.30 09:53:52 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\WinRAR [2013.01.30 09:53:52 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.01.30 09:53:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.01.30 09:53:50 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2013.01.30 09:53:11 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.01.30 09:52:15 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2013.01.30 09:52:10 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\Google [2013.01.30 09:51:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2013.01.30 09:51:16 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2013.01.30 09:49:44 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Skype [2013.01.30 09:49:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.01.30 09:49:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2013.01.30 09:49:39 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2013.01.30 09:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2013.01.30 09:49:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2013.01.30 09:48:14 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Mozilla [2013.01.30 09:48:14 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\Mozilla [2013.01.30 09:48:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2013.01.30 09:48:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.01.30 09:45:28 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Macromedia [2013.01.30 09:45:28 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Adobe [2013.01.30 09:45:21 | 000,697,712 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.01.30 09:45:21 | 000,074,096 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.01.30 09:45:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2013.01.30 09:43:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2013.01.30 09:42:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio [2013.01.30 09:42:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2013.01.30 09:42:20 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2013.01.30 09:42:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2013.01.30 09:40:18 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\Microsoft Help [2013.01.30 09:40:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2013.01.30 09:40:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2013.01.30 09:38:36 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll [2013.01.30 09:38:15 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2013.01.30 09:37:55 | 000,000,000 | RH-D | C] -- C:\MSOCache [2013.01.30 09:35:03 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2013.01.30 09:35:03 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2013.01.30 09:35:00 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2013.01.30 09:35:00 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2013.01.30 09:35:00 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2013.01.30 09:34:53 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2013.01.30 09:34:53 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2013.01.30 09:34:46 | 000,000,000 | R--D | C] -- C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.01.30 09:34:46 | 000,000,000 | R--D | C] -- C:\Users\tanja\Searches [2013.01.30 09:34:46 | 000,000,000 | R--D | C] -- C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.01.30 09:34:40 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Identities [2013.01.30 09:34:39 | 000,000,000 | R--D | C] -- C:\Users\tanja\Contacts [2013.01.30 09:34:36 | 000,000,000 | --SD | C] -- C:\Users\tanja\AppData\Roaming\Microsoft [2013.01.30 09:34:36 | 000,000,000 | R--D | C] -- C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013.01.30 09:34:36 | 000,000,000 | R--D | C] -- C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Vorlagen [2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\AppData\Local\Verlauf [2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\AppData\Local\Temporary Internet Files [2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Startmenü [2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\SendTo [2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Recent [2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Netzwerkumgebung [2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Lokale Einstellungen [2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Documents\Eigene Videos [2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Documents\Eigene Musik [2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Eigene Dateien [2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Documents\Eigene Bilder [2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Druckumgebung [2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Cookies [2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\AppData\Local\Anwendungsdaten [2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Anwendungsdaten [2013.01.30 09:34:36 | 000,000,000 | -H-D | C] -- C:\Users\tanja\AppData [2013.01.30 09:34:36 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\VirtualStore [2013.01.30 09:34:36 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\Temp [2013.01.30 09:34:36 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\Microsoft [2013.01.30 09:34:36 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Media Center Programs [2013.01.30 09:34:35 | 000,000,000 | R--D | C] -- C:\Users\tanja\Videos [2013.01.30 09:34:35 | 000,000,000 | R--D | C] -- C:\Users\tanja\Saved Games [2013.01.30 09:34:35 | 000,000,000 | R--D | C] -- C:\Users\tanja\Pictures [2013.01.30 09:34:35 | 000,000,000 | R--D | C] -- C:\Users\tanja\Music [2013.01.30 09:34:35 | 000,000,000 | R--D | C] -- C:\Users\tanja\Links [2013.01.30 09:34:35 | 000,000,000 | R--D | C] -- C:\Users\tanja\Favorites [2013.01.30 09:34:35 | 000,000,000 | R--D | C] -- C:\Users\tanja\Downloads [2013.01.30 09:34:35 | 000,000,000 | R--D | C] -- C:\Users\tanja\Documents [2013.01.30 09:34:35 | 000,000,000 | R--D | C] -- C:\Users\tanja\Desktop [2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\Recovery [2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\Programme [2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2013.01.30 09:34:26 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013.01.30 09:30:34 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2013.01.30 09:30:18 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2013.01.30 09:29:28 | 000,000,000 | ---D | C] -- C:\Windows\Panther [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013.02.14 10:14:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2013.02.14 10:13:58 | 000,001,959 | ---- | M] () -- C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3CXPhone.lnk [2013.02.14 10:13:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.02.14 10:12:58 | 2414,485,504 | -HS- | M] () -- C:\hiberfil.sys [2013.02.14 10:12:27 | 000,026,352 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.02.14 10:12:27 | 000,026,352 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.02.14 10:08:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-128914377-670426599-1984384762-1000UA.job [2013.02.14 09:49:20 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.02.14 09:36:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.02.14 09:31:12 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.02.14 09:31:12 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.02.14 09:31:12 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.02.14 09:31:12 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.02.14 09:17:19 | 000,056,228 | ---- | M] () -- C:\Users\tanja\Desktop\160088748.pdf [2013.02.14 09:11:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tanja\Desktop\OTL.exe [2013.02.14 09:08:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-128914377-670426599-1984384762-1000Core.job [2013.02.12 14:08:58 | 000,056,687 | ---- | M] () -- C:\Users\tanja\Desktop\160089185.pdf [2013.02.08 10:33:59 | 000,056,066 | ---- | M] () -- C:\Users\tanja\Desktop\160089100.pdf [2013.02.08 10:14:51 | 000,017,865 | ---- | M] () -- C:\Users\tanja\Desktop\Status-zu-Sendung-634924479542.pdf [2013.02.08 09:37:23 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.02.08 09:37:23 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.02.07 14:02:48 | 000,056,399 | ---- | M] () -- C:\Users\tanja\Desktop\160089054.pdf [2013.02.07 13:56:57 | 000,210,810 | ---- | M] () -- C:\Users\tanja\Documents\Gerard-Butler-gerard-butler-16740958-1280-1024.jpg [2013.02.07 12:41:01 | 000,009,661 | ---- | M] () -- C:\Users\tanja\Documents\helau.jpg [2013.02.07 11:31:03 | 000,105,112 | ---- | M] () -- C:\Users\tanja\Desktop\S62254_AB_Vignobles Alain Jaum.pdf [2013.02.07 11:04:06 | 000,003,880 | ---- | M] () -- C:\Users\tanja\Documents\th.jpg [2013.02.04 08:08:22 | 000,289,696 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.01.31 18:05:33 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2013.01.31 18:05:33 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.01.31 18:05:33 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.01.31 18:05:33 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013.01.31 18:05:33 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.01.31 18:05:33 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2013.01.31 18:05:33 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2013.01.31 18:05:33 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2013.01.31 18:05:33 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2013.01.31 18:05:33 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013.01.31 18:05:33 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2013.01.31 18:05:33 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2013.01.31 18:05:33 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.01.31 18:05:33 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2013.01.31 18:05:33 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2013.01.31 18:05:33 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2013.01.31 18:05:33 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2013.01.31 18:05:33 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2013.01.31 18:05:33 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013.01.31 18:05:33 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2013.01.31 18:05:33 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2013.01.31 18:05:33 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll [2013.01.31 18:05:33 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2013.01.31 18:05:33 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013.01.31 18:05:33 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2013.01.31 18:05:33 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2013.01.31 18:05:33 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013.01.31 18:05:33 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013.01.31 18:05:33 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.01.31 18:05:33 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf [2013.01.31 18:05:33 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.01.31 18:05:33 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2013.01.31 18:05:33 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2013.01.31 18:05:33 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2013.01.31 18:05:33 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2013.01.31 18:05:33 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013.01.31 18:05:33 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2013.01.31 18:05:33 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2013.01.31 14:50:07 | 000,005,696 | ---- | M] () -- C:\Users\tanja\Documents\210007668.pdf [2013.01.31 13:10:28 | 000,000,416 | ---- | M] () -- C:\Windows\BRWMARK.INI [2013.01.31 12:46:27 | 000,120,294 | ---- | M] () -- C:\Users\tanja\Desktop\rg.php.pdf [2013.01.31 10:53:17 | 2328,757,248 | ---- | M] () -- C:\Users\tanja\Desktop\archivorder-tanja.pst [2013.01.30 11:33:09 | 000,001,440 | ---- | M] () -- C:\Users\tanja\Desktop\Skype - Tanja.lnk [2013.01.30 11:18:12 | 000,001,534 | ---- | M] () -- C:\Users\tanja\Desktop\Public (192.168.180.3).lnk [2013.01.30 09:32:48 | 000,161,548 | ---- | M] () -- C:\Windows\System32\license.rtf [2013.01.30 09:31:31 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2013.01.30 09:31:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013.01.24 23:43:01 | 000,035,488 | ---- | M] (COMODO) -- C:\Windows\System32\cmdcsr.dll [2013.01.24 23:43:00 | 000,354,752 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll [2013.01.24 23:42:49 | 000,263,888 | ---- | M] (COMODO) -- C:\Windows\System32\cmdvrt32.dll [2013.01.24 23:42:48 | 000,040,656 | ---- | M] (COMODO) -- C:\Windows\System32\cmdkbd32.dll [2013.01.16 20:51:42 | 000,084,416 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\inspect.sys [2013.01.16 20:51:42 | 000,043,728 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys [2013.01.16 20:51:41 | 000,576,768 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdguard.sys [2013.01.16 20:51:40 | 000,020,072 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmderd.sys [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013.02.14 09:49:20 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.02.14 09:17:18 | 000,056,228 | ---- | C] () -- C:\Users\tanja\Desktop\160088748.pdf [2013.02.12 14:08:58 | 000,056,687 | ---- | C] () -- C:\Users\tanja\Desktop\160089185.pdf [2013.02.08 10:33:59 | 000,056,066 | ---- | C] () -- C:\Users\tanja\Desktop\160089100.pdf [2013.02.08 10:14:51 | 000,017,865 | ---- | C] () -- C:\Users\tanja\Desktop\Status-zu-Sendung-634924479542.pdf [2013.02.07 14:02:48 | 000,056,399 | ---- | C] () -- C:\Users\tanja\Desktop\160089054.pdf [2013.02.07 13:56:55 | 000,210,810 | ---- | C] () -- C:\Users\tanja\Documents\Gerard-Butler-gerard-butler-16740958-1280-1024.jpg [2013.02.07 12:41:01 | 000,009,661 | ---- | C] () -- C:\Users\tanja\Documents\helau.jpg [2013.02.07 11:31:03 | 000,105,112 | ---- | C] () -- C:\Users\tanja\Desktop\S62254_AB_Vignobles Alain Jaum.pdf [2013.02.07 11:04:05 | 000,003,880 | ---- | C] () -- C:\Users\tanja\Documents\th.jpg [2013.01.31 18:08:31 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2013.01.31 18:07:38 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2013.01.31 18:05:33 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2013.01.31 14:50:06 | 000,005,696 | ---- | C] () -- C:\Users\tanja\Documents\210007668.pdf [2013.01.31 13:10:28 | 000,000,416 | ---- | C] () -- C:\Windows\BRWMARK.INI [2013.01.31 12:46:24 | 000,120,294 | ---- | C] () -- C:\Users\tanja\Desktop\rg.php.pdf [2013.01.31 10:34:59 | 2328,757,248 | ---- | C] () -- C:\Users\tanja\Desktop\archivorder-tanja.pst [2013.01.30 11:21:38 | 000,001,959 | ---- | C] () -- C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3CXPhone.lnk [2013.01.30 11:17:44 | 000,001,534 | ---- | C] () -- C:\Users\tanja\Desktop\Public (192.168.180.3).lnk [2013.01.30 11:17:16 | 000,001,440 | ---- | C] () -- C:\Users\tanja\Desktop\Skype - Tanja.lnk [2013.01.30 10:30:09 | 000,293,889 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2013.01.30 09:52:10 | 000,001,128 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-128914377-670426599-1984384762-1000UA.job [2013.01.30 09:52:10 | 000,001,076 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-128914377-670426599-1984384762-1000Core.job [2013.01.30 09:51:25 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013.01.30 09:48:09 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.01.30 09:45:22 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.01.30 09:34:47 | 000,001,409 | ---- | C] () -- C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.01.30 09:32:38 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2013.01.30 09:32:36 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2013.01.30 09:31:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2013.01.30 09:31:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013.01.30 09:30:18 | 2414,485,504 | -HS- | C] () -- C:\hiberfil.sys [2012.12.03 06:43:44 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI [2012.12.03 06:43:42 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL [2012.12.03 06:43:42 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRADM08A.DAT [2011.04.12 02:30:05 | 000,653,928 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2011.04.12 02:30:05 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2011.04.12 02:30:05 | 000,129,800 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2011.04.12 02:30:05 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > Grüße Kai |
| Themen zu Click Compare in Browser |
| administrator, adobe, antivir, autorun, browser, click compare deinstallieren, click compare entfernen, click compare löschen, click compare redirect, click compare virus, converter, homepage, installation, object, opera, realtek, registry, savebyclick, security, software, trojaner |
Baum-Darstellung