| |
| |||||||
Log-Analyse und Auswertung: JS:Trojan.JS.Iframe.DH (Virus)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.04.2013, 15:04
| #16 |
| /// Helfer-Team  |  JS:Trojan.JS.Iframe.DH (Virus) OTL Logs? |
|
27.04.2013, 15:15
| #17 |
 | JS:Trojan.JS.Iframe.DH (Virus) Auf meinem Rechner, auf dem Admin-Benutzer ist irgendwie eine Internet Verknüpfung : Huntersoft Free Download , die einen nach zhangduo..com verlinkt. K.a was das ist. Hier die Logs von OTL:
__________________Code:
ATTFilter OTL Extras logfile created on: 27.04.2013 16:11:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\David\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
15,96 Gb Total Physical Memory | 14,46 Gb Available Physical Memory | 90,65% Memory free
109,71 Gb Paging File | 107,89 Gb Available in Paging File | 98,34% Paging File free
Paging file location(s): c:\pagefile.sys 48000 48000z:\pag [Binary data over 200 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223,57 Gb Total Space | 116,66 Gb Free Space | 52,18% Space Free | Partition Type: NTFS
Drive Z: | 1862,92 Gb Total Space | 1800,17 Gb Free Space | 96,63% Space Free | Partition Type: NTFS
Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D739A60-FF0A-4B90-8B5E-BE23BE76D8D2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{322D149A-D65C-47C2-9287-01D6EC6AFC53}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3AEB267A-44D1-4FC1-B636-60E1A576E398}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{658CE280-01E2-42EC-801B-B5535425034F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{670E2FDC-E08F-434F-B67A-37DDC32B63E9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7076DB55-246D-44D6-BC34-36EA8664C2CB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{965BD8C4-32A4-493F-91AC-DCB73241B25F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CD50330D-4331-4F91-BA8E-3535658CA753}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9DF2709-AB63-4CC7-86B0-21EEA824CF1E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{017EEB5D-56CD-4F93-A241-0C63F4AF44A1}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{026D79EF-0945-42BE-B8D6-E25F707C92DC}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{04577FFC-3F07-4E86-88A7-71F80488F573}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{08A46FC5-B678-4017-B150-797992C71FDB}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{0AD9F18F-9730-43F1-9035-9E21F4B20669}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{0B8BE8F2-B8D3-4A5D-9E3F-B3125DC1270C}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{1622066D-C694-4A1D-8DCB-F7D1117CFD3E}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{16DEA610-06F3-4747-A744-1FB9E1330017}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{22F5CE49-C985-4349-A8E3-A9F2332F8415}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{294E5E47-8705-4E3A-8424-8DC2901E529E}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{2A70403E-131A-4028-96FE-4516F69AEFDA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2AB2F8C4-AB08-45C3-8738-84DEFB158B8A}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{2EF9BC5A-8391-4F3E-AFE8-51FCC100725B}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{3A276451-4A68-4C96-9FF8-4D3D1FB27C8B}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{3DFC448B-F4C7-4389-94E5-15C805604E89}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{3E32BF95-995B-4384-AC63-BA67786B5C41}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{447E8F2C-3FFE-4C61-8138-06B8A505488B}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{49955076-663C-4D57-816A-945D8F513600}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{4F914C2E-2BFA-4161-8337-E2FE55AB9532}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{50E86413-1AD2-4F8F-AE22-1801C5CAF019}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{51D2EB6A-7780-4393-865D-5F9183DB7E78}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{520BF61F-8C2E-4CB7-9395-3F416887A405}" = dir=out | name=windows_ie_ac_001 |
"{52ADF0B9-ABB8-4F69-9F46-CD3647FCF289}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{53D434EB-9801-4947-BDDD-F4230981E571}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{5AB58875-5663-44AF-8EEF-C96FE7696A6B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6759A977-9816-4DAD-85A0-5B7B3CC8525B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{6D986DEA-0A0F-45DA-A155-57EEF0C5B02F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6F759243-04FD-46F1-8E54-C17FA0C3315F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7B339695-85C7-4F2A-8326-755EAC5CAF9C}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{8045A04E-EEF0-4D1A-9A48-351379BEAC6A}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{83334A0B-7FF5-4718-8E7F-43E326B1256F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{83F0298B-706E-4E57-95BC-52D2AA0C6153}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9446B13F-EDC6-45A7-998A-264B81098159}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{95C5DA98-9C1F-40AF-8E18-8A97A2BDA584}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{96C4BD3D-D54A-46F9-9CDC-20F60AF53F73}" = protocol=6 | dir=out | app=system |
"{AD613D82-F908-4B54-9A7C-D9E497210220}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{AFDCDDCF-3CA4-42D4-BA99-A5A9AABF3238}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{B1B31A5C-5316-43A5-941D-95DCB2A79B50}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{B3A215D1-C3FB-48C0-BFF8-098A26FA89B5}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{C68D90D8-434E-4495-B9CA-7DD07BEA33AD}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{C9D563CD-A175-494D-BD3C-2B0D98B685D4}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{C9E8E1DD-0E86-4CC9-8E87-5150FBDA01DF}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{CE67235F-8832-438A-A646-FCC9CE8D48D7}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{D18DD649-DCE2-498D-93D0-F4A22C0A3D5B}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{D1DD34AF-844D-4A33-B69C-29103A7213D4}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{D3122068-3C5A-46AC-A868-C0E35B22954E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E2C37CE9-94E3-49BA-B5EB-F5D9358BF67F}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{E749CD6B-810A-4B39-98D2-F0E9F12D9598}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EBE4AA47-4FB7-43EF-B98D-B1F7E43170C5}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{EF4312F7-0095-4EFC-87E5-97E15F5B38C6}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{F491A98B-8BF7-4BE9-ABEA-090BEC58B62E}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{FD937DDC-8C1A-4638-8C9A-D2A61031C1C3}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"TCP Query User{0C59C4A9-846D-4001-BA32-C1AE65F24163}Z:\games\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=z:\games\guild wars 2\gw2.exe |
"TCP Query User{E12B4F8B-776E-45C7-B078-540CD2DAC385}C:\users\david ii\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\david ii\appdata\local\temp\gw2.exe |
"UDP Query User{54B09676-6B46-4129-AFBD-814860C9C779}Z:\games\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=z:\games\guild wars 2\gw2.exe |
"UDP Query User{AB86E0B0-29A9-47A8-ABD3-D71D71B87151}C:\users\david ii\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\david ii\appdata\local\temp\gw2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{538B98C3-773F-4F20-9C66-802D104DCBE2}" = Intel® Trusted Connect Service Client
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 300.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"Unknown Device Identifier_is1" = Unknown Device Identifier 8.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000000-2778-5BED-8199-52EB14D8D22F}" = F-Secure CCF Reputation
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19522497-1DF2-40E8-AB3A-F1E133173060}" = Online Safety 2.71.927.655
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2FFABB79-E4B1-430A-AAE8-ACA886F3A34A}" = F-Secure Network CCF 1.02.126
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4EBE5044-43A3-49CC-9848-E5A11CA33E64}" = F-Secure CCF Scanning 1.18.127.7931 (release)
"{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{658FDBCA-B7A1-43E4-A849-9F0812473331}" = Computer Security 12.71.102.0 (release)
"{7B44A0FF-7F4F-4553-BD98-282640E6BEC7}" = Launch Pad
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"AVMWLANCLI" = AVM FRITZ!WLAN
"F-Secure ServiceEnabler 45119" = Launch Pad
"Google Chrome" = Google Chrome
"Guild Wars 2" = Guild Wars 2
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Home and Student 2010
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.04.2013 10:53:49 | Computer Name = David-PC | Source = Software Protection Platform Service | ID = 1008
Description = Fehler beim Erwerb des Zertifikats für sichere Prozessoren. hr=0x80072EE7
Error - 22.04.2013 15:26:03 | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: nvSCPAPISvr.exe, Version: 7.17.13.1106,
Zeitstempel: 0x50f9536b Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x74186a64 ID des fehlerhaften
Prozesses: 0x3ec Startzeit der fehlerhaften Anwendung: 0x01ce3f8f231467d8 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 77f478f9-ab82-11e2-8060-bc05430d2401
Vollständiger
Name des fehlerhaften Pakets: ,/Ë ,/Ë Ü Anwendungs-ID, die relativ zum fehlerhaften
Paket ist: ,/Ë ,/Ë Ü
Error - 22.04.2013 15:26:03 | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: WlanNetService.exe, Version: 1.1.0.26,
Zeitstempel: 0x4cbea834 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x74186a64 ID des fehlerhaften
Prozesses: 0x6c8 Startzeit der fehlerhaften Anwendung: 0x01ce3f8f2502f96e Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\avmwlanstick\WlanNetService.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 781cf05d-ab82-11e2-8060-bc05430d2401
Vollständiger
Name des fehlerhaften Pakets: 82Ë 82Ë Anwendungs-ID, die relativ zum fehlerhaften
Paket ist: 82Ë 82Ë
Error - 22.04.2013 15:26:03 | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: jhi_service.exe, Version: 8.0.0.1399,
Zeitstempel: 0x4f19c181 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x74186a64 ID des fehlerhaften
Prozesses: 0x744 Startzeit der fehlerhaften Anwendung: 0x01ce3f8f250a9a8f Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Intel\Intel(R) Management Engine
Components\DAL\jhi_service.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung:
783980e1-ab82-11e2-8060-bc05430d2401 Vollständiger Name des fehlerhaften Pakets:
\:Ë \:Ë Anwendungs-ID, die relativ zum fehlerhaften Paket ist: \:Ë \:Ë
Error - 22.04.2013 15:26:03 | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ccSvcHst.exe, Version: 11.0.0.88,
Zeitstempel: 0x4ddc962f Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x74186a64 ID des fehlerhaften
Prozesses: 0x760 Startzeit der fehlerhaften Anwendung: 0x01ce3f8f250c212f Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 78561164-ab82-11e2-8060-bc05430d2401
Vollständiger
Name des fehlerhaften Pakets: è Ë è Ë Anwendungs-ID, die relativ zum fehlerhaften
Paket ist: è Ë è Ë
Error - 22.04.2013 15:26:04 | Computer Name = David-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ccSvcHst.exe, Version: 109.0.0.107,
Zeitstempel: 0x4a92f9d9 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x74186a64 ID des fehlerhaften
Prozesses: 0x780 Startzeit der fehlerhaften Anwendung: 0x01ce3f8f2510b50f Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.15.96\ccSvcHst.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 7885acea-ab82-11e2-8060-bc05430d2401
Vollständiger
Name des fehlerhaften Pakets: Ð Ë Ð Ë Anwendungs-ID, die relativ zum fehlerhaften
Paket ist: Ð Ë Ð Ë
Error - 22.04.2013 15:54:47 | Computer Name = David-PC | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 1 2013-04-22 21:54:47+02:00 DAVID-PC DAVID-PC\David F-Secure
Anti-Virus Manual scanning was finished - spyware was found in the system.
Error - 22.04.2013 18:15:52 | Computer Name = David-PC | Source = MsiInstaller | ID = 11935
Description =
Error - 23.04.2013 07:00:21 | Computer Name = David-PC | Source = Microsoft-Windows-WMI | ID = 24
Description = Vom Ereignisanbieter "" wurde versucht, die Abfrage "SELECT * FROM
Win32_RemoteAppChangeEvent" zu registrieren, deren Zielklasse "Win32_RemoteAppChangeEvent"
im Namespace "//./ROOT/CIMV2/TerminalServices" nicht vorhanden ist. Die Abfrage
wird ignoriert.
Error - 23.04.2013 07:00:21 | Computer Name = David-PC | Source = Microsoft-Windows-WMI | ID = 24
Description = Vom Ereignisanbieter "Win32_TSPublishedApplication_Prov" wurde versucht,
die Abfrage "SELECT * FROM Win32_RemoteAppChangeEvent" zu registrieren, deren Zielklasse
"Win32_RemoteAppChangeEvent" im Namespace "//./ROOT/CIMV2/TerminalServices" nicht
vorhanden ist. Die Abfrage wird ignoriert.
[ System Events ]
Error - 23.04.2013 07:30:35 | Computer Name = David-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde nicht
richtig gestartet.
Error - 23.04.2013 07:30:35 | Computer Name = David-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1070
Error - 23.04.2013 07:33:52 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 23.04.2013 07:54:08 | Computer Name = David-PC | Source = DCOM | ID = 10016
Description =
Error - 23.04.2013 10:42:34 | Computer Name = David-PC | Source = DCOM | ID = 10016
Description =
Error - 23.04.2013 12:08:27 | Computer Name = David-PC | Source = DCOM | ID = 10016
Description =
Error - 24.04.2013 12:14:26 | Computer Name = David-PC | Source = DCOM | ID = 10016
Description =
Error - 24.04.2013 20:06:18 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 24.04.2013 20:06:18 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 25.04.2013 18:50:21 | Computer Name = David-PC | Source = DCOM | ID = 10016
Description =
< End of report >
|
|
27.04.2013, 15:16
| #18 |
| | JS:Trojan.JS.Iframe.DH (Virus)Code:
ATTFilter OTL logfile created on: 27.04.2013 16:11:37 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\David\Desktop 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 15,96 Gb Total Physical Memory | 14,46 Gb Available Physical Memory | 90,65% Memory free 109,71 Gb Paging File | 107,89 Gb Available in Paging File | 98,34% Paging File free Paging file location(s): c:\pagefile.sys 48000 48000z:\pag [Binary data over 200 bytes] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 223,57 Gb Total Space | 116,66 Gb Free Space | 52,18% Space Free | Partition Type: NTFS Drive Z: | 1862,92 Gb Total Space | 1800,17 Gb Free Space | 96,63% Space Free | Partition Type: NTFS Computer Name: DAVID-PC | User Name: David | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\David\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Internet Security\apps\ComputerSecurity\Anti-Virus\fssm32.exe (F-Secure Corporation) PRC - C:\Program Files (x86)\Internet Security\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE (F-Secure Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Internet Security\fshoster32.exe (F-Secure Corporation) PRC - C:\Program Files (x86)\Internet Security\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation) PRC - C:\Program Files (x86)\Internet Security\apps\ComputerSecurity\Common\FSMA32.EXE (F-Secure Corporation) PRC - C:\Program Files (x86)\Internet Security\apps\CCF_Reputation\fsorsp.exe (F-Secure Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin) PRC - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin) ========== Modules (No Company Name) ========== MOD - C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll () MOD - C:\Program Files (x86)\Internet Security\apps\ComputerSecurity\FSGUI\strres.eng () MOD - C:\Program Files (x86)\Internet Security\apps\ComputerSecurity\FSGUI\fsavures.eng () ========== Services (SafeList) ========== SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (fshoster) -- C:\Program Files (x86)\Internet Security\fshoster32.exe (F-Secure Corporation) SRV - (FSMA) -- C:\Program Files (x86)\Internet Security\apps\ComputerSecurity\Common\FSMA32.EXE (F-Secure Corporation) SRV - (FSORSPClient) -- C:\Program Files (x86)\Internet Security\apps\CCF_Reputation\fsorsp.exe (F-Secure Corporation) SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin) SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\Drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation) DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation) DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation) DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation) DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (e1iexpress) -- C:\Windows\SysNative\Drivers\e1i63x64.sys (Intel Corporation) DRV:64bit: - (asahci64) -- C:\Windows\SysNative\Drivers\asahci64.sys (Asmedia Technology) DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\Drivers\iusb3xhc.sys (Intel Corporation) DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\Drivers\iusb3hub.sys (Intel Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\Drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (fwlanusbn) -- C:\Windows\SysNative\Drivers\fwlanusbn.sys (AVM GmbH) DRV - (F-Secure HIPS) -- C:\Program Files (x86)\Internet Security\apps\ComputerSecurity\HIPS\drivers\fshs.sys (F-Secure Corporation) DRV - (F-Secure Gatekeeper) -- C:\Program Files (x86)\Internet Security\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys () DRV - (fsni) -- C:\Program Files (x86)\Internet Security\apps\CCF_Scanning\fsni64.sys (F-Secure Corporation) DRV - (fsvista) -- C:\Program Files (x86)\Internet Security\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1003109799-866300710-3827814734-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://wiki-de.guildwars2.com/wiki/Hauptseite IE - HKU\S-1-5-21-1003109799-866300710-3827814734-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx?ocid=iehp IE - HKU\S-1-5-21-1003109799-866300710-3827814734-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-CH IE - HKU\S-1-5-21-1003109799-866300710-3827814734-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 20 6C 8B 8F 3F CE 01 [binary data] IE - HKU\S-1-5-21-1003109799-866300710-3827814734-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-1003109799-866300710-3827814734-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-1003109799-866300710-3827814734-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUM_deCH533 IE - HKU\S-1-5-21-1003109799-866300710-3827814734-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll (Google Inc.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKU\S-1-5-21-1003109799-866300710-3827814734-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin) O4 - HKLM..\Run: [F-Secure Hoster (45119)] C:\Program Files (x86)\Internet Security\fshoster32.exe (F-Secure Corporation) O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\Internet Security\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKU\S-1-5-21-1003109799-866300710-3827814734-1003..\RunOnce: [WAB Migrate] C:\Program Files (x86)\Windows Mail\wab.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CC722779-78CE-4172-B690-4BBEDEACF34C}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.04.27 16:10:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe [2013.04.25 16:09:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unknown Device Identifier 8.00 [2013.04.25 16:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\Unknown Device Identifier [2013.04.24 14:42:59 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dskquota.dll [2013.04.24 14:42:59 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dskquota.dll [2013.04.24 14:42:49 | 000,396,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll [2013.04.24 14:42:46 | 001,172,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll [2013.04.24 14:42:46 | 000,929,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll [2013.04.24 14:42:46 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll [2013.04.24 14:42:46 | 000,673,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll [2013.04.24 14:42:45 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll [2013.04.24 14:42:45 | 000,513,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll [2013.04.24 14:42:05 | 003,554,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll [2013.04.24 14:42:04 | 002,116,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll [2013.04.24 14:42:03 | 002,764,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll [2013.04.24 14:42:03 | 002,380,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [2013.04.24 14:42:03 | 002,206,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll [2013.04.24 14:42:02 | 002,115,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe [2013.04.24 14:42:02 | 001,841,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll [2013.04.24 14:42:02 | 001,610,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll [2013.04.24 14:42:02 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll [2013.04.24 14:42:01 | 001,265,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll [2013.04.24 14:42:01 | 001,226,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll [2013.04.24 14:42:01 | 000,793,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll [2013.04.24 14:42:01 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll [2013.04.24 14:42:01 | 000,579,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll [2013.04.24 14:42:00 | 001,403,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi [2013.04.24 14:42:00 | 001,267,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe [2013.04.24 14:42:00 | 001,217,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi [2013.04.24 14:42:00 | 001,093,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe [2013.04.24 14:42:00 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll [2013.04.24 14:42:00 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll [2013.04.24 14:42:00 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll [2013.04.24 14:42:00 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe [2013.04.24 14:41:59 | 001,045,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll [2013.04.24 14:41:59 | 000,612,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll [2013.04.24 14:41:59 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe [2013.04.24 14:41:59 | 000,503,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll [2013.04.24 14:41:59 | 000,441,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys [2013.04.24 14:41:59 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll [2013.04.24 14:41:59 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys [2013.04.24 14:41:59 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.Compression.dll [2013.04.24 14:41:58 | 000,962,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll [2013.04.24 14:41:58 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpaceControl.dll [2013.04.24 14:41:58 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll [2013.04.24 14:41:58 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll [2013.04.24 14:41:58 | 000,058,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys [2013.04.24 14:41:57 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll [2013.04.24 14:41:57 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\input.dll [2013.04.24 14:41:57 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\input.dll [2013.04.24 14:41:57 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe [2013.04.24 14:41:57 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.Compression.dll [2013.04.24 14:41:57 | 000,056,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdstor.sys [2013.04.24 14:41:57 | 000,033,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\battc.sys [2013.04.24 14:41:56 | 000,745,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll [2013.04.24 14:41:56 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll [2013.04.24 14:41:56 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll [2013.04.24 14:41:56 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll [2013.04.24 14:41:56 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPKsp.dll [2013.04.24 14:41:56 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-pdc.dll [2013.04.24 14:41:55 | 001,836,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll [2013.04.24 14:41:55 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll [2013.04.24 14:41:55 | 000,757,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FirewallAPI.dll [2013.04.24 14:41:55 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SysFxUI.dll [2013.04.24 14:41:55 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSip.dll [2013.04.24 14:41:55 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxSip.dll [2013.04.24 14:41:54 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssphtb.dll [2013.04.24 14:41:54 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icfupgd.dll [2013.04.24 14:41:54 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssitlb.dll [2013.04.24 14:41:54 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll [2013.04.24 14:41:54 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssitlb.dll [2013.04.24 14:41:54 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPKsp.dll [2013.04.24 14:41:54 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeUISrv.exe [2013.04.24 14:41:54 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msscntrs.dll [2013.04.24 14:41:53 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\drmk.sys [2013.04.24 14:41:53 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfapigp.dll [2013.04.24 14:41:53 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfapigp.dll [2013.04.24 14:41:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msshooks.dll [2013.04.24 14:41:53 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msshooks.dll [2013.04.24 14:41:53 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kbdhebl3.dll [2013.04.24 14:41:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdhebl3.dll [2013.04.24 14:41:50 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanprotdim.dll [2013.04.24 14:41:47 | 001,184,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll [2013.04.24 14:41:47 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll [2013.04.24 14:41:47 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDKURD.DLL [2013.04.24 14:41:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDKURD.DLL [2013.04.24 14:41:46 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll [2013.04.24 14:41:46 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll [2013.04.24 14:41:46 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll [2013.04.24 14:41:46 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll [2013.04.24 14:41:46 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll [2013.04.24 14:41:46 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll [2013.04.24 14:41:23 | 011,459,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\glcndFilter.dll [2013.04.24 14:41:20 | 008,552,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\glcndFilter.dll [2013.04.24 14:41:20 | 001,526,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll [2013.04.24 14:41:20 | 001,451,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll [2013.04.24 14:41:20 | 000,976,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll [2013.04.24 14:41:19 | 001,566,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll [2013.04.24 14:41:19 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll [2013.04.24 14:41:18 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\HelpPane.exe [2013.04.24 14:41:18 | 000,490,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll [2013.04.24 14:41:18 | 000,447,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll [2013.04.24 14:41:18 | 000,253,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe [2013.04.24 14:41:15 | 000,522,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll [2013.04.24 14:41:15 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll [2013.04.24 14:41:15 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll [2013.04.24 14:41:15 | 000,463,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll [2013.04.24 14:41:15 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll [2013.04.24 14:41:15 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll [2013.04.24 14:41:15 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll [2013.04.24 14:41:15 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bthprops.cpl [2013.04.24 14:41:15 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafWCN.dll [2013.04.24 14:41:14 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll [2013.04.24 14:41:14 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlansec.dll [2013.04.24 14:41:14 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpclip.exe [2013.04.24 14:41:14 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll [2013.04.24 14:41:14 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll [2013.04.24 14:41:14 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bthprops.cpl [2013.04.24 14:41:14 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll [2013.04.24 14:41:14 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll [2013.04.24 14:41:13 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll [2013.04.24 14:41:13 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll [2013.04.24 14:41:13 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnApi.dll [2013.04.24 14:41:13 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdWCN.dll [2013.04.24 14:41:13 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WcnApi.dll [2013.04.24 14:41:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnEapAuthProxy.dll [2013.04.24 14:41:12 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll [2013.04.24 14:41:12 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfdprov.dll [2013.04.24 14:41:12 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnEapPeerProxy.dll [2013.04.24 14:41:12 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfdprov.dll [2013.04.24 14:41:12 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\fxppm.sys [2013.04.24 14:41:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanhlp.dll [2013.04.24 14:41:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanhlp.dll [2013.04.24 14:41:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsilog.dll [2013.04.24 14:41:06 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll [2013.04.24 14:41:05 | 000,707,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll [2013.04.24 14:40:55 | 003,245,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll [2013.04.24 14:40:54 | 001,536,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll [2013.04.24 14:40:54 | 001,122,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe [2013.04.24 14:40:54 | 001,027,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe [2013.04.24 14:40:54 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebcamUi.dll [2013.04.24 14:40:53 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstsc.exe [2013.04.24 14:40:53 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WebcamUi.dll [2013.04.24 14:40:53 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserLanguagesCpl.dll [2013.04.24 14:40:53 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserLanguagesCpl.dll [2013.04.24 14:40:53 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnapps.dll [2013.04.24 14:40:53 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsutil.dll [2013.04.24 14:40:53 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wpnapps.dll [2013.04.24 14:40:53 | 000,027,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys [2013.04.24 14:40:52 | 001,217,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll [2013.04.24 14:40:52 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstsc.exe [2013.04.24 14:40:52 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll [2013.04.24 14:40:52 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll [2013.04.24 14:40:52 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL [2013.04.24 14:40:52 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL [2013.04.24 14:40:52 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll [2013.04.24 14:40:52 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vds_ps.dll [2013.04.24 14:40:52 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vds_ps.dll [2013.04.24 14:40:52 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rfxvmt.dll [2013.04.24 14:40:52 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsldr.exe [2013.04.24 14:40:50 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll [2013.04.24 14:39:42 | 002,367,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll [2013.04.24 14:39:36 | 003,265,256 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\evbda.sys [2013.04.24 14:39:34 | 014,259,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll [2013.04.24 14:39:30 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe [2013.04.24 14:39:29 | 003,847,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll [2013.04.24 14:39:27 | 011,875,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll [2013.04.24 14:39:27 | 003,964,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSAT.exe [2013.04.24 14:39:26 | 000,533,224 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\bxvbda.sys [2013.04.24 14:39:25 | 001,513,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vssapi.dll [2013.04.24 14:39:24 | 001,825,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll [2013.04.24 14:39:22 | 002,219,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll [2013.04.24 14:39:22 | 001,739,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RacEngn.dll [2013.04.24 14:39:22 | 001,019,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsSpellCheckingFacility.dll [2013.04.24 14:39:21 | 001,304,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll [2013.04.24 14:39:21 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll [2013.04.24 14:39:21 | 000,389,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MMDevAPI.dll [2013.04.24 14:39:20 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provcore.dll [2013.04.24 14:39:17 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSATAPI.dll [2013.04.24 14:39:15 | 000,995,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll [2013.04.24 14:39:15 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apphelp.dll [2013.04.24 14:39:14 | 000,709,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MsSpellCheckingFacility.dll [2013.04.24 14:39:14 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IPHLPAPI.DLL [2013.04.24 14:39:12 | 001,743,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll [2013.04.24 14:39:12 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFPlay.dll [2013.04.24 14:39:11 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll [2013.04.24 14:39:11 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe [2013.04.24 14:39:10 | 000,866,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll [2013.04.24 14:39:10 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll [2013.04.24 14:39:10 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll [2013.04.24 14:39:10 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskeng.exe [2013.04.24 14:39:10 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll [2013.04.24 14:39:10 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcredprov.dll [2013.04.24 14:39:10 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rascfg.dll [2013.04.24 14:39:09 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnprv.dll [2013.04.24 14:39:09 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdsrv.dll [2013.04.24 14:39:09 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascfg.dll [2013.04.24 14:39:08 | 001,400,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll [2013.04.24 14:39:08 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VAN.dll [2013.04.24 14:39:08 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll [2013.04.24 14:39:08 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinSATAPI.dll [2013.04.24 14:39:07 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe [2013.04.24 14:39:07 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll [2013.04.24 14:39:07 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSClient.dll [2013.04.24 14:39:06 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appwiz.cpl [2013.04.24 14:39:06 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll [2013.04.24 14:39:06 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll [2013.04.24 14:39:02 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSSync.dll [2013.04.24 14:39:01 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe [2013.04.24 14:39:01 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhengine.dll [2013.04.24 14:39:01 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFPlay.dll [2013.04.24 14:39:01 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSClient.dll [2013.04.24 14:39:01 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSSync.dll [2013.04.24 14:39:01 | 000,120,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys [2013.04.24 14:39:01 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PackageStateRoaming.dll [2013.04.24 14:39:00 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RacEngn.dll [2013.04.24 14:39:00 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\appwiz.cpl [2013.04.24 14:39:00 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll [2013.04.24 14:39:00 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmredir.dll [2013.04.24 14:38:59 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\provcore.dll [2013.04.24 14:38:59 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll [2013.04.24 14:38:59 | 000,256,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll [2013.04.24 14:38:59 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityService.dll [2013.04.24 14:38:59 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll [2013.04.24 14:38:59 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PackageStateRoaming.dll [2013.04.24 14:38:59 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setbcdlocale.dll [2013.04.24 14:38:58 | 001,247,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll [2013.04.24 14:38:58 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll [2013.04.24 14:38:58 | 000,480,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VAN.dll [2013.04.24 14:38:58 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-kernel-power-events.dll [2013.04.24 14:38:58 | 000,062,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpfve.sys [2013.04.24 14:38:58 | 000,027,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\avrt.dll [2013.04.24 14:38:57 | 002,016,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\batmeter.dll [2013.04.24 14:38:57 | 002,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\batmeter.dll [2013.04.24 14:38:57 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll [2013.04.24 14:38:57 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe [2013.04.24 14:38:57 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfdisk.dll [2013.04.24 14:38:56 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll [2013.04.24 14:38:56 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll [2013.04.24 14:38:56 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfdisk.dll [2013.04.24 14:38:56 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\svchost.exe [2013.04.24 14:38:55 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll [2013.04.24 14:38:55 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll [2013.04.24 14:38:55 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcredprov.dll [2013.04.24 14:38:55 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhevents.dll [2013.04.24 14:38:54 | 000,437,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfh264enc.dll [2013.04.24 14:38:54 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll [2013.04.24 14:38:54 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll [2013.04.24 14:38:54 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfnet.dll [2013.04.24 14:38:53 | 000,699,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll [2013.04.24 14:38:53 | 000,627,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpksetup.exe [2013.04.24 14:38:53 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfh264enc.dll [2013.04.24 14:38:53 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevPropMgr.dll [2013.04.24 14:38:53 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwm.exe [2013.04.24 14:38:53 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe [2013.04.24 14:38:53 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvinst.exe [2013.04.24 14:38:52 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcfg.dll [2013.04.24 14:38:52 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe [2013.04.24 14:38:51 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll [2013.04.24 14:38:51 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFWSD.dll [2013.04.24 14:38:50 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll [2013.04.24 14:38:50 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsrchapi.dll [2013.04.24 14:38:50 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfnet.dll [2013.04.24 14:38:49 | 001,701,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll [2013.04.24 14:38:49 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webio.dll [2013.04.24 14:38:49 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webio.dll [2013.04.24 14:38:49 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcat.dll [2013.04.24 14:38:49 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfos.dll [2013.04.24 14:38:49 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsvc.dll [2013.04.24 14:38:48 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll [2013.04.24 14:38:48 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhshl.dll [2013.04.24 14:38:48 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CscMig.dll [2013.04.24 14:38:48 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpremove.exe [2013.04.24 14:38:48 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdiag.dll [2013.04.24 14:38:48 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdiag.dll [2013.04.24 14:38:48 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptdlg.dll [2013.04.24 14:38:47 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhmanagew.exe [2013.04.24 14:38:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vsstrace.dll [2013.04.24 14:38:47 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsrchph.dll [2013.04.24 14:38:47 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhlisten.dll [2013.04.24 14:38:47 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcleanup.dll [2013.04.24 14:38:47 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptdlg.dll [2013.04.24 14:38:46 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasmxs.dll [2013.04.24 14:38:46 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhtask.dll [2013.04.24 14:38:46 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdbinst.exe [2013.04.24 14:38:46 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sdbinst.exe [2013.04.24 14:38:45 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhautoplay.dll [2013.04.24 14:38:45 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ndptsp.tsp [2013.04.24 14:38:45 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ndptsp.tsp [2013.04.24 14:38:45 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfctrs.dll [2013.04.24 14:38:45 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfctrs.dll [2013.04.24 14:38:45 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfproc.dll [2013.04.24 14:38:45 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfproc.dll [2013.04.24 14:38:45 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfos.dll [2013.04.24 14:38:45 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasmxs.dll [2013.04.24 14:38:45 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasser.dll [2013.04.24 14:38:45 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasser.dll [2013.04.24 14:38:43 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kmddsp.tsp [2013.04.24 14:38:42 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kmddsp.tsp [2013.04.24 14:38:42 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LangCleanupSysprepAction.dll [2013.04.24 14:38:42 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspisrv.dll [2013.04.24 14:38:42 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsvcctl.dll [2013.04.24 14:38:42 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eventcls.dll [2013.04.24 14:38:42 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eventcls.dll [2013.04.24 14:38:42 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MUILanguageCleanup.dll [2013.04.24 14:38:42 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpksetupproxyserv.dll [2013.04.24 14:38:41 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spwmp.dll [2013.04.24 14:38:41 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spwmp.dll [2013.04.24 14:38:41 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shimeng.dll [2013.04.24 14:38:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdxm.ocx [2013.04.24 14:38:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxmasf.dll [2013.04.24 14:38:41 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdxm.ocx [2013.04.24 14:38:41 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dxmasf.dll [2013.04.24 14:38:39 | 009,374,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmploc.DLL [2013.04.24 14:38:39 | 009,374,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmploc.DLL [2013.04.24 14:38:31 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll [2013.04.24 14:38:30 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll [2013.04.24 14:38:30 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.exe [2013.04.24 14:38:30 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ndadmin.exe [2013.04.24 14:38:30 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.exe [2013.04.24 14:38:30 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ndadmin.exe [2013.04.23 14:09:07 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice [2013.04.23 13:55:23 | 000,000,000 | ---D | C] -- C:\Windows.old [2013.04.23 13:46:32 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcr100_clr0400.dll [2013.04.23 13:46:24 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcr100_clr0400.dll [2013.04.23 13:45:45 | 002,094,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmc.exe [2013.04.23 13:45:45 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll [2013.04.23 13:45:45 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll [2013.04.23 13:45:44 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmc.exe [2013.04.23 13:45:44 | 000,820,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpprefcl.dll [2013.04.23 13:45:44 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srmstormod.dll [2013.04.23 13:45:43 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupapi.dll [2013.04.23 13:45:43 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll [2013.04.23 13:45:43 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll [2013.04.23 13:45:43 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll [2013.04.23 13:45:43 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll [2013.04.23 13:45:43 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srmstormod.dll [2013.04.23 13:45:42 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll [2013.04.23 13:45:42 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP4SDECD.DLL [2013.04.23 13:45:42 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpprefcl.dll [2013.04.23 13:45:42 | 000,303,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys [2013.04.23 13:45:42 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDMon.dll [2013.04.23 13:45:42 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetpp.dll [2013.04.23 13:45:42 | 000,028,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpiowin32.sys [2013.04.23 13:45:41 | 001,347,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srmclient.dll [2013.04.23 13:45:41 | 000,987,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srmclient.dll [2013.04.23 13:45:41 | 000,652,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srmscan.dll [2013.04.23 13:45:41 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srmscan.dll [2013.04.23 13:45:41 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP4SDECD.DLL [2013.04.23 13:45:41 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll [2013.04.23 13:45:41 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srmshell.dll [2013.04.23 13:45:41 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncbservice.dll [2013.04.23 13:45:41 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adrclient.dll [2013.04.23 13:45:41 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srmshell.dll [2013.04.23 13:45:41 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxm.dll [2013.04.23 13:45:41 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adrclient.dll [2013.04.23 13:45:41 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiaacmgr.exe [2013.04.23 13:45:41 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srmtrace.dll [2013.04.23 13:45:41 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiaacmgr.exe [2013.04.23 13:45:41 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srmtrace.dll [2013.04.23 13:45:41 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhsvc.dll [2013.04.23 13:45:40 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srm.dll [2013.04.23 13:45:40 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srm.dll [2013.04.23 13:45:40 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srm_ps.dll [2013.04.23 13:45:40 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhapi.dll [2013.04.23 13:45:40 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxp.dll [2013.04.23 13:45:40 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srm_ps.dll [2013.04.23 13:45:40 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\keepaliveprovider.dll [2013.04.23 13:44:24 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll [2013.04.23 13:44:24 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll [2013.04.23 13:44:23 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll [2013.04.23 13:44:21 | 001,627,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll [2013.04.23 13:44:20 | 005,978,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll [2013.04.23 13:44:20 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll [2013.04.23 13:44:19 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll [2013.04.23 13:44:19 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll [2013.04.23 13:44:19 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll [2013.04.23 13:44:19 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47Langs.dll [2013.04.23 13:44:19 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll [2013.04.23 13:44:19 | 000,327,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys [2013.04.23 13:44:19 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ubpm.dll [2013.04.23 13:44:18 | 005,091,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll [2013.04.23 13:44:18 | 002,302,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll [2013.04.23 13:44:18 | 002,033,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll [2013.04.23 13:44:18 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll [2013.04.23 13:44:18 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll [2013.04.23 13:44:18 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll [2013.04.23 13:44:18 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll [2013.04.23 13:44:18 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS [2013.04.23 13:44:18 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll [2013.04.23 13:44:18 | 000,332,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys [2013.04.23 13:44:18 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BCP47Langs.dll [2013.04.23 13:44:18 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll [2013.04.23 13:44:18 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TimeBrokerServer.dll [2013.04.23 13:44:17 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll [2013.04.23 13:44:17 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll [2013.04.23 13:44:17 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll [2013.04.23 13:44:17 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll [2013.04.23 13:44:17 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll [2013.04.23 13:44:17 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll [2013.04.23 13:44:17 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll [2013.04.23 13:44:17 | 000,337,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS [2013.04.23 13:44:17 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll [2013.04.23 13:44:17 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll [2013.04.23 13:44:16 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll [2013.04.23 13:44:16 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll [2013.04.23 13:44:16 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll [2013.04.23 13:44:16 | 000,194,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys [2013.04.23 13:44:16 | 000,125,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys [2013.04.23 13:44:16 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhost.exe [2013.04.23 13:44:16 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys [2013.04.23 13:44:15 | 000,283,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys [2013.04.23 13:44:15 | 000,212,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS [2013.04.23 13:44:15 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll [2013.04.23 13:44:15 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.cpl [2013.04.23 13:44:15 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\discan.dll [2013.04.23 13:44:15 | 000,148,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys [2013.04.23 13:44:15 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercfg.cpl [2013.04.23 13:44:15 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll [2013.04.23 13:44:15 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll [2013.04.23 13:44:15 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NdisImPlatform.dll [2013.04.23 13:44:15 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys [2013.04.23 13:44:15 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhostex.exe [2013.04.23 13:44:15 | 000,058,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe [2013.04.23 13:44:15 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevDispItemProvider.dll [2013.04.23 13:44:15 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll [2013.04.23 13:44:15 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll [2013.04.23 13:44:15 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuaext.dll [2013.04.23 13:44:14 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncInfo.dll [2013.04.23 13:44:14 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncInfo.dll [2013.04.23 13:44:14 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll [2013.04.23 13:44:14 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll [2013.04.23 13:44:14 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDPrintProxy.DLL [2013.04.23 13:44:14 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe [2013.04.23 13:44:14 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevDispItemProvider.dll [2013.04.23 13:44:14 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe [2013.04.23 13:44:14 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll [2013.04.23 13:44:12 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wushareduxresources.dll [2013.04.23 13:42:14 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\synceng.dll [2013.04.23 13:42:14 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\synceng.dll [2013.04.23 13:41:22 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2013.04.23 13:41:19 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll [2013.04.23 13:41:19 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll [2013.04.23 13:41:19 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll [2013.04.23 13:41:19 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll [2013.04.23 13:41:18 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll [2013.04.23 13:41:18 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll [2013.04.23 13:41:18 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll [2013.04.23 13:41:18 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll [2013.04.23 13:41:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll [2013.04.23 13:41:18 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe [2013.04.23 13:41:18 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll [2013.04.23 13:41:18 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll [2013.04.23 13:41:18 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll [2013.04.23 13:41:14 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll [2013.04.23 13:41:14 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll [2013.04.23 13:41:02 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tssdisai.dll [2013.04.23 13:41:02 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appserverai.dll [2013.04.23 13:41:02 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDWebAI.dll [2013.04.23 13:41:01 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe [2013.04.23 13:41:01 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe [2013.04.23 13:41:01 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VmHostAI.dll [2013.04.23 13:40:51 | 006,991,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe [2013.04.23 13:40:49 | 002,893,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll [2013.04.23 13:40:49 | 002,400,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll [2013.04.23 13:40:42 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll [2013.04.23 13:40:42 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll [2013.04.23 13:40:42 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgentc.exe [2013.04.23 13:40:42 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgentc.exe [2013.04.23 13:40:41 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll [2013.04.23 13:40:41 | 000,945,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resetengmig.dll [2013.04.23 13:40:41 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll [2013.04.23 13:40:41 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll [2013.04.23 13:40:41 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sysreset.exe [2013.04.23 13:40:33 | 013,643,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll [2013.04.23 13:40:32 | 010,792,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll [2013.04.23 13:40:30 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\duser.dll [2013.04.23 13:40:30 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlroamextension.dll [2013.04.23 13:40:30 | 000,488,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbport.sys [2013.04.23 13:40:30 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWanAPI.dll [2013.04.23 13:40:30 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll [2013.04.23 13:40:30 | 000,446,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS [2013.04.23 13:40:30 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlroamextension.dll [2013.04.23 13:40:30 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncsi.dll [2013.04.23 13:40:30 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Connectivity.dll [2013.04.23 13:40:30 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hotspotauth.dll [2013.04.23 13:40:30 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsRasterService.dll [2013.04.23 13:40:30 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthAvrcpTg.sys [2013.04.23 13:40:29 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll [2013.04.23 13:40:29 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpd_ci.dll [2013.04.23 13:40:29 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWanAPI.dll [2013.04.23 13:40:29 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mbsmsapi.dll [2013.04.23 13:40:29 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll [2013.04.23 13:40:29 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mbsmsapi.dll [2013.04.23 13:40:29 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsRasterService.dll [2013.04.23 13:40:29 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskkill.exe [2013.04.23 13:40:29 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tasklist.exe [2013.04.23 13:40:29 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys [2013.04.23 13:40:29 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tasklist.exe [2013.04.23 13:40:29 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\taskkill.exe [2013.04.23 13:40:29 | 000,061,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\crashdmp.sys [2013.04.23 13:40:29 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidi2c.sys [2013.04.23 13:40:29 | 000,021,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbd.sys [2013.04.23 13:40:28 | 000,029,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthhfHid.sys [2013.04.23 13:40:28 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys [2013.04.23 13:40:28 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmproxy.dll [2013.04.23 13:40:28 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmsprep.dll [2013.04.23 13:40:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcadm.dll [2013.04.23 13:40:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcalua.exe [2013.04.23 13:40:25 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaevts.dll [2013.04.23 13:40:24 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnet.dll [2013.04.23 13:40:23 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnet.dll [2013.04.23 13:40:23 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnathlp.dll [2013.04.23 13:40:23 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnathlp.dll [2013.04.23 13:40:23 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnsvr.exe [2013.04.23 13:40:23 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnsvr.exe [2013.04.23 13:40:23 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnhupnp.dll [2013.04.23 13:40:23 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnhpast.dll [2013.04.23 13:40:23 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnhupnp.dll [2013.04.23 13:40:23 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnhpast.dll [2013.04.23 13:40:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnlobby.dll [2013.04.23 13:40:23 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnaddr.dll [2013.04.23 13:40:23 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnlobby.dll [2013.04.23 13:40:23 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnaddr.dll [2013.04.23 13:40:19 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll [2013.04.23 13:40:18 | 001,437,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll [2013.04.23 13:40:18 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usb8023.sys [2013.04.23 13:40:16 | 000,230,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys [2013.04.23 13:40:16 | 000,035,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys [2013.04.23 13:40:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml6r.dll [2013.04.23 13:40:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msxml6r.dll [2013.04.23 13:40:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml3r.dll [2013.04.23 13:40:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msxml3r.dll [2013.04.23 13:40:02 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll [2013.04.23 13:40:02 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll [2013.04.23 13:40:02 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll [2013.04.23 13:40:02 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll [2013.04.23 13:40:02 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll [2013.04.23 13:40:02 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll [2013.04.23 13:40:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dciman32.dll [2013.04.23 13:40:02 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpk.dll [2013.04.23 13:30:36 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache [2013.04.23 13:30:36 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Packages [2013.04.23 12:57:24 | 000,000,000 | --SD | C] -- C:\Users\David\AppData\Roaming\Microsoft [2013.04.23 12:57:24 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2013.04.23 12:57:24 | 000,000,000 | R--D | C] -- C:\Users\David\Favorites [2013.04.23 12:57:24 | 000,000,000 | R--D | C] -- C:\Users\David\Desktop [2013.04.23 12:57:24 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.04.23 12:57:24 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2013.04.23 12:57:24 | 000,000,000 | -HSD | C] -- C:\Users\David\Vorlagen [2013.04.23 12:57:24 | 000,000,000 | -HSD | C] -- C:\Users\David\AppData\Local\Verlauf [2013.04.23 12:57:24 | 000,000,000 | -HSD | C] -- C:\Users\David\AppData\Local\Temporary Internet Files [2013.04.23 12:57:24 | 000,000,000 | -HSD | C] -- C:\Users\David\Startmenü [2013.04.23 12:57:24 | 000,000,000 | -HSD | C] -- C:\Users\David\SendTo [2013.04.23 12:57:24 | 000,000,000 | -HSD | C] -- C:\Users\David\Recent [2013.04.23 12:57:24 | 000,000,000 | -HSD | C] -- C:\Users\David\Netzwerkumgebung [2013.04.23 12:57:24 | 000,000,000 | -HSD | C] -- C:\Users\David\Lokale Einstellungen [2013.04.23 12:57:24 | 000,000,000 | -HSD | C] -- C:\Users\David\Documents\Eigene Videos [2013.04.23 12:57:24 | 000,000,000 | -HSD | C] -- C:\Users\David\Documents\Eigene Musik [2013.04.23 12:57:24 | 000,000,000 | -HSD | C] -- C:\Users\David\Eigene Dateien [2013.04.23 12:57:24 | 000,000,000 | -HSD | C] -- C:\Users\David\Documents\Eigene Bilder [2013.04.23 12:57:24 | 000,000,000 | -HSD | C] -- C:\Users\David\Druckumgebung [2013.04.23 12:57:24 | 000,000,000 | -HSD | C] -- C:\Users\David\Cookies [2013.04.23 12:57:24 | 000,000,000 | -HSD | C] -- C:\Users\David\AppData\Local\Anwendungsdaten [2013.04.23 12:57:24 | 000,000,000 | -HSD | C] -- C:\Users\David\Anwendungsdaten [2013.04.23 12:57:24 | 000,000,000 | -H-D | C] -- C:\Users\David\AppData [2013.04.23 12:57:24 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Temp [2013.04.23 12:57:24 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Microsoft [2013.04.23 12:57:24 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013.04.23 12:57:01 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2013.04.23 12:57:00 | 006,390,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll [2013.04.23 12:57:00 | 003,460,896 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll [2013.04.23 12:57:00 | 002,558,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll [2013.04.23 12:57:00 | 000,118,560 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll [2013.04.23 12:57:00 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll [2013.04.23 12:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2013.04.23 12:56:52 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2013.04.23 12:56:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2013.04.23 12:56:47 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2013.04.23 12:56:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM [2013.04.23 12:56:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2013.04.23 12:54:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies [2013.04.23 12:54:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild [2013.04.23 12:54:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer [2013.04.23 12:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2013.04.23 12:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2013.04.23 12:48:59 | 001,166,440 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll [2013.04.23 12:48:50 | 000,035,400 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe [2013.04.23 12:48:44 | 000,124,040 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll [2013.04.23 12:48:34 | 000,035,400 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe [2013.04.23 12:48:28 | 000,102,528 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll [2013.04.23 12:48:19 | 000,778,856 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll [2013.04.23 12:20:38 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Macromedia [2013.04.23 12:20:11 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Adobe [2013.04.23 12:16:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther [2013.04.23 10:53:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2013.04.22 22:30:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2 [2013.04.22 22:29:53 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Guild Wars 2 [2013.04.22 22:17:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2013.04.22 22:15:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2013.04.22 22:15:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2013.04.22 22:15:09 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Microsoft Help [2013.04.22 22:15:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2013.04.22 22:15:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2013.04.22 22:14:55 | 000,000,000 | RH-D | C] -- C:\MSOCache [2013.04.22 22:07:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\Wat [2013.04.22 22:07:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Wat [2013.04.22 21:33:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Security [2013.04.22 21:33:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Security [2013.04.22 21:30:21 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure [2013.04.22 20:49:45 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserchoice.exe [2013.04.22 20:39:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared [2013.04.22 20:32:33 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdrmemptylst.exe [2013.04.22 20:14:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN [2013.04.22 20:14:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\avmwlanstick [2013.04.22 20:14:32 | 000,714,368 | ---- | C] (AVM GmbH) -- C:\WINDOWS\SysNative\drivers\fwlanusbn.sys [2013.04.22 20:14:32 | 000,099,328 | ---- | C] (AVM Berlin) -- C:\WINDOWS\SysNative\fwusbnci.dll [2013.04.22 20:07:19 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Google [2013.04.22 18:14:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2013.04.22 18:12:09 | 000,000,000 | ---D | C] -- C:\NVIDIA [2013.04.22 18:12:08 | 000,068,928 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll [2013.04.22 18:12:08 | 000,061,248 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll [2013.04.22 18:11:45 | 001,466,176 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvgenco64.dll [2013.04.22 18:11:34 | 000,364,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdecodemft.dll [2013.04.22 18:11:34 | 000,301,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvdecodemft.dll [2013.04.22 18:10:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation [2013.04.22 18:07:06 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Intel Corporation [2013.04.22 18:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2013.04.22 18:04:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2013.04.22 18:04:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology [2013.04.22 18:04:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM106xSATA [2013.04.22 18:04:26 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [2013.04.22 18:04:21 | 000,568,600 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iaStor.sys [2013.04.22 18:03:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3 [2013.04.22 18:03:47 | 000,016,152 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iusb3hcs.sys [2013.04.22 18:03:41 | 000,355,096 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iusb3hub.sys [2013.04.22 18:03:40 | 000,786,200 | ---- | C] (Intel Corporation) -- C:\WINDOWS\SysNative\drivers\iusb3xhc.sys [2013.04.22 18:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2013.04.22 18:03:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent [2013.04.22 18:02:47 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\InstallShield [2013.04.22 18:02:32 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2013.04.22 17:07:31 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tosade.dll [2013.04.22 17:07:31 | 000,177,088 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tadefxapo264.dll [2013.04.22 17:07:31 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\SysNative\tadefxapo.dll [2013.04.22 17:07:31 | 000,065,432 | ---- | C] (TOSHIBA CORPORATION.) -- C:\WINDOWS\SysNative\tepeqapo64.dll [2013.04.22 17:07:21 | 002,603,864 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\WavesGUILib.dll [2013.04.22 17:07:20 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSX64.dll [2013.04.22 17:07:20 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFNHK64.dll [2013.04.22 17:07:20 | 000,220,776 | ---- | C] (Sony Corporation) -- C:\WINDOWS\SysNative\SFSS_APO.dll [2013.04.22 17:07:20 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSH64.dll [2013.04.22 17:07:20 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSHP64.dll [2013.04.22 17:07:20 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSWOW64.dll [2013.04.22 17:07:20 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFCOM64.dll [2013.04.22 17:07:20 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\WINDOWS\SysNative\SFAPO64.dll [2013.04.22 17:07:20 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\WINDOWS\SysWow64\SFCOM.dll [2013.04.22 17:07:19 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtlCPAPI64.dll [2013.04.22 17:07:15 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkCfg64.dll [2013.04.22 17:07:15 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkCoLDR64.dll [2013.04.22 17:07:14 | 000,823,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkApi64.dll [2013.04.22 17:07:13 | 003,747,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtkAPO64.dll [2013.04.22 17:07:11 | 002,615,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RtPgEx64.dll [2013.04.22 17:07:11 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTCOM64.dll [2013.04.22 17:07:10 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RTSnMg64.cpl [2013.04.22 17:07:08 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEP64A.dll [2013.04.22 17:07:08 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEED64A.dll [2013.04.22 17:07:08 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEL64A.dll [2013.04.22 17:07:08 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEG64A.dll [2013.04.22 17:07:07 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DHT64.dll [2013.04.22 17:07:07 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DAA64.dll [2013.04.22 17:07:07 | 000,100,968 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoInstII64.dll [2013.04.22 17:07:05 | 002,765,312 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SysNative\RCoRes64.dat [2013.04.22 17:06:59 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEP64A.dll [2013.04.22 17:06:59 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EED64A.dll [2013.04.22 17:06:59 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEL64A.dll [2013.04.22 17:06:59 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEG64A.dll [2013.04.22 17:06:58 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxVolumeSDAPO.dll [2013.04.22 17:06:58 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEA64A.dll [2013.04.22 17:06:57 | 001,247,576 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek264.dll [2013.04.22 17:06:55 | 005,996,376 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek.dll [2013.04.22 17:06:54 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioEQ.dll [2013.04.22 17:06:53 | 000,955,736 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPOShell64.dll [2013.04.22 17:06:53 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO30.dll [2013.04.22 17:06:52 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO20.dll [2013.04.22 17:06:50 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\WINDOWS\SysNative\KAAPORT64.dll [2013.04.22 17:06:33 | 002,528,832 | ---- | C] (Fortemedia Corporation) -- C:\WINDOWS\SysNative\FMAPO64.dll [2013.04.22 17:06:31 | 000,693,352 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSVoiceClarityDLL64.dll [2013.04.22 17:06:31 | 000,439,808 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PREC64.dll [2013.04.22 17:06:30 | 000,527,872 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PLFX64.dll [2013.04.22 17:06:30 | 000,515,584 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSU2PGFX64.dll [2013.04.22 17:06:29 | 000,712,296 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSSymmetryDLL64.dll [2013.04.22 17:06:28 | 001,756,264 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSS2SpeakerDLL64.dll [2013.04.22 17:06:27 | 001,568,360 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSS2HeadphoneDLL64.dll [2013.04.22 17:06:27 | 000,491,112 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSNeoPCDLL64.dll [2013.04.22 17:06:27 | 000,432,744 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSLimiterDLL64.dll [2013.04.22 17:06:27 | 000,242,792 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSLFXAPO64.dll [2013.04.22 17:06:26 | 000,428,648 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGainCompensatorDLL64.dll [2013.04.22 17:06:26 | 000,241,768 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGFXAPONS64.dll [2013.04.22 17:06:25 | 001,486,952 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSBoostDLL64.dll [2013.04.22 17:06:25 | 000,242,792 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGFXAPO64.dll [2013.04.22 17:06:24 | 000,728,680 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSBassEnhancementDLL64.dll [2013.04.22 17:06:21 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAC64.dll [2013.04.22 17:06:21 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\WINDOWS\SysNative\AERTAR64.dll [2013.04.22 17:06:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2013.04.22 17:06:19 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2013.04.22 17:06:18 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2013.04.22 17:06:16 | 001,698,408 | R--- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RtlExUpd.dll [2013.04.22 17:06:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2013.04.22 17:04:30 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\SysWow64\CSVer.dll [2013.04.22 17:04:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2013.04.22 17:04:22 | 000,000,000 | ---D | C] -- C:\Intel [2013.04.22 17:02:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\AsusInstAll [2013.04.22 17:02:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.04.22 17:02:09 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2013.04.22 17:02:07 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Google [2013.04.22 17:02:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2013.04.22 17:02:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013.04.22 17:00:30 | 000,016,896 | ---- | C] (ASUS) -- C:\WINDOWS\AsTaskSched.dll [2013.04.22 17:00:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\Chipset [2013.04.22 16:52:32 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\ElevatedDiagnostics [2013.04.22 16:47:55 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.04.22 16:47:55 | 000,000,000 | R--D | C] -- C:\Users\David\Searches [2013.04.22 16:47:55 | 000,000,000 | R--D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.04.22 16:47:50 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Identities [2013.04.22 16:47:49 | 000,000,000 | R--D | C] -- C:\Users\David\Contacts [2013.04.22 16:47:48 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\VirtualStore [2013.04.22 16:47:46 | 000,000,000 | R--D | C] -- C:\Users\David\Videos [2013.04.22 16:47:46 | 000,000,000 | R--D | C] -- C:\Users\David\Saved Games [2013.04.22 16:47:46 | 000,000,000 | R--D | C] -- C:\Users\David\Pictures [2013.04.22 16:47:46 | 000,000,000 | R--D | C] -- C:\Users\David\Music [2013.04.22 16:47:46 | 000,000,000 | R--D | C] -- C:\Users\David\Links [2013.04.22 16:47:46 | 000,000,000 | R--D | C] -- C:\Users\David\Downloads [2013.04.22 16:47:46 | 000,000,000 | R--D | C] -- C:\Users\David\Documents [2013.04.22 16:47:46 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Media Center Programs [2013.04.22 16:47:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2013.04.22 16:47:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2013.04.22 16:47:43 | 000,000,000 | -HSD | C] -- C:\Recovery [2013.04.22 16:47:43 | 000,000,000 | -HSD | C] -- C:\Programme [2013.04.22 16:47:43 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2013.04.22 16:47:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2013.04.22 16:47:43 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2013.04.22 16:47:43 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2013.04.22 16:47:43 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2013.04.22 16:47:43 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2013.04.22 16:47:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2013.04.22 16:47:43 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2013.04.22 16:47:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2013.04.22 16:38:16 | 000,000,000 | -HSD | C] -- C:\System Volume Information [1 C:\Users\David\AppData\Local\*.tmp files -> C:\Users\David\AppData\Local\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.04.27 16:12:06 | 000,001,108 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.04.27 16:10:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe [2013.04.27 16:10:25 | 000,001,104 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.04.27 16:09:25 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.04.27 01:19:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.04.25 16:10:13 | 000,001,159 | ---- | M] () -- C:\Users\David\Desktop\Unknown Device Identifier.lnk [2013.04.25 16:09:19 | 000,000,079 | ---- | M] () -- C:\Users\David\Desktop\Huntersoft Free Download.url [2013.04.24 15:40:45 | 001,745,416 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2013.04.24 15:40:45 | 000,751,892 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat [2013.04.24 15:40:45 | 000,710,046 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2013.04.24 15:40:45 | 000,155,620 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat [2013.04.24 15:40:45 | 000,132,416 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2013.04.24 15:36:27 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.04.24 15:36:21 | 4259,774,462 | -HS- | M] () -- C:\hiberfil.sys [2013.04.23 15:34:01 | 000,890,815 | ---- | M] () -- C:\Users\David\Desktop\SecurityCheck.exe [2013.04.23 13:01:46 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.04.23 13:00:21 | 000,043,818 | ---- | M] () -- C:\WINDOWS\diagwrn.xml [2013.04.23 13:00:21 | 000,043,818 | ---- | M] () -- C:\WINDOWS\diagerr.xml [2013.04.23 13:00:18 | 000,022,960 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat [2013.04.23 12:28:15 | 000,694,232 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00C.dat [2013.04.23 12:28:15 | 000,693,256 | ---- | M] () -- C:\WINDOWS\SysNative\perfh00A.dat [2013.04.23 12:28:15 | 000,688,910 | ---- | M] () -- C:\WINDOWS\SysNative\perfh010.dat [2013.04.23 12:28:15 | 000,679,144 | ---- | M] () -- C:\WINDOWS\SysNative\prfh0816.dat [2013.04.23 12:28:15 | 000,610,004 | ---- | M] () -- C:\WINDOWS\SysNative\perfh01F.dat [2013.04.23 12:28:15 | 000,136,864 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00A.dat [2013.04.23 12:28:15 | 000,133,554 | ---- | M] () -- C:\WINDOWS\SysNative\prfc0816.dat [2013.04.23 12:28:15 | 000,129,942 | ---- | M] () -- C:\WINDOWS\SysNative\perfc00C.dat [2013.04.23 12:28:15 | 000,126,946 | ---- | M] () -- C:\WINDOWS\SysNative\perfc010.dat [2013.04.23 12:28:15 | 000,121,328 | ---- | M] () -- C:\WINDOWS\SysNative\perfc01F.dat [2013.04.23 12:21:28 | 000,014,832 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.23 12:21:28 | 000,014,832 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.22 22:30:17 | 000,000,599 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk [2013.04.22 22:08:17 | 000,001,194 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft-Maus- und Tastatur-Center installieren.lnk [2013.04.22 21:47:40 | 000,042,672 | ---- | M] () -- C:\WINDOWS\SysWow64\drivers\fsbts.sys [2013.04.22 21:47:34 | 000,019,653 | ---- | M] () -- C:\WINDOWS\prodsett_copy.ini [2013.04.22 21:33:29 | 000,002,039 | ---- | M] () -- C:\Users\Public\Desktop\Launch Pad.lnk [2013.04.22 21:27:32 | 000,001,750 | ---- | M] () -- C:\Users\Public\Desktop\Browserwahl.lnk [2013.04.22 20:18:57 | 000,000,355 | ---- | M] () -- C:\Users\David\Desktop\Computer - Verknüpfung.lnk [2013.04.22 18:07:20 | 000,000,000 | ---- | M] () -- C:\Users\David\AppData\Local\{21BB0CD3-97D2-4E03-8E5E-040EB6A4708C} [2013.04.22 18:05:45 | 000,057,119 | ---- | M] () -- C:\WINDOWS\Ascd_log.ini [2013.04.22 18:03:51 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf [2013.04.22 17:00:30 | 000,016,896 | ---- | M] (ASUS) -- C:\WINDOWS\AsTaskSched.dll [2013.04.22 17:00:11 | 000,040,227 | ---- | M] () -- C:\WINDOWS\Ascd_tmp.ini [2013.04.22 16:59:58 | 000,001,769 | ---- | M] () -- C:\WINDOWS\Language_trs.ini [2013.04.22 16:50:24 | 000,000,000 | -H-- | M] () -- C:\Users\David\Documents\Default.rdp [2013.04.03 00:08:01 | 000,692,576 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2013.04.03 00:08:01 | 000,078,176 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl [1 C:\Users\David\AppData\Local\*.tmp files -> C:\Users\David\AppData\Local\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.04.25 16:09:19 | 000,000,079 | ---- | C] () -- C:\Users\David\Desktop\Huntersoft Free Download.url [2013.04.25 16:09:17 | 000,001,159 | ---- | C] () -- C:\Users\David\Desktop\Unknown Device Identifier.lnk [2013.04.24 14:38:47 | 000,110,592 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll [2013.04.24 14:38:47 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll [2013.04.23 15:34:01 | 000,890,815 | ---- | C] () -- C:\Users\David\Desktop\SecurityCheck.exe [2013.04.23 15:07:25 | 000,002,143 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser Choice.lnk [2013.04.23 13:44:17 | 000,387,867 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml [2013.04.23 13:30:56 | 000,001,438 | ---- | C] () -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.04.23 13:00:18 | 000,022,960 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat [2013.04.23 12:57:31 | 000,043,818 | ---- | C] () -- C:\WINDOWS\diagwrn.xml [2013.04.23 12:57:31 | 000,043,818 | ---- | C] () -- C:\WINDOWS\diagerr.xml [2013.04.23 12:57:00 | 002,953,448 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin [2013.04.23 12:56:18 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys [2013.04.23 10:53:56 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.04.22 22:30:17 | 000,000,599 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk [2013.04.22 22:08:17 | 000,001,194 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft-Maus- und Tastatur-Center installieren.lnk [2013.04.22 21:47:40 | 000,042,672 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\fsbts.sys [2013.04.22 21:47:34 | 000,019,653 | ---- | C] () -- C:\WINDOWS\prodsett_copy.ini [2013.04.22 21:33:29 | 000,002,039 | ---- | C] () -- C:\Users\Public\Desktop\Launch Pad.lnk [2013.04.22 21:27:32 | 000,001,750 | ---- | C] () -- C:\Users\Public\Desktop\Browserwahl.lnk [2013.04.22 20:18:57 | 000,000,355 | ---- | C] () -- C:\Users\David\Desktop\Computer - Verknüpfung.lnk [2013.04.22 20:14:36 | 000,013,189 | R--- | C] () -- C:\WINDOWS\instwcli.inf [2013.04.22 20:14:32 | 000,015,565 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\fwlanusbn.bin [2013.04.22 18:07:05 | 000,000,000 | ---- | C] () -- C:\Users\David\AppData\Local\{21BB0CD3-97D2-4E03-8E5E-040EB6A4708C} [2013.04.22 18:03:51 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf [2013.04.22 18:03:28 | 000,015,128 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\IntelMEFWVer.dll [2013.04.22 17:07:33 | 000,001,332 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\DTSU2P.DAT [2013.04.22 17:07:07 | 000,206,088 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\RTAIODAT.DAT [2013.04.22 17:02:49 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.04.22 17:02:08 | 000,001,108 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.04.22 17:02:08 | 000,001,104 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.04.22 17:01:47 | 000,057,119 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2013.04.22 16:59:51 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini [2013.04.22 16:59:47 | 000,040,227 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2013.04.22 16:50:24 | 000,000,000 | -H-- | C] () -- C:\Users\David\Documents\Default.rdp [2013.04.22 16:38:16 | 4259,774,462 | -HS- | C] () -- C:\hiberfil.sys [2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2012.01.10 20:39:16 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.03.02 04:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.03.02 10:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
|
27.04.2013, 15:22
| #19 |
| /// Helfer-Team | JS:Trojan.JS.Iframe.DH (Virus) Ou man... deinstalliere den ganzen Crap, der mit der Recovery mitinstalliert wurde. Insbesondere alles von Norton und F-Secure. |
|
27.04.2013, 18:55
| #20 |
| | JS:Trojan.JS.Iframe.DH (Virus) Wie meinst du? F-Secure musste ich neu installieren und Norton habe ich doch bereits deinstalliert. |
|
28.04.2013, 14:47
| #21 |
| /// Helfer-Team | JS:Trojan.JS.Iframe.DH (Virus) Ja, aber die Reste sind noch da, versuche es mal mit: ftp://ftp.symantec.com/public/deutsc...moval_Tool.exe
__________________ --> JS:Trojan.JS.Iframe.DH (Virus) |
|
29.04.2013, 13:30
| #22 |
| | JS:Trojan.JS.Iframe.DH (Virus) Meine Maus spielt ab und an verrückt. Wenn ich sie Bewege, laggt die nur noch hinterher oder bewegt sich kaum. |
|
29.04.2013, 14:43
| #23 |
| /// Helfer-Team | JS:Trojan.JS.Iframe.DH (Virus) Maus defekt? Am anderen PC probiert? Andere Maus zur Hand? |
|
29.04.2013, 14:52
| #24 |
| | JS:Trojan.JS.Iframe.DH (Virus) Mhm die maus habe ich erst seit einem Jahr und wie gesagt es ist nicht immer der Fall, dass sie spinnt. Und wie siehts mit meinem pc eig aus? |
|
29.04.2013, 20:26
| #25 |
| /// Helfer-Team | JS:Trojan.JS.Iframe.DH (Virus) Scheint alles OK, zur Kontrolle: Downloade Dir bitte  Malwarebytes Anti-Malware
dann: Downloade Dir bitte  SecurityCheck und:
|
|
02.05.2013, 16:24
| #26 |
| | JS:Trojan.JS.Iframe.DH (Virus)Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.05.02.04 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16540 David :: DAVID-PC [Administrator] 02.05.2013 17:22:06 mbam-log-2013-05-02 (17-22-06).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 270392 Laufzeit: 52 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Results of screen317's Security Check version 0.99.62 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Computer Security Windows Defender Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Google Chrome 11.0.696.77 Google Chrome 26.0.1410.64 ````````Process Check: objlist.exe by Laurent```````` Internet Security apps ComputerSecurity Anti-Virus\FSGK32.EXE Internet Security apps ComputerSecurity Anti-Virus\fssm32.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
|
03.05.2013, 09:27
| #27 |
| /// Helfer-Team | JS:Trojan.JS.Iframe.DH (Virus) Japp, alles prima  |
|
03.05.2013, 20:34
| #28 |
| | JS:Trojan.JS.Iframe.DH (Virus) Okay vielen Dank! Woran kann aber die Verlangsamung des PC liegen? |
|
03.05.2013, 20:48
| #29 |
| /// Helfer-Team | JS:Trojan.JS.Iframe.DH (Virus) Was meinst du mit Verlangsamung? Wann war es schneller? Du vergleichst doch nicht Windows 7 und Windows 8, oder? |
|
04.05.2013, 14:29
| #30 |
| | JS:Trojan.JS.Iframe.DH (Virus) Das Internet ist um einiges langsamer als vor dem neu aufsetzen. |
|
| Themen zu JS:Trojan.JS.Iframe.DH (Virus) |
| aktion, appdata, bingbar, c:\windows, code, dateien, desktop, ergebnis, erhalte, hallo zusammen, internet, js:trojan.js.iframe.dh, klicke, launch, malware, microsoft, nodrives, pagefile.sys, quarantäne, software, system, system32, temporary, tippen, virus, windows |
Linear-Darstellung
