| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Adobe Launcher.bundle verschlüsseltWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.05.2013, 10:34
| #1 |
 |  Adobe Launcher.bundle verschlüsselt Hi Leute, hätte da mal wieder ein kleines Problem bzw. ne Frage. Bei meinem gestrigen Virenscan mit Kaspersky Inet Security 2013 is mir eine Datei aufgefallen, für die Kaspersky ein Kennwort verlangt hat. Sie war unter folgendem Pfad zu finden: C:\ProgramData\Adobe\AIH.567d1b858ee9e3744c63855c9d69fc94750b93e0\launcher.bundle C:\ProgramData\Adobe\AIH.567d1b858ee9e3744c63855c9d69fc94750b93e0\bundle.dll Hab dann einen Suchlauf mit Malwarebytes AM-Ware gemacht und da wurde nichts verlangt. Das hat mich misstrauisch gemacht und deshalb habe ich etwas im www gesucht und kam prompt auf Virenmeldungen. Schließlich hab ich den kompletten Pfad und auch meine gesamte Adobe Software entfernt und neu installiert, aber der merkwürdige Pfad ist nicht mehr aufgetaucht. Hier ist der Log von dem Lauf von Malwarebytes vor dem Löschen des Pfades: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.05.14.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16540 Felix :: FELIX-PC [Administrator] Schutz: Aktiviert 14.05.2013 10:30:15 mbam-log-2013-05-14 (10-30-15).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 300381 Laufzeit: 21 Minute(n), 52 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Ich möchte nochmal betonen, dass laut KIS kein Virus gefunden wurde, sondern lediglich ein Kennwort für die merkwürdige Datei verlangt wurde. Hier noch die OTLs: Code:
ATTFilter OTL logfile created on: 15.05.2013 11:47:50 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Felix\Downloads 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 16,00 Gb Total Physical Memory | 13,29 Gb Available Physical Memory | 83,07% Memory free 31,99 Gb Paging File | 28,91 Gb Available in Paging File | 90,37% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,51 Gb Total Space | 873,82 Gb Free Space | 93,81% Space Free | Partition Type: NTFS Drive E: | 465,76 Gb Total Space | 465,66 Gb Free Space | 99,98% Space Free | Partition Type: NTFS Computer Name: FELIX-PC | User Name: Felix | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Felix\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Users\Felix\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe (Kaspersky Lab ZAO) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com\chrome\components\content_blocker_xpcom_gecko20\content_blocker_xpcom.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Users\Felix\AppData\Roaming\Dropbox\bin\libcef.dll () MOD - C:\Users\Felix\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll () MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab ZAO) DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab ZAO) DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab ZAO) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab) DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO) DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation ) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3419880688-839914132-1434784125-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com IE - HKU\S-1-5-21-3419880688-839914132-1434784125-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com IE - HKU\S-1-5-21-3419880688-839914132-1434784125-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3419880688-839914132-1434784125-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-3419880688-839914132-1434784125-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.spiegel.de/" FF - prefs.js..extensions.enabledAddons: url_advisor%40kaspersky.com:13.0.1.4307 FF - prefs.js..extensions.enabledAddons: virtual_keyboard%40kaspersky.com:13.0.1.4307 FF - prefs.js..extensions.enabledAddons: content_blocker%40kaspersky.com:13.0.1.4307 FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:13.0.1.4307 FF - prefs.js..extensions.enabledAddons: online_banking%40kaspersky.com:13.0.1.4307 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6.1 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.05.01 18:15:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.05.01 18:15:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.05.01 18:15:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.05.01 18:15:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.05.01 18:15:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.05.03 11:34:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.01 18:12:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.05.03 11:34:29 | 000,000,000 | ---D | M] [2013.05.01 18:30:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Felix\AppData\Roaming\mozilla\Extensions [2013.05.14 11:46:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Felix\AppData\Roaming\mozilla\Firefox\Profiles\q7z05pnn.default\extensions [2013.05.14 11:46:34 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Felix\AppData\Roaming\mozilla\Firefox\Profiles\q7z05pnn.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013.05.07 17:20:17 | 000,534,214 | ---- | M] () (No name found) -- C:\Users\Felix\AppData\Roaming\mozilla\firefox\profiles\q7z05pnn.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013.05.01 18:12:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.05.01 18:15:02 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\ANTI_BANNER@KASPERSKY.COM [2013.05.01 18:15:02 | 000,000,000 | ---D | M] (Content Blocker) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\CONTENT_BLOCKER@KASPERSKY.COM [2013.05.01 18:15:02 | 000,000,000 | ---D | M] (Safe Money) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\ONLINE_BANKING@KASPERSKY.COM [2013.05.01 18:15:02 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\URL_ADVISOR@KASPERSKY.COM [2013.05.01 18:15:02 | 000,000,000 | ---D | M] (Virtual Keyboard) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\VIRTUAL_KEYBOARD@KASPERSKY.COM [2013.04.10 08:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.04.10 10:18:46 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.04.10 10:18:46 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.04.10 10:18:46 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.04.10 10:18:46 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.04.10 10:18:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.04.10 10:18:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O4:64bit: - HKLM..\Run: [Eraser] C:\Programme\Eraser\Eraser.exe (The Eraser Project) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Felix\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D060E4D2-E251-42DA-9568-FE55B5D1FF7D}: DhcpNameServer = 192.168.2.1 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{33d613b3-b26b-11e2-b7de-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{33d613b3-b26b-11e2-b7de-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.15 08:11:15 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.05.15 08:11:15 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.05.15 08:11:15 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.05.15 08:11:14 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.05.15 08:11:14 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.05.15 08:11:14 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.05.15 08:11:14 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.05.15 08:11:14 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.05.15 08:11:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.05.15 08:11:14 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.05.15 08:11:14 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.05.15 08:11:14 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.05.15 08:11:12 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.05.15 08:11:12 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.05.15 08:11:12 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.05.15 06:57:31 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013.05.15 06:57:31 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2013.05.15 06:57:20 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013.05.15 06:57:20 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013.05.15 06:57:20 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013.05.15 06:57:20 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2013.05.15 06:57:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2013.05.14 12:04:08 | 000,000,000 | ---D | C] -- C:\Users\Felix\Documents\eRightSoft [2013.05.14 12:03:46 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll [2013.05.14 12:03:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft [2013.05.14 12:03:45 | 000,327,749 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\drvc.dll [2013.05.14 12:03:45 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\SysWow64\nbDX.dll [2013.05.14 12:03:45 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLOgg.ax [2013.05.14 12:03:45 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\DiracSplitter.ax [2013.05.14 12:03:45 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\flvDX.dll [2013.05.14 12:03:45 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\RealMediaDX.ax [2013.05.14 12:03:45 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\SysWow64\AVCDX.ax [2013.05.14 12:03:45 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLVorbisDec.ax [2013.05.14 12:03:45 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSSplitter.ax [2013.05.14 12:03:45 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSDecoder.ax [2013.05.14 12:03:45 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\SysWow64\RLTheoraDec.ax [2013.05.14 12:03:45 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\SysWow64\msfDX.dll [2013.05.14 12:03:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eRightSoft [2013.05.14 12:01:46 | 000,000,000 | ---D | C] -- C:\Users\Felix\Desktop\Unkonvertiert [2013.05.14 10:41:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2013.05.14 10:41:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2013.05.14 10:39:53 | 000,691,592 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.05.14 10:39:53 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.05.14 10:39:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2013.05.14 10:36:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2013.05.12 15:53:35 | 000,000,000 | R--D | C] -- C:\Users\Felix\Dropbox [2013.05.12 15:43:53 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2013.05.12 15:43:15 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\Dropbox [2013.05.07 15:06:43 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\Malwarebytes [2013.05.07 15:06:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.05.07 15:06:35 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.05.07 15:06:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.05.07 15:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.05.07 15:06:24 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Local\Programs [2013.05.07 09:20:18 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Local\Adobe [2013.05.04 18:16:10 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\OpenOffice.org [2013.05.04 18:14:20 | 000,000,000 | --SD | C] -- C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2013.05.04 18:13:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2013.05.04 10:49:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2013.05.04 10:49:04 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2013.05.04 10:48:37 | 002,797,128 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2013.05.04 10:48:37 | 002,102,040 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll [2013.05.04 10:48:37 | 001,659,464 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2013.05.04 10:48:37 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2013.05.04 10:48:37 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll [2013.05.04 10:48:37 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2013.05.04 10:48:37 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2013.05.04 10:48:37 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2013.05.04 10:48:36 | 003,693,128 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2013.05.04 10:48:36 | 001,284,680 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2013.05.04 10:48:36 | 000,991,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2013.05.04 10:48:36 | 000,613,448 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll [2013.05.04 10:48:36 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2013.05.04 10:48:36 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2013.05.04 10:48:36 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2013.05.04 10:48:36 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2013.05.04 10:48:36 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2013.05.04 10:48:36 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2013.05.04 10:48:36 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll [2013.05.04 10:48:35 | 000,897,152 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll [2013.05.04 10:48:35 | 000,753,280 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll [2013.05.04 10:48:35 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2013.05.04 10:48:35 | 000,135,240 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll [2013.05.04 10:48:35 | 000,083,072 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll [2013.05.04 10:48:35 | 000,065,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBppld64.dll [2013.05.04 10:48:35 | 000,060,504 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBPPCn64.dll [2013.05.04 10:48:34 | 002,032,408 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll [2013.05.04 10:48:34 | 000,910,104 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll [2013.05.04 10:48:34 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2013.05.04 10:48:33 | 002,734,624 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2013.05.04 10:48:33 | 000,110,592 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll [2013.05.04 10:48:32 | 000,208,072 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2013.05.04 10:48:32 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2013.05.04 10:48:32 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2013.05.04 10:48:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2013.05.04 10:48:30 | 002,079,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2013.05.04 10:48:30 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2013.05.04 10:48:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2013.05.04 10:33:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2013.05.04 09:20:41 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.05.03 11:36:30 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG [2013.05.03 11:36:30 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\HP [2013.05.03 11:35:58 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Local\HP [2013.05.03 11:33:41 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant [2013.05.03 11:33:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [2013.05.03 11:33:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool [2013.05.03 11:32:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard [2013.05.03 11:32:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP [2013.05.03 11:31:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP [2013.05.03 11:31:17 | 000,000,000 | -H-D | C] -- C:\Config.Msi [2013.05.03 11:27:54 | 000,000,000 | ---D | C] -- C:\ProgramData\HP [2013.05.03 11:27:50 | 000,861,184 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpowiav1.dll [2013.05.03 11:27:50 | 000,730,624 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpotscl1.dll [2013.05.03 11:27:50 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll [2013.05.03 11:27:50 | 000,498,176 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpovst01.dll [2013.05.03 07:22:52 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\ATI [2013.05.03 07:22:52 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Local\ATI [2013.05.03 07:22:52 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2013.05.03 07:22:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD [2013.05.03 07:22:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2013.05.03 07:22:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2013.05.03 07:22:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2013.05.03 07:22:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2013.05.03 07:22:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2013.05.03 07:19:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2013.05.03 07:19:37 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2013.05.03 07:19:35 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2013.05.03 07:19:00 | 000,000,000 | ---D | C] -- C:\AMD [2013.05.02 14:14:58 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2013.05.02 14:14:58 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2013.05.02 14:14:55 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll [2013.05.02 14:14:55 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe [2013.05.02 14:14:55 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2013.05.02 14:14:54 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll [2013.05.02 14:14:54 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2013.05.02 14:14:54 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2013.05.02 14:14:54 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe [2013.05.02 07:19:24 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\Macromedia [2013.05.02 07:19:24 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Local\Macromedia [2013.05.02 07:19:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2013.05.02 07:19:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2013.05.02 02:26:25 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2013.05.02 02:26:11 | 000,000,000 | -HSD | C] -- C:\Boot [2013.05.02 02:25:54 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\OEM [2013.05.02 02:25:54 | 000,000,000 | ---D | C] -- C:\Hotfix [2013.05.02 02:25:54 | 000,000,000 | ---D | C] -- C:\Drivers [2013.05.02 02:24:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer [2013.05.02 02:24:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE [2013.05.02 02:24:19 | 000,000,000 | ---D | C] -- C:\Windows\de-DE [2013.05.02 02:24:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de [2013.05.02 02:24:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407 [2013.05.02 02:24:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE [2013.05.02 02:24:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de [2013.05.02 02:24:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407 [2013.05.02 02:22:31 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbport.sys.mui [2013.05.02 02:22:31 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbhub.sys.mui [2013.05.02 02:22:31 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tunnel.sys.mui [2013.05.02 02:22:31 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pci.sys.mui [2013.05.02 02:22:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\msdsm.sys.mui [2013.05.02 02:22:31 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vdrvroot.sys.mui [2013.05.02 02:22:31 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mssmbios.sys.mui [2013.05.02 02:22:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ULIAGPKX.SYS.mui [2013.05.02 02:22:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rdpwd.sys.mui [2013.05.02 02:22:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\NV_AGP.SYS.mui [2013.05.02 02:22:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\disk.sys.mui [2013.05.02 02:22:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\battc.sys.mui [2013.05.02 02:22:30 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\isapnp.sys.mui [2013.05.02 02:22:30 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\AGP440.sys.mui [2013.05.02 02:22:26 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\tcpip.sys.mui [2013.05.02 02:22:26 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\bfe.dll.mui [2013.05.02 02:22:26 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\scfilter.sys.mui [2013.05.02 02:22:26 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\qwavedrv.sys.mui [2013.05.02 02:22:25 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\pacer.sys.mui [2013.05.02 02:22:24 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volsnap.sys.mui [2013.05.02 02:22:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\ndiscap.sys.mui [2013.05.02 02:22:24 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui [2013.05.02 02:22:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vhdmp.sys.mui [2013.05.02 02:22:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tpm.sys.mui [2013.05.02 02:22:24 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\portcls.sys.mui [2013.05.02 02:22:24 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\umbus.sys.mui [2013.05.02 02:22:24 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serscan.sys.mui [2013.05.02 02:22:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wd.sys.mui [2013.05.02 02:22:23 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tcpip.sys.mui [2013.05.02 02:22:23 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mpio.sys.mui [2013.05.02 02:22:23 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bfe.dll.mui [2013.05.02 02:22:23 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\afd.sys.mui [2013.05.02 02:22:23 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serial.sys.mui [2013.05.02 02:22:23 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\i8042prt.sys.mui [2013.05.02 02:22:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\sermouse.sys.mui [2013.05.02 02:22:23 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pcmcia.sys.mui [2013.05.02 02:22:23 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouclass.sys.mui [2013.05.02 02:22:23 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\parport.sys.mui [2013.05.02 02:22:23 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\modem.sys.mui [2013.05.02 02:22:23 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ataport.sys.mui [2013.05.02 02:22:23 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scsiport.sys.mui [2013.05.02 02:22:23 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismpx.sys.mui [2013.05.02 02:22:23 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismp6.sys.mui [2013.05.02 02:22:23 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouhid.sys.mui [2013.05.02 02:22:23 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vwifibus.sys.mui [2013.05.02 02:22:23 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\MTConfig.sys.mui [2013.05.02 02:22:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ws2ifsl.sys.mui [2013.05.02 02:22:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbrpm.sys.mui [2013.05.02 02:22:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdide.sys.mui [2013.05.02 02:22:18 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fvevol.sys.mui [2013.05.02 02:22:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\srv.sys.mui [2013.05.02 02:22:18 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scfilter.sys.mui [2013.05.02 02:22:12 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pacer.sys.mui [2013.05.02 02:22:12 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rdbss.sys.mui [2013.05.02 02:22:12 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\RNDISMP.sys.mui [2013.05.02 02:22:12 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\qwavedrv.sys.mui [2013.05.02 02:22:11 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ntfs.sys.mui [2013.05.02 02:22:11 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndis.sys.mui [2013.05.02 02:22:11 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\nwifi.sys.mui [2013.05.02 02:22:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndiscap.sys.mui [2013.05.02 02:22:11 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndisuio.sys.mui [2013.05.02 02:22:11 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\partmgr.sys.mui [2013.05.02 02:22:11 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mountmgr.sys.mui [2013.05.02 02:22:10 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\http.sys.mui [2013.05.02 02:22:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\luafv.sys.mui [2013.05.02 02:22:10 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ipnat.sys.mui [2013.05.02 02:22:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fltmgr.sys.mui [2013.05.02 02:22:09 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volmgrx.sys.mui [2013.05.02 02:22:07 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\processr.sys.mui [2013.05.02 02:22:07 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\intelppm.sys.mui [2013.05.02 02:22:07 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdppm.sys.mui [2013.05.02 02:22:07 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdk8.sys.mui [2013.05.02 02:22:07 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ohci1394.sys.mui [2013.05.02 02:22:07 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\1394ohci.sys.mui [2013.05.02 02:22:07 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui [2013.05.02 02:22:07 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui [2013.05.02 02:22:07 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\acpi.sys.mui [2013.05.02 02:22:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthport.sys.mui [2013.05.02 02:22:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\IPMIDrv.sys.mui [2013.05.02 02:22:07 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdclass.sys.mui [2013.05.02 02:22:07 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthpan.sys.mui [2013.05.02 02:22:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wacompen.sys.mui [2013.05.02 02:22:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hdaudbus.sys.mui [2013.05.02 02:22:07 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\HdAudio.sys.mui [2013.05.02 02:22:07 | 000,003,584 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\de-DE\atikmdag.sys.mui [2013.05.02 02:22:07 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hidbth.sys.mui [2013.05.02 02:22:07 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\UAGP35.SYS.mui [2013.05.02 02:22:07 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pnpmem.sys.mui [2013.05.02 02:22:07 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdhid.sys.mui [2013.05.02 02:22:07 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\GAGP30KX.SYS.mui [2013.05.02 02:22:07 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\Dot4usb.sys.mui [2013.05.02 02:22:07 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\BTHUSB.SYS.mui [2013.05.02 02:22:07 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui [2013.05.02 02:22:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\cdrom.sys.mui [2013.05.02 02:22:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthenum.sys.mui [2013.05.01 20:48:02 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Local\Eraser 6 [2013.05.01 20:27:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2013.05.01 20:26:47 | 000,000,000 | ---D | C] -- C:\Program Files\Eraser [2013.05.01 20:22:55 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\Adobe [2013.05.01 19:07:06 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys [2013.05.01 19:07:06 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2013.05.01 19:07:06 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wdf01000.sys.mui [2013.05.01 18:58:14 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.05.01 18:58:14 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.05.01 18:58:14 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.05.01 18:58:14 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.05.01 18:58:14 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.05.01 18:58:14 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.05.01 18:58:14 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.05.01 18:58:14 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.05.01 18:58:14 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.05.01 18:58:14 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.05.01 18:58:14 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.05.01 18:58:14 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.05.01 18:58:14 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.05.01 18:58:14 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.05.01 18:58:14 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.05.01 18:58:14 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.05.01 18:58:14 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.05.01 18:58:14 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.05.01 18:58:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.05.01 18:58:14 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.05.01 18:58:14 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.05.01 18:58:14 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.05.01 18:58:14 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.05.01 18:58:14 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.05.01 18:58:14 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.05.01 18:58:14 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.05.01 18:58:14 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.05.01 18:58:14 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.05.01 18:58:14 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.05.01 18:58:14 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.05.01 18:58:14 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.05.01 18:58:14 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.05.01 18:58:14 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.05.01 18:58:14 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.05.01 18:58:14 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.05.01 18:58:14 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.05.01 18:58:14 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.05.01 18:58:14 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.05.01 18:58:14 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.05.01 18:58:14 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.05.01 18:58:14 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.05.01 18:58:14 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.05.01 18:58:14 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.05.01 18:58:14 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.05.01 18:58:14 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.05.01 18:58:14 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.05.01 18:58:14 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.05.01 18:58:14 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.05.01 18:58:14 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.05.01 18:58:14 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.05.01 18:58:14 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.05.01 18:58:14 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.05.01 18:58:14 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.05.01 18:52:26 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll [2013.05.01 18:52:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2013.05.01 18:52:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe [2013.05.01 18:52:26 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tsusbflt.sys.mui [2013.05.01 18:52:25 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys [2013.05.01 18:52:25 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys [2013.05.01 18:52:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys [2013.05.01 18:52:24 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2013.05.01 18:52:24 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2013.05.01 18:52:24 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2013.05.01 18:52:24 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll [2013.05.01 18:52:24 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe [2013.05.01 18:52:24 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll [2013.05.01 18:52:24 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll [2013.05.01 18:52:24 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2013.05.01 18:52:24 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2013.05.01 18:52:24 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2013.05.01 18:52:24 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll [2013.05.01 18:52:24 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll [2013.05.01 18:52:23 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013.05.01 18:52:23 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013.05.01 18:52:23 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2013.05.01 18:52:23 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2013.05.01 18:52:23 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2013.05.01 18:52:23 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe [2013.05.01 18:52:23 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll [2013.05.01 18:45:37 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe [2013.05.01 18:35:20 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2013.05.01 18:35:20 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2013.05.01 18:35:20 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2013.05.01 18:35:20 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2013.05.01 18:35:20 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2013.05.01 18:35:20 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2013.05.01 18:34:15 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2013.05.01 18:34:14 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2013.05.01 18:34:14 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe [2013.05.01 18:34:14 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2013.05.01 18:30:44 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\Mozilla [2013.05.01 18:30:44 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Local\Mozilla [2013.05.01 18:30:14 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013.05.01 18:30:13 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013.05.01 18:30:13 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013.05.01 18:30:13 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013.05.01 18:30:12 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013.05.01 18:30:12 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013.05.01 18:30:11 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013.05.01 18:30:11 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013.05.01 18:30:11 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013.05.01 18:30:11 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013.05.01 18:30:11 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013.05.01 18:30:11 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013.05.01 18:30:11 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013.05.01 18:30:11 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013.05.01 18:30:11 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013.05.01 18:30:11 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013.05.01 18:30:11 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.05.01 18:30:11 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.05.01 18:30:11 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.05.01 18:30:11 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.05.01 18:30:11 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.05.01 18:30:11 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.05.01 18:30:11 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.05.01 18:30:11 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.05.01 18:30:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013.05.01 18:30:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013.05.01 18:30:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.05.01 18:30:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.05.01 18:30:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013.05.01 18:30:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013.05.01 18:30:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.05.01 18:30:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.05.01 18:30:11 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.05.01 18:30:11 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.05.01 18:30:10 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013.05.01 18:30:10 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013.05.01 18:30:10 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013.05.01 18:30:10 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.05.01 18:30:10 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013.05.01 18:30:10 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013.05.01 18:30:10 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013.05.01 18:29:56 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2013.05.01 18:29:56 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys [2013.05.01 18:27:17 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2013.05.01 18:27:17 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2013.05.01 18:27:15 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2013.05.01 18:27:02 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe [2013.05.01 18:27:02 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe [2013.05.01 18:26:46 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll [2013.05.01 18:26:41 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2013.05.01 18:26:41 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2013.05.01 18:26:41 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2013.05.01 18:26:41 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2013.05.01 18:26:41 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2013.05.01 18:26:41 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2013.05.01 18:26:40 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013.05.01 18:26:40 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013.05.01 18:26:39 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2013.05.01 18:26:39 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll [2013.05.01 18:26:39 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2013.05.01 18:26:36 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll [2013.05.01 18:26:36 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll [2013.05.01 18:26:36 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll [2013.05.01 18:26:36 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll [2013.05.01 18:26:36 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll [2013.05.01 18:26:36 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll [2013.05.01 18:26:36 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll [2013.05.01 18:26:36 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll [2013.05.01 18:26:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll [2013.05.01 18:26:35 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2013.05.01 18:26:35 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2013.05.01 18:26:31 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll [2013.05.01 18:26:30 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2013.05.01 18:26:30 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2013.05.01 18:26:23 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2013.05.01 18:26:23 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013.05.01 18:26:23 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2013.05.01 18:26:23 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2013.05.01 18:26:23 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2013.05.01 18:26:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013.05.01 18:26:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013.05.01 18:26:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013.05.01 18:26:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013.05.01 18:26:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013.05.01 18:26:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013.05.01 18:26:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.05.01 18:26:22 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2013.05.01 18:26:22 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2013.05.01 18:26:22 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013.05.01 18:26:22 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013.05.01 18:26:22 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013.05.01 18:26:22 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013.05.01 18:26:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013.05.01 18:26:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013.05.01 18:26:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013.05.01 18:26:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013.05.01 18:26:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013.05.01 18:26:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013.05.01 18:26:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013.05.01 18:26:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013.05.01 18:26:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013.05.01 18:26:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013.05.01 18:26:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013.05.01 18:26:03 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll [2013.05.01 18:26:02 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll [2013.05.01 18:26:02 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll [2013.05.01 18:26:02 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll [2013.05.01 18:26:02 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll [2013.05.01 18:26:02 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll [2013.05.01 18:26:02 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll [2013.05.01 18:26:02 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll [2013.05.01 18:26:02 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll [2013.05.01 18:26:02 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe [2013.05.01 18:26:02 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe [2013.05.01 18:26:02 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll [2013.05.01 18:26:02 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll [2013.05.01 18:26:00 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2013.05.01 18:26:00 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2013.05.01 18:26:00 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2013.05.01 18:26:00 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2013.05.01 18:26:00 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2013.05.01 18:26:00 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2013.05.01 18:26:00 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2013.05.01 18:26:00 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2013.05.01 18:26:00 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2013.05.01 18:26:00 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2013.05.01 18:26:00 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2013.05.01 18:26:00 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2013.05.01 18:26:00 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2013.05.01 18:26:00 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2013.05.01 18:26:00 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2013.05.01 18:26:00 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2013.05.01 18:26:00 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2013.05.01 18:26:00 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2013.05.01 18:26:00 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2013.05.01 18:26:00 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2013.05.01 18:26:00 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2013.05.01 18:26:00 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2013.05.01 18:26:00 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2013.05.01 18:26:00 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2013.05.01 18:26:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2013.05.01 18:26:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2013.05.01 18:26:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2013.05.01 18:26:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2013.05.01 18:26:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2013.05.01 18:26:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2013.05.01 18:26:00 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2013.05.01 18:26:00 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2013.05.01 18:25:53 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2013.05.01 18:25:53 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2013.05.01 18:25:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2013.05.01 18:25:30 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2013.05.01 18:25:30 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2013.05.01 18:25:29 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2013.05.01 18:25:29 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll [2013.05.01 18:25:27 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2013.05.01 18:25:27 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll [2013.05.01 18:25:26 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2013.05.01 18:25:26 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2013.05.01 18:25:26 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2013.05.01 18:25:26 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2013.05.01 18:25:26 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2013.05.01 18:25:26 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2013.05.01 18:25:26 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2013.05.01 18:25:23 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2013.05.01 18:25:23 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2013.05.01 18:25:21 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl [2013.05.01 18:25:21 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl [2013.05.01 18:25:20 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll [2013.05.01 18:25:20 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll [2013.05.01 18:25:20 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax [2013.05.01 18:25:20 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax [2013.05.01 18:25:19 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [2013.05.01 18:25:19 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll [2013.05.01 18:25:19 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2013.05.01 18:25:18 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2013.05.01 18:25:18 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2013.05.01 18:25:18 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2013.05.01 18:25:17 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2013.05.01 18:25:16 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2013.05.01 18:25:15 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe [2013.05.01 18:25:15 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe [2013.05.01 18:25:14 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2013.05.01 18:25:13 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2013.05.01 18:24:41 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2013.05.01 18:24:41 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2013.05.01 18:24:33 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2013.05.01 18:24:33 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2013.05.01 18:24:33 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2013.05.01 18:24:29 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll [2013.05.01 18:24:29 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2013.05.01 18:24:29 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll [2013.05.01 18:24:29 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll [2013.05.01 18:24:29 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll [2013.05.01 18:24:29 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll [2013.05.01 18:24:25 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013.05.01 18:24:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013.05.01 18:24:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013.05.01 18:24:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013.05.01 18:24:25 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013.05.01 18:24:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013.05.01 18:24:23 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.05.01 18:24:23 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.05.01 18:24:23 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.05.01 18:24:23 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2013.05.01 18:24:23 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2013.05.01 18:24:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2013.05.01 18:24:22 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2013.05.01 18:24:22 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2013.05.01 18:24:19 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe [2013.05.01 18:24:17 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2013.05.01 18:24:17 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2013.05.01 18:24:12 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2013.05.01 18:24:12 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2013.05.01 18:24:12 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2013.05.01 18:24:12 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2013.05.01 18:24:10 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2013.05.01 18:24:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2013.05.01 18:24:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2013.05.01 18:24:07 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2013.05.01 18:24:07 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2013.05.01 18:24:07 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2013.05.01 18:24:06 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013.05.01 18:24:06 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys [2013.05.01 18:24:02 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe [2013.05.01 18:24:02 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll [2013.05.01 18:24:01 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys [2013.05.01 18:24:00 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013.05.01 18:23:59 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2013.05.01 18:23:57 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe [2013.05.01 18:22:05 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2013.05.01 18:22:05 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2013.05.01 18:20:45 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2013.05.01 18:20:45 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2013.05.01 18:13:28 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2013.05.01 18:13:28 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll [2013.05.01 18:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.05.01 18:12:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013.05.01 18:12:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.05.01 18:01:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013 [2013.05.01 18:01:30 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll [2013.05.01 18:01:14 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP [2013.05.01 17:55:58 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2013.05.01 17:55:58 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2013.05.01 17:55:58 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2013.05.01 17:55:39 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2013.05.01 17:55:39 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2013.05.01 17:55:39 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2013.05.01 17:55:11 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2013.05.01 17:55:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2013.05.01 17:03:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2013.05.01 17:03:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab [2013.05.01 17:03:32 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2013.05.01 16:36:07 | 000,000,000 | R--D | C] -- C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.05.01 16:36:07 | 000,000,000 | R--D | C] -- C:\Users\Felix\Searches [2013.05.01 16:36:07 | 000,000,000 | R--D | C] -- C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.05.01 16:35:59 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\Identities [2013.05.01 16:35:57 | 000,000,000 | R--D | C] -- C:\Users\Felix\Contacts [2013.05.01 16:35:54 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Local\VirtualStore [2013.05.01 16:35:44 | 000,000,000 | --SD | C] -- C:\Users\Felix\AppData\Roaming\Microsoft [2013.05.01 16:35:44 | 000,000,000 | R--D | C] -- C:\Users\Felix\Videos [2013.05.01 16:35:44 | 000,000,000 | R--D | C] -- C:\Users\Felix\Saved Games [2013.05.01 16:35:44 | 000,000,000 | R--D | C] -- C:\Users\Felix\Pictures [2013.05.01 16:35:44 | 000,000,000 | R--D | C] -- C:\Users\Felix\Music [2013.05.01 16:35:44 | 000,000,000 | R--D | C] -- C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013.05.01 16:35:44 | 000,000,000 | R--D | C] -- C:\Users\Felix\Links [2013.05.01 16:35:44 | 000,000,000 | R--D | C] -- C:\Users\Felix\Favorites [2013.05.01 16:35:44 | 000,000,000 | R--D | C] -- C:\Users\Felix\Downloads [2013.05.01 16:35:44 | 000,000,000 | R--D | C] -- C:\Users\Felix\Documents [2013.05.01 16:35:44 | 000,000,000 | R--D | C] -- C:\Users\Felix\Desktop [2013.05.01 16:35:44 | 000,000,000 | R--D | C] -- C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.05.01 16:35:44 | 000,000,000 | -HSD | C] -- C:\Users\Felix\Vorlagen [2013.05.01 16:35:44 | 000,000,000 | -HSD | C] -- C:\Users\Felix\AppData\Local\Verlauf [2013.05.01 16:35:44 | 000,000,000 | -HSD | C] -- C:\Users\Felix\AppData\Local\Temporary Internet Files [2013.05.01 16:35:44 | 000,000,000 | -HSD | C] -- C:\Users\Felix\Startmenü [2013.05.01 16:35:44 | 000,000,000 | -HSD | C] -- C:\Users\Felix\SendTo [2013.05.01 16:35:44 | 000,000,000 | -HSD | C] -- C:\Users\Felix\Recent [2013.05.01 16:35:44 | 000,000,000 | -HSD | C] -- C:\Users\Felix\Netzwerkumgebung [2013.05.01 16:35:44 | 000,000,000 | -HSD | C] -- C:\Users\Felix\Lokale Einstellungen [2013.05.01 16:35:44 | 000,000,000 | -HSD | C] -- C:\Users\Felix\Documents\Eigene Videos [2013.05.01 16:35:44 | 000,000,000 | -HSD | C] -- C:\Users\Felix\Documents\Eigene Musik [2013.05.01 16:35:44 | 000,000,000 | -HSD | C] -- C:\Users\Felix\Eigene Dateien [2013.05.01 16:35:44 | 000,000,000 | -HSD | C] -- C:\Users\Felix\Documents\Eigene Bilder [2013.05.01 16:35:44 | 000,000,000 | -HSD | C] -- C:\Users\Felix\Druckumgebung [2013.05.01 16:35:44 | 000,000,000 | -HSD | C] -- C:\Users\Felix\Cookies [2013.05.01 16:35:44 | 000,000,000 | -HSD | C] -- C:\Users\Felix\AppData\Local\Anwendungsdaten [2013.05.01 16:35:44 | 000,000,000 | -HSD | C] -- C:\Users\Felix\Anwendungsdaten [2013.05.01 16:35:44 | 000,000,000 | -H-D | C] -- C:\Users\Felix\AppData [2013.05.01 16:35:44 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Local\Temp [2013.05.01 16:35:44 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Local\Microsoft [2013.05.01 16:35:44 | 000,000,000 | ---D | C] -- C:\Users\Felix\AppData\Roaming\Media Center Programs [2013.05.01 16:35:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2013.05.01 16:35:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2013.05.01 16:35:36 | 000,000,000 | -HSD | C] -- C:\Recovery [2013.05.01 16:35:36 | 000,000,000 | -HSD | C] -- C:\Programme [2013.05.01 16:35:36 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2013.05.01 16:35:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2013.05.01 16:35:36 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2013.05.01 16:35:36 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2013.05.01 16:35:36 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2013.05.01 16:35:36 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2013.05.01 16:35:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2013.05.01 16:35:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2013.05.01 16:30:00 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2013.05.01 16:27:53 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2013.05.01 16:27:13 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2013.05.15 11:41:06 | 000,020,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.15 11:41:06 | 000,020,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.15 11:38:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.15 10:08:52 | 000,294,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.05.15 10:08:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.15 10:08:12 | 4293,459,966 | -HS- | M] () -- C:\hiberfil.sys [2013.05.15 08:12:56 | 001,518,986 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.15 08:12:56 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.05.15 08:12:56 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.15 08:12:56 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.05.15 08:12:56 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.05.14 12:03:46 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\SUPER ©.lnk [2013.05.14 10:39:53 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.05.14 10:39:53 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.05.12 15:53:35 | 000,001,039 | ---- | M] () -- C:\Users\Felix\Desktop\Dropbox.lnk [2013.05.12 15:44:07 | 000,001,049 | ---- | M] () -- C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.05.08 13:00:51 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.05.07 15:06:36 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.05.04 18:14:20 | 000,001,244 | ---- | M] () -- C:\Users\Felix\Desktop\OpenOffice.org 3.4.1.lnk [2013.05.04 09:20:20 | 426,105,284 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.05.03 12:37:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013.05.03 11:36:21 | 000,245,280 | ---- | M] () -- C:\Windows\hpoins19.dat [2013.05.03 11:34:17 | 000,002,167 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk [2013.05.03 11:33:39 | 000,001,351 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk [2013.05.03 11:33:07 | 000,002,099 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013.05.02 02:26:13 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2013.05.02 02:24:12 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat [2013.05.02 02:24:12 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat [2013.05.01 20:26:55 | 000,001,747 | ---- | M] () -- C:\Users\Public\Desktop\Eraser.lnk [2013.05.01 20:09:33 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2013.05.01 18:58:14 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.05.01 18:58:14 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.05.01 18:58:14 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.05.01 18:58:14 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.05.01 18:58:14 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.05.01 18:58:14 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.05.01 18:58:14 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.05.01 18:58:14 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.05.01 18:58:14 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.05.01 18:58:14 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.05.01 18:58:14 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.05.01 18:58:14 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.05.01 18:58:14 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.05.01 18:58:14 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.05.01 18:58:14 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.05.01 18:58:14 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.05.01 18:58:14 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.05.01 18:58:14 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.05.01 18:58:14 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.05.01 18:58:14 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.05.01 18:58:14 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.05.01 18:58:14 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.05.01 18:58:14 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.05.01 18:58:14 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.05.01 18:58:14 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.05.01 18:58:14 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.05.01 18:58:14 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.05.01 18:58:14 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.05.01 18:58:14 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.05.01 18:58:14 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.05.01 18:58:14 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.05.01 18:58:14 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.05.01 18:58:14 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.05.01 18:58:14 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.05.01 18:58:14 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.05.01 18:58:14 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.05.01 18:58:14 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.05.01 18:58:14 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.05.01 18:58:14 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.05.01 18:58:14 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.05.01 18:58:14 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.05.01 18:58:14 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.05.01 18:58:14 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.05.01 18:58:14 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.05.01 18:58:14 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.05.01 18:58:14 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.05.01 18:58:14 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.05.01 18:58:14 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.05.01 18:58:14 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.05.01 18:58:14 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013.05.01 18:58:14 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013.05.01 18:58:14 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.05.01 18:58:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.05.01 18:58:14 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.05.01 18:58:14 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.05.01 18:14:59 | 000,620,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys [2013.05.01 18:14:59 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kneps.sys [2013.05.01 18:14:59 | 000,090,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys [2013.05.01 18:14:59 | 000,055,056 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kltdi.sys [2013.05.01 18:12:13 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.05.01 18:08:04 | 000,002,340 | ---- | M] () -- C:\Users\Felix\Desktop\Sicherer Zahlungsverkehr.lnk [2013.05.01 18:01:30 | 000,001,146 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk [2013.05.01 17:59:10 | 000,000,890 | ---- | M] () -- C:\Users\Felix\Desktop\Downloads.lnk [2013.05.01 17:05:24 | 000,017,408 | ---- | M] () -- C:\Users\Felix\AppData\Local\WebpageIcons.db [2013.05.01 16:31:26 | 000,055,513 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2013.05.01 16:31:26 | 000,055,513 | ---- | M] () -- C:\Windows\SysNative\license.rtf ========== Files Created - No Company Name ========== [2013.05.14 12:03:46 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\SUPER ©.lnk [2013.05.14 12:03:45 | 000,227,328 | RHS- | C] () -- C:\Windows\SysWow64\ac3DX.ax [2013.05.14 12:03:45 | 000,195,584 | RHS- | C] () -- C:\Windows\SysWow64\MatroskaDX.ax [2013.05.14 12:03:45 | 000,188,416 | RHS- | C] () -- C:\Windows\SysWow64\winDCE32.dll [2013.05.14 12:03:45 | 000,175,104 | RHS- | C] () -- C:\Windows\SysWow64\CoreAAC.ax [2013.05.14 12:03:45 | 000,121,344 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.ax [2013.05.14 12:03:45 | 000,120,832 | RHS- | C] () -- C:\Windows\SysWow64\MPCDx.ax [2013.05.14 12:03:45 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll [2013.05.14 12:03:45 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\RLMPCDec.ax [2013.05.14 12:03:45 | 000,097,280 | RHS- | C] () -- C:\Windows\SysWow64\FLACDX.ax [2013.05.14 12:03:45 | 000,081,920 | RHS- | C] () -- C:\Windows\SysWow64\aac_parser.ax [2013.05.14 12:03:45 | 000,070,656 | RHS- | C] () -- C:\Windows\SysWow64\RLAPEDec.ax [2013.05.14 12:03:45 | 000,051,712 | RHS- | C] () -- C:\Windows\SysWow64\RLSpeexDec.ax [2013.05.14 10:41:13 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013.05.14 10:39:54 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.12 15:53:35 | 000,001,039 | ---- | C] () -- C:\Users\Felix\Desktop\Dropbox.lnk [2013.05.12 15:44:07 | 000,001,049 | ---- | C] () -- C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.05.08 13:00:51 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.05.07 15:06:36 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.05.04 18:14:20 | 000,001,244 | ---- | C] () -- C:\Users\Felix\Desktop\OpenOffice.org 3.4.1.lnk [2013.05.04 10:48:36 | 000,449,481 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT [2013.05.04 09:20:20 | 426,105,284 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.05.03 12:37:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2013.05.03 11:34:17 | 000,002,167 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk [2013.05.03 11:33:51 | 000,001,060 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk [2013.05.03 11:33:39 | 000,001,351 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk [2013.05.03 11:33:07 | 000,002,099 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013.05.03 11:30:34 | 000,245,280 | ---- | C] () -- C:\Windows\hpoins19.dat [2013.05.03 11:30:34 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat [2013.05.02 02:26:13 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2013.05.02 02:26:11 | 000,383,786 | RHS- | C] () -- C:\bootmgr [2013.05.02 02:25:55 | 000,000,029 | RH-- | C] () -- C:\Windows\version [2013.05.02 02:24:36 | 000,653,928 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat [2013.05.02 02:24:36 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat [2013.05.02 02:24:36 | 000,129,800 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat [2013.05.02 02:24:36 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat [2013.05.01 20:26:55 | 000,001,759 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk [2013.05.01 20:26:55 | 000,001,747 | ---- | C] () -- C:\Users\Public\Desktop\Eraser.lnk [2013.05.01 20:09:33 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2013.05.01 19:07:07 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2013.05.01 18:58:14 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013.05.01 18:58:14 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013.05.01 18:34:14 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2013.05.01 18:12:13 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.05.01 18:12:12 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.05.01 18:08:04 | 000,002,340 | ---- | C] () -- C:\Users\Felix\Desktop\Sicherer Zahlungsverkehr.lnk [2013.05.01 18:01:54 | 000,001,146 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk [2013.05.01 17:59:10 | 000,000,890 | ---- | C] () -- C:\Users\Felix\Desktop\Downloads.lnk [2013.05.01 17:05:23 | 000,017,408 | ---- | C] () -- C:\Users\Felix\AppData\Local\WebpageIcons.db [2013.05.01 16:36:09 | 000,001,409 | ---- | C] () -- C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.05.01 16:31:18 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2013.05.01 16:31:09 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2013.05.01 16:27:14 | 4293,459,966 | -HS- | C] () -- C:\hiberfil.sys [2012.11.16 22:01:08 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.11.16 22:01:08 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.04.18 18:39:10 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > Vielen Dank im Voraus für eure Hilfe Muay |
|
19.05.2013, 02:44
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Adobe Launcher.bundle verschlüsselt Hallo und
__________________ Die Funde halte ich eher für Fehlalarme. Zitat:
Oder ist das rein zufällig ein Büro-/Firmen-PC bzw. ein Uni-Rechner? Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
20.05.2013, 07:37
| #3 |
| | Adobe Launcher.bundle verschlüsselt Ich habe Win7 Professional, weil ich den Rechner für die Uni nutze und zudem relativ günstig dran kam.
__________________Nein, ich hatte das System erst vor ca. 3 Wochen neu aufgesetzt und seit dem kam es zu keinerlei Virenmeldungen. Mache ca. 2mal die Woche nen Durchlauf. |
|
20.05.2013, 22:05
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Adobe Launcher.bundle verschlüsselt ok. Danke für die Erklärung. Aktuliasiere bitte deinen Virenscanner, dann sollte dieser falsche Alarm auch weg sein.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
21.05.2013, 06:10
| #5 |
| | Adobe Launcher.bundle verschlüsselt ok danke |
|
| Themen zu Adobe Launcher.bundle verschlüsselt |
| administrator, adobe, adobe flash player, autorun, bho, ebanking, explorer, firefox, flash player, format, installation, internet security 2013, kaspersky, kaspersky internet security 2013, kis, log, logfile, löschen, mozilla, problem, programme, realtek, registry, scan, security, software, super, tastatur, virus |
Linear-Darstellung
