| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Pc Optimizer Pro > Win8: "Auffrischen-Funktion" ausreichend?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.05.2013, 08:22
| #1 |
| |  Pc Optimizer Pro > Win8: "Auffrischen-Funktion" ausreichend? Hallo Zusammen, wie so mancher habe ich mir über eine Freeware das Tolle Programm "Pc Optimizer Pro" gleich mitinstalliert. Gewundert hatte es mich zwar, dass im Setup keine Benutzerdefinierte Installation angeboten wurde, aber Brain.exe war leider nicht auf Prio 1 geschaltet. Lange Rede kurzer Sinn: Meine Rechner fährt unter Windows 8 x64 pro. Nach erfolglosen manuellen deinstallationsversuchen des "Pc Optimizer Pro", habe ich die 'Auffrischen-Funktion' von Windos8 durchgeführt. Nun ist also bis auf die Benutzereinstellungen und den Dokumenten wieder alles auf Null und keine Fremdsoftware mehr installiert. Meine Frage wäre nun, ob mein System auch damit wieder sauber ist bzw. ob der "Pc Optimizer Pro" bekannt für resistente Programmreste ist die sich evtl. auf nem anderen Laufwerk kopiert haben könnten? Einen Thread bezüglich des entfernens habe ich u.a. hier gefunden... http://www.trojaner-board.de/129415-...ro-laptop.html ... aber ist dies überhaupt noch Notwendig wenn das System selbst auf "Null" ist? Vorab vielen Dank für's lesen und gffs. antworten  Grüße unitone |
|
10.05.2013, 21:39
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Pc Optimizer Pro > Win8: "Auffrischen-Funktion" ausreichend? Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
13.05.2013, 07:43
| #3 |
| | Pc Optimizer Pro > Win8: "Auffrischen-Funktion" ausreichend? Hallo cosinus,
__________________der installierte Scanner (GDATA 2014) fand beim Vollscan nichts. Ich habe "mbar" wie in einer Anleitung von hier ausgeführt und hier ist der Log davon: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.05.10.06
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16384
HOME :: HOME-PC [administrator]
10.05.2013 18:22:19
mbar-log-2013-05-10 (18-22-19).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 28082
Time elapsed: 6 minute(s), 2 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Wenn ich es richtig verstanden habe, handelt es sich bei diesem "PC Optimizer Pro" ja "nur" um so genannte "Scareware", die nervt und einen nötigt diese zu kaufen. Sollte ich sicherheitshalber noch einen anderen Scanner drüber laufen lassen? Die Freeware (Savegame-Editor) über die sich der Optimizer mitinstallierte wurde über c|net bereitgestellt, die offenbar für so nen Müll bekannt sind. |
|
13.05.2013, 10:46
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Pc Optimizer Pro > Win8: "Auffrischen-Funktion" ausreichend? Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Erstmal eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.05.2013, 16:09
| #5 |
| | Pc Optimizer Pro > Win8: "Auffrischen-Funktion" ausreichend? Hallo cosinus, hier die Logs: OTL: OTL Logfile: Code:
ATTFilter OTL logfile created on: 13.05.2013 16:19:11 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Home\Downloads 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,99 Gb Total Physical Memory | 3,09 Gb Available Physical Memory | 77,40% Memory free 7,49 Gb Paging File | 6,21 Gb Available in Paging File | 82,87% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 537,11 Gb Total Space | 283,42 Gb Free Space | 52,77% Space Free | Partition Type: NTFS Drive D: | 136,62 Gb Total Space | 126,39 Gb Free Space | 92,51% Space Free | Partition Type: NTFS Drive E: | 723,43 Gb Total Space | 190,91 Gb Free Space | 26,39% Space Free | Partition Type: NTFS Drive H: | 478,40 Gb Total Space | 222,48 Gb Free Space | 46,51% Space Free | Partition Type: FAT32 Drive I: | 452,99 Gb Total Space | 284,02 Gb Free Space | 62,70% Space Free | Partition Type: NTFS Computer Name: HOME-PC | User Name: Home | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Home\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Users\Home\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) PRC - C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.) PRC - C:\Programme\Classic Shell\ClassicShellService.exe (IvoSoft) PRC - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) PRC - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG) PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (nlsX86cc) -- C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.) SRV - (NitroDriverReadSpool8) -- C:\Programme\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe (Nitro PDF Software) SRV - (ClassicShellService) -- C:\Programme\Classic Shell\ClassicShellService.exe (IvoSoft) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) SRV - (GDFwSvc) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) SRV - (AVKWCtl) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe (G Data Software AG) SRV - (AVKService) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG) SRV - (ose64) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) ========== Driver Services (SafeList) ========== DRV:64bit: - (GRD) -- C:\Windows\SysNative\Drivers\GRD.sys (G Data Software) DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\Drivers\gdwfpcd64.sys (G Data Software AG) DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\Drivers\PktIcpt.sys (G Data Software AG) DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\Drivers\MiniIcpt.sys (G Data Software AG) DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\Drivers\HookCentre.sys (G Data Software AG) DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\Drivers\GDBehave.sys (G Data Software AG) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation) DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation) DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation) DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation) DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (e1iexpress) -- C:\Windows\SysNative\Drivers\e1i63x64.sys (Intel Corporation) DRV:64bit: - (VClone) -- C:\Windows\SysNative\Drivers\VClone.sys (Elaborate Bytes AG) DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV:64bit: - (BrSerIf) -- C:\Windows\SysNative\Drivers\BrSerIf.sys (Brother Industries Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-358329353-3434552568-1678841897-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-358329353-3434552568-1678841897-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-358329353-3434552568-1678841897-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-358329353-3434552568-1678841897-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-358329353-3434552568-1678841897-1001\..\SearchScopes,DefaultScope = ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledAddons: %7BB17C1C5A-04B1-11DB-9804-B622A1EF5492%7D:1.2.1 FF - prefs.js..extensions.enabledAddons: %7B987311C6-B504-4aa2-90BF-60CC49808D42%7D:2.2 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.10 08:56:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.11 09:26:14 | 000,000,000 | ---D | M] [2013.05.10 08:56:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Extensions [2013.05.13 10:06:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\Profiles\t1s9i1mv.default\extensions [2013.05.10 21:56:13 | 000,022,573 | ---- | M] () (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\firefox\profiles\t1s9i1mv.default\extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi [2013.05.10 21:56:13 | 000,089,442 | ---- | M] () (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\firefox\profiles\t1s9i1mv.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2013.05.13 10:06:37 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\firefox\profiles\t1s9i1mv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.05.10 08:56:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.04.10 08:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.01.11 03:06:08 | 000,033,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013.04.10 10:18:46 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.04.10 10:18:46 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.04.10 10:18:46 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.04.10 10:18:46 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.04.10 10:18:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.04.10 10:18:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2:64bit: - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft) O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft) O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft) O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft) O4 - HKLM..\Run: [G Data AntiVirus Tray] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG) O4 - HKU\S-1-5-21-358329353-3434552568-1678841897-1000..\Run: [Spotify Web Helper] C:\Users\Home\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4F73189D-AD46-4AB7-BDD0-D998663B1668}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{d52d490d-9f63-11e2-be7c-00016c70cd78}\Shell - "" = AutoRun O33 - MountPoints2\{d52d490d-9f63-11e2-be7c-00016c70cd78}\Shell\AutoRun\command - "" = "P:\SETUP.EXE" O33 - MountPoints2\{d52d490d-9f63-11e2-be7c-00016c70cd78}\Shell\configure\command - "" = P:\SETUP.EXE O33 - MountPoints2\{d52d490d-9f63-11e2-be7c-00016c70cd78}\Shell\install\command - "" = P:\SETUP.EXE O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.13 09:10:00 | 000,692,576 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2013.05.13 09:10:00 | 000,078,176 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl [2013.05.13 09:06:54 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice [2013.05.11 14:19:54 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Daring_Development_Inc [2013.05.11 14:19:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Horizon [2013.05.11 14:19:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Daring Development [2013.05.11 12:56:58 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Canneverbe Limited [2013.05.11 12:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited [2013.05.11 11:26:09 | 000,000,000 | ---D | C] -- C:\Users\Home\Documents\Any Video Converter [2013.05.11 11:25:54 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\AnvSoft [2013.05.11 11:25:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft [2013.05.11 11:25:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnvSoft [2013.05.11 11:25:25 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Programs [2013.05.11 08:33:57 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\vlc [2013.05.10 22:05:43 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\MAGIX [2013.05.10 22:03:08 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\gsak [2013.05.10 22:01:34 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Xara [2013.05.10 22:01:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Shared [2013.05.10 22:01:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX [2013.05.10 21:59:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX [2013.05.10 21:58:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies [2013.05.10 21:58:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild [2013.05.10 21:57:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer [2013.05.10 21:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2013.05.10 21:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2013.05.10 21:55:05 | 000,778,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll [2013.05.10 21:55:05 | 000,035,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe [2013.05.10 21:55:04 | 000,102,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll [2013.05.10 21:55:03 | 001,166,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll [2013.05.10 21:55:03 | 000,124,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll [2013.05.10 21:55:03 | 000,035,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe [2013.05.10 21:52:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services [2013.05.10 21:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX [2013.05.10 21:52:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2013.05.10 19:32:21 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\G DATA [2013.05.10 19:32:04 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\G Data [2013.05.10 19:32:00 | 000,000,000 | ---D | C] -- C:\Users\Home\Documents\Outlook-Dateien [2013.05.10 19:14:29 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Nitro [2013.05.10 19:14:29 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\FileOpen [2013.05.10 19:14:29 | 000,000,000 | ---D | C] -- C:\ProgramData\FileOpen [2013.05.10 19:13:12 | 000,029,704 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalmon2.dll [2013.05.10 19:13:12 | 000,017,928 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalui2.dll [2013.05.10 19:13:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro [2013.05.10 19:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro [2013.05.10 19:13:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro [2013.05.10 19:13:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nitro [2013.05.10 19:09:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 [2013.05.10 19:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2013.05.10 19:08:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server [2013.05.10 19:08:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2013.05.10 19:07:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH [2013.05.10 19:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server [2013.05.10 19:05:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2013.05.10 19:05:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2013.05.10 19:05:08 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Microsoft Help [2013.05.10 19:05:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2013.05.10 19:05:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2013.05.10 19:05:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2013.05.10 19:04:07 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Downloaded Installations [2013.05.10 19:00:02 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\WinRAR [2013.05.10 19:00:02 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.05.10 19:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.05.10 18:59:58 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2013.05.10 18:59:31 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Spotify [2013.05.10 18:58:56 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Spotify [2013.05.10 18:57:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes [2013.05.10 18:57:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes [2013.05.10 18:55:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013.05.10 18:55:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2013.05.10 18:54:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GSAK [2013.05.10 18:54:00 | 002,068,480 | ---- | C] (Chilkat Software, Inc.) -- C:\WINDOWS\SysWow64\ChilkatHttp.dll [2013.05.10 18:54:00 | 000,111,104 | ---- | C] (Inprise Corporation) -- C:\WINDOWS\SysWow64\midas.dll [2013.05.10 18:53:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\gsak [2013.05.10 18:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client [2013.05.10 18:49:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client [2013.05.10 18:49:05 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Macromedia [2013.05.10 18:48:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP [2013.05.10 18:47:20 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Alt.Binz [2013.05.10 18:47:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alt.Binz [2013.05.10 18:47:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alt.Binz [2013.05.10 18:45:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2013.05.10 16:33:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.05.10 16:32:54 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\mbar [2013.05.10 10:23:52 | 000,016,944 | ---- | C] (G Data Software) -- C:\WINDOWS\SysNative\drivers\GdPhyMem.sys [2013.05.10 10:23:37 | 000,107,128 | ---- | C] (G Data Software) -- C:\WINDOWS\SysNative\drivers\GRD.sys [2013.05.10 10:20:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity 2014 [2013.05.10 10:14:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies [2013.05.10 10:13:04 | 026,956,576 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll [2013.05.10 10:13:04 | 020,542,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll [2013.05.10 10:13:04 | 007,573,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll [2013.05.10 10:13:04 | 006,271,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll [2013.05.10 10:13:02 | 017,990,800 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll [2013.05.10 10:13:02 | 015,042,928 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll [2013.05.10 10:13:02 | 009,414,456 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll [2013.05.10 10:13:02 | 007,959,000 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll [2013.05.10 10:13:02 | 002,913,056 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll [2013.05.10 10:13:02 | 002,728,736 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll [2013.05.10 10:13:02 | 002,355,488 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll [2013.05.10 10:13:02 | 001,995,552 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll [2013.05.10 10:13:02 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6431422.dll [2013.05.10 10:13:02 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6431422.dll [2013.05.10 10:13:01 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll [2013.05.10 10:13:01 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll [2013.05.10 10:13:01 | 002,539,128 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll [2013.05.10 09:57:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2013.05.10 09:57:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.05.10 09:57:06 | 000,866,720 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\npDeployJava1.dll [2013.05.10 09:57:06 | 000,788,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\deployJava1.dll [2013.05.10 09:57:06 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe [2013.05.10 09:57:05 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe [2013.05.10 09:57:05 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe [2013.05.10 09:57:05 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll [2013.05.10 09:57:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2013.05.10 09:47:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans [2013.05.10 09:46:03 | 000,000,000 | ---D | C] -- C:\Program Files\NetBeans 7.3 [2013.05.10 09:46:01 | 001,092,512 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\npDeployJava1.dll [2013.05.10 09:46:01 | 000,971,680 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\deployJava1.dll [2013.05.10 09:46:01 | 000,311,200 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaws.exe [2013.05.10 09:45:59 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaw.exe [2013.05.10 09:45:59 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\java.exe [2013.05.10 09:45:59 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\WindowsAccessBridge-64.dll [2013.05.10 09:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2013.05.10 09:41:11 | 000,000,000 | ---D | C] -- C:\Windows.old [2013.05.10 09:33:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2013.05.10 09:31:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther [2013.05.10 09:29:46 | 000,064,824 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\PktIcpt.sys [2013.05.10 09:29:34 | 000,068,408 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\gdwfpcd64.sys [2013.05.10 09:29:32 | 000,133,976 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\MiniIcpt.sys [2013.05.10 09:29:32 | 000,064,856 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\HookCentre.sys [2013.05.10 09:29:31 | 000,060,248 | ---- | C] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\GDBehave.sys [2013.05.10 09:26:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\G Data [2013.05.10 09:26:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data [2013.05.10 09:16:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2013.05.10 09:16:09 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2013.05.10 09:16:02 | 006,398,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll [2013.05.10 09:16:02 | 003,477,280 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll [2013.05.10 09:16:02 | 002,555,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll [2013.05.10 09:16:02 | 000,237,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll [2013.05.10 09:16:02 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll [2013.05.10 09:15:31 | 000,061,216 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll [2013.05.10 09:15:31 | 000,053,024 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll [2013.05.10 09:15:06 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2013.05.10 09:14:56 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2013.05.10 09:09:10 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll [2013.05.10 09:09:10 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll [2013.05.10 09:08:57 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll [2013.05.10 09:08:57 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll [2013.05.10 09:08:57 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll [2013.05.10 09:08:57 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll [2013.05.10 09:08:57 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll [2013.05.10 09:08:57 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll [2013.05.10 09:08:57 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll [2013.05.10 09:08:56 | 000,058,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe [2013.05.10 09:08:54 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll [2013.05.10 09:08:54 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll [2013.05.10 09:08:54 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll [2013.05.10 09:08:54 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll [2013.05.10 09:08:54 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll [2013.05.10 09:08:54 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll [2013.05.10 09:08:54 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevDispItemProvider.dll [2013.05.10 09:08:54 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevDispItemProvider.dll [2013.05.10 09:08:53 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll [2013.05.10 09:08:53 | 002,033,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll [2013.05.10 09:08:53 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll [2013.05.10 09:08:53 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BCP47Langs.dll [2013.05.10 09:08:53 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.cpl [2013.05.10 09:08:53 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercfg.cpl [2013.05.10 09:08:52 | 002,302,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll [2013.05.10 09:08:52 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll [2013.05.10 09:08:52 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll [2013.05.10 09:08:52 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47Langs.dll [2013.05.10 09:08:52 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll [2013.05.10 09:08:52 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ubpm.dll [2013.05.10 09:08:52 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NdisImPlatform.dll [2013.05.10 09:08:52 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhost.exe [2013.05.10 09:08:52 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhostex.exe [2013.05.10 09:08:51 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll [2013.05.10 09:08:51 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll [2013.05.10 09:08:51 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll [2013.05.10 09:08:51 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll [2013.05.10 09:08:51 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDPrintProxy.DLL [2013.05.10 09:08:50 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll [2013.05.10 09:08:50 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncInfo.dll [2013.05.10 09:08:49 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll [2013.05.10 09:08:49 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll [2013.05.10 09:08:49 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll [2013.05.10 09:08:49 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll [2013.05.10 09:08:49 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll [2013.05.10 09:08:49 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll [2013.05.10 09:08:49 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncInfo.dll [2013.05.10 09:08:48 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TimeBrokerServer.dll [2013.05.10 09:08:48 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\discan.dll [2013.05.10 09:08:46 | 005,978,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll [2013.05.10 09:08:46 | 005,091,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll [2013.05.10 09:08:46 | 001,627,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll [2013.05.10 09:08:46 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll [2013.05.10 09:08:46 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll [2013.05.10 09:08:46 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe [2013.05.10 09:08:46 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe [2013.05.10 09:08:45 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll [2013.05.10 09:08:45 | 000,332,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys [2013.05.10 09:08:44 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS [2013.05.10 09:08:44 | 000,327,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys [2013.05.10 09:08:44 | 000,194,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys [2013.05.10 09:08:44 | 000,125,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys [2013.05.10 09:08:44 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys [2013.05.10 09:08:43 | 000,337,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS [2013.05.10 09:08:43 | 000,283,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys [2013.05.10 09:08:43 | 000,148,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys [2013.05.10 09:08:43 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys [2013.05.10 09:08:00 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll [2013.05.10 09:08:00 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll [2013.05.10 09:08:00 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll [2013.05.10 09:07:58 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll [2013.05.10 09:07:58 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll [2013.05.10 09:07:57 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll [2013.05.10 09:07:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll [2013.05.10 09:07:55 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe [2013.05.10 09:07:55 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll [2013.05.10 09:07:54 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2013.05.10 09:07:53 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll [2013.05.10 09:07:53 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll [2013.05.10 09:07:35 | 006,991,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe [2013.05.10 09:07:32 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll [2013.05.10 09:07:32 | 001,437,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll [2013.05.10 09:07:09 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll [2013.05.10 09:07:09 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncsi.dll [2013.05.10 09:07:09 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskkill.exe [2013.05.10 09:07:09 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tasklist.exe [2013.05.10 09:07:09 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tasklist.exe [2013.05.10 09:07:09 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\taskkill.exe [2013.05.10 09:07:09 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmproxy.dll [2013.05.10 09:07:09 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmsprep.dll [2013.05.10 09:07:08 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll [2013.05.10 09:07:08 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsRasterService.dll [2013.05.10 09:07:08 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsRasterService.dll [2013.05.10 09:07:07 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpd_ci.dll [2013.05.10 09:07:07 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlroamextension.dll [2013.05.10 09:07:07 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlroamextension.dll [2013.05.10 09:07:07 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll [2013.05.10 09:07:06 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWanAPI.dll [2013.05.10 09:07:06 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWanAPI.dll [2013.05.10 09:07:06 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Connectivity.dll [2013.05.10 09:07:06 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hotspotauth.dll [2013.05.10 09:07:06 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mbsmsapi.dll [2013.05.10 09:07:06 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mbsmsapi.dll [2013.05.10 09:07:05 | 013,643,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll [2013.05.10 09:07:05 | 010,792,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll [2013.05.10 09:07:04 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\duser.dll [2013.05.10 09:07:02 | 000,061,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\crashdmp.sys [2013.05.10 09:07:01 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthAvrcpTg.sys [2013.05.10 09:07:00 | 000,446,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS [2013.05.10 09:07:00 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys [2013.05.10 09:06:28 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll [2013.05.10 09:06:28 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll [2013.05.10 09:06:08 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usb8023.sys [2013.05.10 09:05:55 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll [2013.05.10 09:05:55 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll [2013.05.10 09:05:36 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmc.exe [2013.05.10 09:05:35 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncbservice.dll [2013.05.10 09:05:35 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxm.dll [2013.05.10 09:05:35 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhsvc.dll [2013.05.10 09:05:35 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhapi.dll [2013.05.10 09:05:35 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxp.dll [2013.05.10 09:05:35 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\keepaliveprovider.dll [2013.05.10 09:05:34 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupapi.dll [2013.05.10 09:05:34 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll [2013.05.10 09:05:34 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll [2013.05.10 09:05:34 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDMon.dll [2013.05.10 09:05:34 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetpp.dll [2013.05.10 09:05:33 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll [2013.05.10 09:05:33 | 000,820,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpprefcl.dll [2013.05.10 09:05:33 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP4SDECD.DLL [2013.05.10 09:05:33 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll [2013.05.10 09:05:33 | 000,582,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpprefcl.dll [2013.05.10 09:05:33 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP4SDECD.DLL [2013.05.10 09:05:33 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll [2013.05.10 09:05:33 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srm.dll [2013.05.10 09:05:33 | 000,278,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srm.dll [2013.05.10 09:05:33 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srmstormod.dll [2013.05.10 09:05:33 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srmstormod.dll [2013.05.10 09:05:33 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiaacmgr.exe [2013.05.10 09:05:33 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiaacmgr.exe [2013.05.10 09:05:32 | 002,094,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmc.exe [2013.05.10 09:05:30 | 000,303,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys [2013.05.10 09:05:29 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll [2013.05.10 09:05:29 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll [2013.05.10 09:05:29 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll [2013.05.10 09:05:29 | 000,028,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpiowin32.sys [2013.05.10 09:05:02 | 000,945,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resetengmig.dll [2013.05.10 09:05:02 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll [2013.05.10 09:05:02 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sysreset.exe [2013.05.10 09:04:19 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll [2013.05.10 09:04:19 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll [2013.05.10 09:03:57 | 000,029,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthhfHid.sys [2013.05.10 09:03:57 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys [2013.05.10 09:03:31 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidi2c.sys [2013.05.10 09:03:11 | 000,230,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys [2013.05.10 09:03:11 | 000,035,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys [2013.05.10 09:02:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll [2013.05.10 09:02:31 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wushareduxresources.dll [2013.05.10 09:02:31 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuaext.dll [2013.05.10 09:02:30 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll [2013.05.10 09:01:16 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcadm.dll [2013.05.10 09:01:16 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcalua.exe [2013.05.10 09:01:16 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaevts.dll [2013.05.10 09:00:30 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe [2013.05.10 09:00:27 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe [2013.05.10 09:00:26 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tssdisai.dll [2013.05.10 09:00:26 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appserverai.dll [2013.05.10 09:00:26 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDWebAI.dll [2013.05.10 09:00:26 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VmHostAI.dll [2013.05.10 08:59:01 | 000,000,000 | ---D | C] -- C:\ProgramData\G Data [2013.05.10 08:58:31 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnet.dll [2013.05.10 08:58:31 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnet.dll [2013.05.10 08:58:31 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnathlp.dll [2013.05.10 08:58:31 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnathlp.dll [2013.05.10 08:58:31 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnsvr.exe [2013.05.10 08:58:31 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnsvr.exe [2013.05.10 08:58:31 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnhupnp.dll [2013.05.10 08:58:31 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnhpast.dll [2013.05.10 08:58:31 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnhupnp.dll [2013.05.10 08:58:31 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnhpast.dll [2013.05.10 08:58:31 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnlobby.dll [2013.05.10 08:58:31 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnaddr.dll [2013.05.10 08:58:31 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnlobby.dll [2013.05.10 08:58:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnaddr.dll [2013.05.10 08:57:18 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcr100_clr0400.dll [2013.05.10 08:57:18 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcr100_clr0400.dll [2013.05.10 08:56:23 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Mozilla [2013.05.10 08:56:23 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Mozilla [2013.05.10 08:56:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013.05.10 08:56:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.05.10 08:56:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.05.10 08:55:42 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgentc.exe [2013.05.10 08:55:42 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgentc.exe [2013.05.10 08:55:39 | 002,400,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll [2013.05.10 08:55:38 | 002,893,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll [2013.05.10 08:55:04 | 001,347,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srmclient.dll [2013.05.10 08:55:04 | 000,987,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srmclient.dll [2013.05.10 08:55:04 | 000,652,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srmscan.dll [2013.05.10 08:55:04 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srmscan.dll [2013.05.10 08:55:04 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srmshell.dll [2013.05.10 08:55:04 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adrclient.dll [2013.05.10 08:55:04 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srmshell.dll [2013.05.10 08:55:04 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adrclient.dll [2013.05.10 08:55:04 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srmtrace.dll [2013.05.10 08:55:04 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srmtrace.dll [2013.05.10 08:55:04 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\srm_ps.dll [2013.05.10 08:55:04 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\srm_ps.dll [2013.05.10 08:54:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml6r.dll [2013.05.10 08:54:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml3r.dll [2013.05.10 08:54:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msxml3r.dll [2013.05.10 08:54:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msxml6r.dll [2013.05.10 08:52:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell [2013.05.10 08:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\Classic Shell [2013.05.10 08:51:45 | 000,021,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbd.sys [2013.05.10 08:51:44 | 000,488,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbport.sys [2013.05.10 08:51:43 | 000,212,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS [2013.05.10 08:51:01 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Macromedia [2013.05.10 08:49:48 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll [2013.05.10 08:49:48 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll [2013.05.10 08:49:48 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll [2013.05.10 08:49:48 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll [2013.05.10 08:49:48 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll [2013.05.10 08:49:48 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll [2013.05.10 08:49:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dciman32.dll [2013.05.10 08:49:48 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpk.dll [2013.05.10 08:49:11 | 000,000,000 | R--D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.05.10 08:49:11 | 000,000,000 | R--D | C] -- C:\Users\Home\Searches [2013.05.10 08:49:11 | 000,000,000 | R--D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.05.10 08:49:00 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Adobe [2013.05.10 08:47:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC [2013.05.10 08:47:41 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\VirtualStore [2013.05.10 08:47:26 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\synceng.dll [2013.05.10 08:47:26 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\synceng.dll [2013.05.10 08:47:19 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache [2013.05.10 08:47:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2013.05.10 08:46:25 | 000,000,000 | --SD | C] -- C:\Users\Home\AppData\Roaming\Microsoft [2013.05.10 08:46:25 | 000,000,000 | R--D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2013.05.10 08:46:25 | 000,000,000 | R--D | C] -- C:\Users\Home\Favorites [2013.05.10 08:46:25 | 000,000,000 | R--D | C] -- C:\Users\Home\Desktop [2013.05.10 08:46:25 | 000,000,000 | R--D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.05.10 08:46:25 | 000,000,000 | R--D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2013.05.10 08:46:25 | 000,000,000 | -HSD | C] -- C:\Users\Home\Vorlagen [2013.05.10 08:46:25 | 000,000,000 | -HSD | C] -- C:\Users\Home\AppData\Local\Verlauf [2013.05.10 08:46:25 | 000,000,000 | -HSD | C] -- C:\Users\Home\AppData\Local\Temporary Internet Files [2013.05.10 08:46:25 | 000,000,000 | -HSD | C] -- C:\Users\Home\Startmenü [2013.05.10 08:46:25 | 000,000,000 | -HSD | C] -- C:\Users\Home\SendTo [2013.05.10 08:46:25 | 000,000,000 | -HSD | C] -- C:\Users\Home\Recent [2013.05.10 08:46:25 | 000,000,000 | -HSD | C] -- C:\Users\Home\Netzwerkumgebung [2013.05.10 08:46:25 | 000,000,000 | -HSD | C] -- C:\Users\Home\Lokale Einstellungen [2013.05.10 08:46:25 | 000,000,000 | -HSD | C] -- C:\Users\Home\Documents\Eigene Videos [2013.05.10 08:46:25 | 000,000,000 | -HSD | C] -- C:\Users\Home\Documents\Eigene Musik [2013.05.10 08:46:25 | 000,000,000 | -HSD | C] -- C:\Users\Home\Eigene Dateien [2013.05.10 08:46:25 | 000,000,000 | -HSD | C] -- C:\Users\Home\Documents\Eigene Bilder [2013.05.10 08:46:25 | 000,000,000 | -HSD | C] -- C:\Users\Home\Druckumgebung [2013.05.10 08:46:25 | 000,000,000 | -HSD | C] -- C:\Users\Home\Cookies [2013.05.10 08:46:25 | 000,000,000 | -HSD | C] -- C:\Users\Home\AppData\Local\Anwendungsdaten [2013.05.10 08:46:25 | 000,000,000 | -HSD | C] -- C:\Users\Home\Anwendungsdaten [2013.05.10 08:46:25 | 000,000,000 | -H-D | C] -- C:\Users\Home\AppData [2013.05.10 08:46:25 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Temp [2013.05.10 08:46:25 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Microsoft [2013.05.10 08:46:25 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013.05.10 08:45:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2013.05.10 08:45:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2013.05.10 08:45:44 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2013.05.10 08:45:44 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2013.05.10 08:45:44 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2013.05.10 08:45:44 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2013.05.10 08:45:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2013.05.10 08:45:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2013.05.10 08:42:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2013.05.10 08:28:47 | 000,000,000 | -H-D | C] -- C:\$SysReset [2013.05.09 18:36:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\MAGIX [2013.04.30 09:12:44 | 000,070,152 | ---- | C] (Nalpeiron Ltd.) -- C:\WINDOWS\SysWow64\NLSSRV32.EXE [2013.04.23 14:04:54 | 000,000,000 | ---D | C] -- C:\Users\Home\Documents\NetBeansProjects [2013.04.23 13:56:10 | 000,000,000 | ---D | C] -- C:\Users\Home\.nbi ========== Files - Modified Within 30 Days ========== [2013.05.13 16:21:38 | 001,745,416 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2013.05.13 16:21:38 | 000,751,892 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat [2013.05.13 16:21:38 | 000,710,046 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2013.05.13 16:21:38 | 000,155,620 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat [2013.05.13 16:21:38 | 000,132,416 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2013.05.13 16:18:20 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.05.13 16:16:17 | 000,542,184 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2013.05.13 16:16:07 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.05.13 16:15:59 | 3428,483,072 | -HS- | M] () -- C:\hiberfil.sys [2013.05.13 16:02:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.05.11 11:31:02 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf [2013.05.11 11:25:49 | 000,001,199 | ---- | M] () -- C:\Users\Home\Desktop\Any Video Converter.lnk [2013.05.10 22:01:32 | 000,120,200 | ---- | M] () -- C:\WINDOWS\SysWow64\DLLDEV32i.dll [2013.05.10 22:01:20 | 000,001,177 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Video deluxe 2013 Premium.lnk [2013.05.10 19:13:06 | 000,001,962 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Pro 8.lnk [2013.05.10 18:59:31 | 000,001,787 | ---- | M] () -- C:\Users\Home\Desktop\Spotify.lnk [2013.05.10 18:57:42 | 000,001,250 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk [2013.05.10 18:55:51 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.05.10 18:54:03 | 000,000,951 | ---- | M] () -- C:\Users\Public\Desktop\GSAK.lnk [2013.05.10 18:48:22 | 000,001,949 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2013.05.10 18:47:13 | 000,001,010 | ---- | M] () -- C:\Users\Public\Desktop\Alt.Binz.lnk [2013.05.10 10:23:52 | 000,016,944 | ---- | M] (G Data Software) -- C:\WINDOWS\SysNative\drivers\GdPhyMem.sys [2013.05.10 10:23:37 | 000,107,128 | ---- | M] (G Data Software) -- C:\WINDOWS\SysNative\drivers\GRD.sys [2013.05.10 10:20:59 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk [2013.05.10 10:20:57 | 000,068,408 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\gdwfpcd64.sys [2013.05.10 10:15:21 | 000,002,133 | ---- | M] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk [2013.05.10 09:57:02 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\npDeployJava1.dll [2013.05.10 09:57:02 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\deployJava1.dll [2013.05.10 09:57:02 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe [2013.05.10 09:57:02 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe [2013.05.10 09:57:02 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe [2013.05.10 09:57:02 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll [2013.05.10 09:47:32 | 000,002,017 | ---- | M] () -- C:\Users\Public\Desktop\NetBeans IDE 7.3.lnk [2013.05.10 09:45:51 | 001,092,512 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\npDeployJava1.dll [2013.05.10 09:45:51 | 000,971,680 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\deployJava1.dll [2013.05.10 09:45:51 | 000,311,200 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaws.exe [2013.05.10 09:45:51 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaw.exe [2013.05.10 09:45:51 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\java.exe [2013.05.10 09:45:51 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\WindowsAccessBridge-64.dll [2013.05.10 09:29:46 | 000,064,824 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\PktIcpt.sys [2013.05.10 09:29:32 | 000,133,976 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\MiniIcpt.sys [2013.05.10 09:29:32 | 000,064,856 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\HookCentre.sys [2013.05.10 09:29:32 | 000,060,248 | ---- | M] (G Data Software AG) -- C:\WINDOWS\SysNative\drivers\GDBehave.sys [2013.05.10 09:04:10 | 000,000,425 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI [2013.05.10 09:04:10 | 000,000,027 | ---- | M] () -- C:\WINDOWS\BRPP2KA.INI [2013.05.10 08:56:17 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.05.10 08:49:35 | 000,031,156 | ---- | M] () -- C:\Users\Home\Desktop\Entfernte Anwendungen.html [2013.05.10 08:46:40 | 000,013,338 | ---- | M] () -- C:\WINDOWS\diagwrn.xml [2013.05.10 08:46:40 | 000,013,338 | ---- | M] () -- C:\WINDOWS\diagerr.xml [2013.05.10 08:43:04 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2013.04.30 09:12:44 | 000,070,152 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\SysWow64\NLSSRV32.EXE [2013.04.30 09:11:56 | 000,029,704 | ---- | M] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalmon2.dll [2013.04.30 09:11:56 | 000,017,928 | ---- | M] (Nitro PDF Software) -- C:\WINDOWS\SysNative\nitrolocalui2.dll [2013.04.19 06:37:24 | 010,325,229 | ---- | M] () -- C:\Users\Home\Documents\Scream And Shout-OlloBitchRemix.mp3 [2013.04.19 06:37:06 | 011,106,240 | ---- | M] () -- C:\Users\Home\Documents\Ollo wird zum König.mp3 [2013.04.15 07:14:53 | 000,192,636 | ---- | M] () -- C:\Users\Home\Documents\Waypoints.gdb ========== Files Created - No Company Name ========== [2013.05.13 16:16:05 | 000,542,184 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2013.05.11 11:31:02 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf [2013.05.11 11:25:49 | 000,001,199 | ---- | C] () -- C:\Users\Home\Desktop\Any Video Converter.lnk [2013.05.10 22:01:20 | 000,001,177 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Video deluxe 2013 Premium.lnk [2013.05.10 19:13:06 | 000,002,531 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 8.lnk [2013.05.10 19:13:06 | 000,001,962 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Pro 8.lnk [2013.05.10 18:59:31 | 000,001,787 | ---- | C] () -- C:\Users\Home\Desktop\Spotify.lnk [2013.05.10 18:59:31 | 000,001,773 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [2013.05.10 18:57:42 | 000,001,250 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk [2013.05.10 18:55:51 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.05.10 18:54:03 | 000,007,492 | ---- | C] () -- C:\WINDOWS\SDENSX.UDF [2013.05.10 18:54:03 | 000,000,951 | ---- | C] () -- C:\Users\Public\Desktop\GSAK.lnk [2013.05.10 18:54:00 | 000,577,536 | ---- | C] () -- C:\WINDOWS\SysWow64\ChilkatCsv.dll [2013.05.10 18:48:22 | 000,001,949 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2013.05.10 18:48:22 | 000,001,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk [2013.05.10 18:47:13 | 000,001,010 | ---- | C] () -- C:\Users\Public\Desktop\Alt.Binz.lnk [2013.05.10 18:46:22 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.05.10 10:15:21 | 000,002,133 | ---- | C] () -- C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk [2013.05.10 09:47:32 | 000,002,017 | ---- | C] () -- C:\Users\Public\Desktop\NetBeans IDE 7.3.lnk [2013.05.10 09:29:37 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk [2013.05.10 09:08:49 | 000,387,867 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml [2013.05.10 09:04:10 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2013.05.10 09:04:10 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2013.05.10 08:56:17 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.05.10 08:56:17 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.05.10 08:49:35 | 000,031,156 | ---- | C] () -- C:\Users\Home\Desktop\Entfernte Anwendungen.html [2013.05.10 08:49:00 | 000,001,438 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.05.10 08:46:21 | 000,013,338 | ---- | C] () -- C:\WINDOWS\diagwrn.xml [2013.05.10 08:46:21 | 000,013,338 | ---- | C] () -- C:\WINDOWS\diagerr.xml [2013.05.10 08:43:04 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2013.05.05 18:39:43 | 000,015,532 | ---- | C] () -- C:\Users\Home\Documents\Lebenslauf_Dennis_Roth_2.rtf [2013.04.20 13:49:20 | 011,106,240 | ---- | C] () -- C:\Users\Home\Documents\Ollo wird zum König.mp3 [2013.04.20 13:49:20 | 010,325,229 | ---- | C] () -- C:\Users\Home\Documents\Scream And Shout-OlloBitchRemix.mp3 [2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2012.07.26 02:48:53 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll [2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.03.02 04:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.03.02 10:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences < End of report > Extras: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 13.05.2013 15:59:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Home\Downloads
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,99 Gb Total Physical Memory | 2,49 Gb Available Physical Memory | 62,51% Memory free
7,49 Gb Paging File | 5,43 Gb Available in Paging File | 72,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 537,11 Gb Total Space | 283,38 Gb Free Space | 52,76% Space Free | Partition Type: NTFS
Drive D: | 136,62 Gb Total Space | 126,39 Gb Free Space | 92,51% Space Free | Partition Type: NTFS
Drive E: | 723,43 Gb Total Space | 190,91 Gb Free Space | 26,39% Space Free | Partition Type: NTFS
Drive H: | 478,40 Gb Total Space | 222,48 Gb Free Space | 46,51% Space Free | Partition Type: FAT32
Drive I: | 452,99 Gb Total Space | 284,02 Gb Free Space | 62,70% Space Free | Partition Type: NTFS
Computer Name: HOME-PC | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-358329353-3434552568-1678841897-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3509BED2-AF28-47A3-8016-090B94653BBB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
"{98378BB2-7DB5-4321-A05E-08D72EF30EF7}" = lport=1688 | protocol=6 | dir=in | name=open port 1688 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00C90A3E-ED98-4D15-B242-5E58012F3EBE}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{0267F1C7-373B-49C2-B40A-E61517EAE6ED}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{04519688-4E1B-4C31-BB3F-7904830AE1E6}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{1073E09E-9BD9-4C5E-926F-0C348AFBAC28}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{1453ECED-B41E-4DB9-84BA-20AA6033261F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{27095D49-4E27-46EC-A74B-51B4EB5AB9A4}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{28C078B7-F2BF-414E-8E48-FC289AA47B40}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{2C15DB62-C879-49E2-AB9D-4F6BB96B655B}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{2F1DAB27-9EAC-444C-A409-0844906676E9}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{362B5B84-092C-4FF2-8FD8-DA0EAEA7736F}" = dir=out | name=amazon |
"{36883F84-D9D7-4946-A664-C8FFD2E57A59}" = dir=out | name=wetter.com |
"{417507F1-D450-4B90-8097-6AFCBEC138E2}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{4FA1EC66-6924-467A-A2F5-1F747F3AD037}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{54E17DCA-941C-4238-93BC-02C531610DB1}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{5573935F-390E-49FB-9515-C3F64BEC286A}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{68E7E94C-F444-4685-90DF-1E67BC4B2230}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{75A3EC08-2538-404F-804E-461E384A0EB0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{7A434661-2E09-4C74-BBEA-3688BB45B7B1}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{7C9DA466-6A1F-4B2B-970B-C054784A2FB6}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9463B773-7F72-4123-B6AB-97FCA2FACEFD}" = dir=out | name=google search |
"{9C993EB1-317E-477E-B038-C5443C3F650E}" = dir=out | name=toolbox for windows 8 |
"{AB4EC461-0BF6-4884-AD3B-11DE120FCFE8}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{AF38C133-42AA-44A0-B33A-0BBAC870EEE7}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{B47E1F44-DBB2-420D-BA49-D614923FAAF1}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EC77BB97-BE4E-4588-8489-5627E7687E8B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{F173D669-0EB7-46F4-A018-BACF3BE24076}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{F48DEEEC-BEC9-4A2D-BD3D-253B4AE968BA}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{FD5D3ADD-F001-46BD-BC93-74949F7A357A}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{47E960B1-A285-4D31-87BA-4D2936FC8FF1}" = MAGIX Video deluxe 2013 Premium
"{64A3A4F4-B792-11D6-A78A-00B0D0170210}" = Java SE Development Kit 7 Update 21 (64-bit)
"{7F34ADBE-77C0-47A0-BBC6-B3DA16CE8E68}" = Classic Shell
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0407-1000-0000000FF1CE}" = Microsoft Access MUI (German) 2013
"{90150000-0016-0407-1000-0000000FF1CE}" = Microsoft Excel MUI (German) 2013
"{90150000-0018-0407-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (German) 2013
"{90150000-0019-0407-1000-0000000FF1CE}" = Microsoft Publisher MUI (German) 2013
"{90150000-001A-0407-1000-0000000FF1CE}" = Microsoft Outlook MUI (German) 2013
"{90150000-001B-0407-1000-0000000FF1CE}" = Microsoft Word MUI (German) 2013
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office*- Français
"{90150000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Italiano
"{90150000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2013
"{90150000-0044-0407-1000-0000000FF1CE}" = Microsoft InfoPath MUI (German) 2013
"{90150000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2013
"{90150000-0090-0407-1000-0000000FF1CE}" = Microsoft DCF MUI (German) 2013
"{90150000-00A1-0407-1000-0000000FF1CE}" = Microsoft OneNote MUI (German) 2013
"{90150000-00BA-0407-1000-0000000FF1CE}" = Microsoft Groove MUI (German) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2013
"{90150000-00E1-0407-1000-0000000FF1CE}" = Microsoft Office OSM MUI (German) 2013
"{90150000-00E2-0407-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (German) 2013
"{90150000-012B-0407-1000-0000000FF1CE}" = Microsoft Lync MUI (German) 2013
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CE94C252-25AD-41A0-97B6-DD4F0E886F26}" = Nitro Pro 8
"{D3EF8C39-9E84-4EB0-AD09-0C2FA6E08C8C}" = MAGIX Video deluxe 2013 Premium (Video Plugins)
"{F30AE017-6791-43F1-8591-D31EDDDDFF1A}" = MAGIX Speed burnR (MSI)
"nbi-nb-base-7.3.0.0.201302132200" = NetBeans IDE 7.3
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7765322A-8601-47D3-AC60-B66677450D7B}" = G Data InternetSecurity 2014
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Alt.Binz" = Alt.Binz 0.39.4
"Any Video Converter_is1" = Any Video Converter 5.0.5
"d4cfeebc-b821-40b7-9f81-d366b1466f03_is1" = Horizon v2.6.6.3
"FileZilla Client" = FileZilla Client 3.6.0.2
"GSAK_is1" = GSAK 8.2.0.11
"MAGIX_{47E960B1-A285-4D31-87BA-4D2936FC8FF1}" = MAGIX Video deluxe 2013 Premium
"MAGIX_{D3EF8C39-9E84-4EB0-AD09-0C2FA6E08C8C}" = MAGIX Video deluxe 2013 Premium (Video Plugins)
"MAGIX_{F30AE017-6791-43F1-8591-D31EDDDDFF1A}" = MAGIX Speed burnR (MSI)
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.6
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-358329353-3434552568-1678841897-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ System Events ]
Error - 10.05.2013 02:42:45 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Netzwerklistendienst" wurde mit folgendem Fehler beendet:
%%21
Error - 10.05.2013 04:20:14 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "G Data AntiVirus Proxy" wurde unerwartet beendet. Dies
ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Neustart des Diensts.
Error - 10.05.2013 04:21:14 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
des Dienstes "G Data AntiVirus Proxy" Korrekturmaßnahmen (Neustart des Diensts)
durchzuführen, ist fehlgeschlagen. Fehler: %%1056
Error - 10.05.2013 12:12:58 | Computer Name = Home-PC | Source = DCOM | ID = 10010
Description =
Error - 10.05.2013 13:34:39 | Computer Name = Home-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt
gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende
Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus
lautet: 10.
Error - 10.05.2013 13:34:39 | Computer Name = Home-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt
gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende
Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus
lautet: 10.
Error - 10.05.2013 13:34:39 | Computer Name = Home-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt
gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende
Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus
lautet: 10.
Error - 10.05.2013 13:35:30 | Computer Name = Home-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt
gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende
Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus
lautet: 10.
Error - 10.05.2013 16:20:13 | Computer Name = Home-PC | Source = DCOM | ID = 10010
Description =
Error - 10.05.2013 16:20:14 | Computer Name = Home-PC | Source = DCOM | ID = 10010
Description =
< End of report >
|
|
14.05.2013, 08:14
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Pc Optimizer Pro > Win8: "Auffrischen-Funktion" ausreichend? Ist ziemlich unauffällig... JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ --> Pc Optimizer Pro > Win8: "Auffrischen-Funktion" ausreichend? |
|
14.05.2013, 16:24
| #7 |
| | Pc Optimizer Pro > Win8: "Auffrischen-Funktion" ausreichend? Hallo cosinus, JRT ergab: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 8 Pro x64
Ran by DennisEva on 14.05.2013 at 14:39:40,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll
~~~ Folders
Successfully deleted: [Folder] "C:\Users\DennisEva\AppData\Roaming\dvdvideosoftiehelpers"
~~~ FireFox
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
Emptied folder: C:\Users\DennisEva\AppData\Roaming\mozilla\firefox\profiles\t1s9i1mv.default\minidumps [1 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.05.2013 at 14:42:01,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.300 - Datei am 14/05/2013 um 16:48:10 erstellt
# Aktualisiert am 28/04/2013 von Xplode
# Betriebssystem : Windows 8 Pro (64 bits)
# Benutzer : Home - HOME-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Home\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0.1 (de)
Datei : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\t1s9i1mv.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [1037 octets] - [13/05/2013 09:00:11]
AdwCleaner[R2].txt - [1157 octets] - [13/05/2013 09:01:15]
AdwCleaner[R3].txt - [1086 octets] - [13/05/2013 09:11:41]
AdwCleaner[R4].txt - [1203 octets] - [14/05/2013 16:46:32]
AdwCleaner[S1].txt - [324 octets] - [13/05/2013 09:01:00]
AdwCleaner[S2].txt - [1256 octets] - [13/05/2013 09:01:38]
AdwCleaner[S3].txt - [322 octets] - [14/05/2013 16:46:16]
AdwCleaner[S4].txt - [1137 octets] - [14/05/2013 16:48:10]
########## EOF - C:\AdwCleaner[S4].txt - [1197 octets] ##########
OTL / Extras bekomme ich nicht gepostet. Boardsoftware sagt zuviele Zeichen (?) |
|
15.05.2013, 09:18
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Pc Optimizer Pro > Win8: "Auffrischen-Funktion" ausreichend?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.05.2013, 09:41
| #9 |
| | Pc Optimizer Pro > Win8: "Auffrischen-Funktion" ausreichend? Hallo Cosinus, sorry, nicht beachtet. PS: Könntest du bitte nach begutachtung des JRT-Logfiles dieses aus dem Thread löschen? Ich kann den Beitrag nicht mehr editieren. (Vergessen User/PC-Name zu ändern) Gruß unitone |
|
15.05.2013, 19:08
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Pc Optimizer Pro > Win8: "Auffrischen-Funktion" ausreichend? Wir löschen keine Logs siehe => http://www.trojaner-board.de/108422-...tml#post758384
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Pc Optimizer Pro > Win8: "Auffrischen-Funktion" ausreichend? |
| andere, anderen, angeboten, antworten, auffrischen-funktion, ausreichend, bezüglich, dokumente, entferne, frage, freeware, gen, hallo zusammen, installation, laufwerk, notwendig, optimizer, optimizer pro, pc optimizer pro, programm, sauber, setup, system, thread, win, windos8, windows8, worte, überhaupt, zusammen |
Linear-Darstellung
