|
Plagegeister aller Art und deren Bekämpfung: ClickCompare, Text-Enhance usw.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
22.05.2013, 14:17 | #1 |
| ClickCompare, Text-Enhance usw. Hallo zusammen, ich reihe mich mal in das ClickCompare-Problem ein... Seit etwas mehr als einer Woche habe ich einen neuen Laptop (mit Win 8 64 bit) und vor ein paar Tagen fiel mir auf, dass einige Begriffe in Foren als Links markiert wurden und auf Seiten wie clickcompare.info verwiesen. Irgendwann poppte bei mir eine Umfrage - nageblich von Firefox - auf und ich habe diese auch ausgefüllt und abgebrochen, als es um die Gewinnwahl nach Teilnahme ging. Nun werden weiterhin Begriffe verlinkt zu clickcompare oder auch Text-Enhance. Ich habe zunächst mit avast alle möglich Addons von Firefox gelöscht. Zurück blieben nur Adblock, avast, Youtube Unblocker und FindLyrics (welches ich aber nicht zuordnen oder löschen kann). Die große Suche von avast führte zu keinem Ergebnis = Es wurden keine infizierten Dateien gefunden. Malwarebyts hat ebenfalls kein Ergebnis geliefert, weshalb ich selbst nicht mehr weiter weiß. Ich habe OTL runtergeladen und mal scannen lassen. Was ich hier gerne zeigen würde, aber da streikt das Forum wegen zu vieler Zeichen. Als Anhang funktioniert leider gerade auch nicht. Ich klicke zwar auf Anhänge verwalten, aber weiterhin passiert nichts. Ich hoffe, mir ist noch zu helfen |
22.05.2013, 14:31 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | ClickCompare, Text-Enhance usw. Hallo und
__________________Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten! Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
22.05.2013, 14:37 | #3 |
| ClickCompare, Text-Enhance usw. Hier sind die Logs von OTL. Jedes andere Programm hat bisher nix gefunden.
__________________Ich musste sie als Anhang hochladen, da ich sonst die zulässige Anzahl an Zeichen in diesem Post überschreite. Tut mir leid! |
22.05.2013, 14:45 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | ClickCompare, Text-Enhance usw. JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
22.05.2013, 15:53 | #5 |
| ClickCompare, Text-Enhance usw. JRT Log Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Windows 8 x64 Ran by Stefanie on 22.05.2013 at 16:19:39,55 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully stopped: [Service] yontoo desktop updater Successfully deleted: [Service] yontoo desktop updater ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\yontoo desktop ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\datamngr Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\babylon" Successfully deleted: [Folder] "C:\ProgramData\browserprotect" Successfully deleted: [Folder] "C:\ProgramData\tarma installer" Successfully deleted: [Folder] "C:\Users\Stefanie\AppData\Roaming\babsolution" Successfully deleted: [Folder] "C:\Users\Stefanie\AppData\Roaming\babylon" Successfully deleted: [Folder] "C:\Users\Stefanie\AppData\Roaming\yontoo" Successfully deleted: [Folder] "C:\Users\Stefanie\appdata\locallow\delta" Successfully deleted: [Folder] "C:\Program Files (x86)\yontoo" ~~~ FireFox Successfully deleted: [File] C:\Users\Stefanie\AppData\Roaming\mozilla\firefox\profiles\6tj79vgf.default\user.js Successfully deleted: [File] C:\Users\Stefanie\AppData\Roaming\mozilla\firefox\profiles\6tj79vgf.default\searchplugins\babylon.xml Successfully deleted: [File] C:\Users\Stefanie\AppData\Roaming\mozilla\firefox\profiles\6tj79vgf.default\searchplugins\delta.xml Successfully deleted the following from C:\Users\Stefanie\AppData\Roaming\mozilla\firefox\profiles\6tj79vgf.default\prefs.js user_pref("extensions.delta.admin", false); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.dfltLng", "en"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.id", "12ee95d5000000000000689423fc5148"); user_pref("extensions.delta.instlDay", "15841"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.newTab", false); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.vrsn", "1.8.16.16"); user_pref("extensions.delta.vrsnTs", "1.8.16.1614:05:11"); user_pref("extensions.delta.vrsni", "1.8.16.16"); Emptied folder: C:\Users\Stefanie\AppData\Roaming\mozilla\firefox\profiles\6tj79vgf.default\minidumps [4 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 22.05.2013 at 16:24:06,21 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
ATTFilter # AdwCleaner v2.301 - Datei am 22/05/2013 um 16:31:53 erstellt # Aktualisiert am 16/05/2013 von Xplode # Betriebssystem : Windows 8 (64 bits) # Benutzer : Stefanie - STEFFIE # Bootmodus : Normal # Ausgeführt unter : C:\Users\Stefanie\Desktop\adwcleaner.exe # Option [Löschen] **** [Dienste] **** ***** [Dateien / Ordner] ***** ***** [Registrierungsdatenbank] ***** Schlüssel Gelöscht : HKCU\Software\DataMngr Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar Schlüssel Gelöscht : HKCU\Software\delta LTD Schlüssel Gelöscht : HKCU\Software\InstallCore Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Schlüssel Gelöscht : HKLM\Software\DataMngr Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5a48b8cbd39b844 Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer ***** [Internet Browser] ***** -\\ Internet Explorer v10.0.9200.16537 [OK] Die Registrierungsdatenbank ist sauber. -\\ Mozilla Firefox v21.0 (de) Datei : C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\6tj79vgf.default\prefs.js Gelöscht : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers"); Gelöscht : user_pref("extentions.y2layers.installId", "033a6b79-1ccb-419a-b0ad-50a60f1cec45"); ************************* AdwCleaner[R1].txt - [2799 octets] - [22/05/2013 16:26:54] AdwCleaner[S1].txt - [2736 octets] - [22/05/2013 16:31:53] ########## EOF - C:\AdwCleaner[S1].txt - [2796 octets] ########## Code:
ATTFilter OTL Extras logfile created on: 22.05.2013 16:39:11 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Stefanie\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16580) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,87 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 65,24% Memory free 4,56 Gb Paging File | 3,18 Gb Available in Paging File | 69,74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 418,43 Gb Total Space | 371,09 Gb Free Space | 88,69% Space Free | Partition Type: NTFS Drive D: | 25,00 Gb Total Space | 23,50 Gb Free Space | 94,01% Space Free | Partition Type: NTFS Computer Name: STEFFIE | User Name: Stefanie | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2589906179-3452524320-955808348-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{FCC1FC70-D19C-440E-88A4-C5433828D524}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04CFE8E1-D75B-4663-BDF5-9A614986B14D}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{0A92FCD5-326A-49FA-95B1-A18E02111F2C}" = dir=out | name=rara.com | "{0B1E0A11-B5E8-4DEE-B1EB-A274294BA4EB}" = dir=out | name=lenovo support | "{1039D63E-F33D-4725-86F2-517F82AF9C2F}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | "{11582E64-BDF1-440F-964B-7F4BD1914931}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | "{194EC132-2CEC-40A9-BCBA-6BB20EAC67F8}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | "{1C6E9A59-723C-4DEC-9C1F-D19D9C0BB2CC}" = dir=out | name=skype | "{1DD61F59-4E8F-4412-B776-8374EA2E5C4D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{235008DA-EE94-452C-9D38-948880097121}" = dir=in | app=c:\program files (x86)\lenovo\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | "{29960863-F443-4DC0-B78E-91950C484B75}" = dir=out | name=windows_ie_ac_001 | "{32F37567-A623-4301-8E77-D78AB4B8C1FC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{3BB2D907-A9D4-47D8-B047-9E81EF96824D}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | "{3C2ABB85-EAE8-48F4-B49D-6911DD8BD422}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{4043A101-C0B8-4E01-9986-3970DCBC7062}" = dir=out | name=kindle | "{4A8023CF-1A88-4AEB-B4B3-FD02F95244B4}" = dir=in | name=evernote | "{5307614C-31D3-433C-A4FC-71E497C27D0B}" = dir=in | name=kindle | "{560290D3-7933-4C1B-9410-F8F184668EBE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{5F3E83BB-01FB-4F3E-9073-8ABCA6FF2D4C}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{6652AD2E-6CDC-41AE-A9D4-C7C5F3803F6B}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{6E5651E1-CBCC-4413-81D4-C8B7F3A51347}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | "{781B0F72-654B-442C-8279-A69B6B91101E}" = dir=in | app=c:\program files (x86)\lenovo\powerdvd10\powerdvd10.exe | "{79228D74-A149-4148-B7DA-F100F40076E7}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{7D3E721F-96C7-4467-8FB0-CBF8848298B4}" = dir=out | name=accuweather for windows 8 | "{8041BC52-54E7-41AA-90C8-D10FB34EAB47}" = protocol=17 | dir=in | app=c:\users\stefanie\appdata\roaming\dropbox\bin\dropbox.exe | "{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{919F0188-2D18-4420-94B1-FA337E748588}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{930C795D-826B-411A-8088-79EC1DE33984}" = dir=in | name=skype | "{9D4A5145-F0ED-45E1-B0E7-A251B2A6B996}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{A3C4AC33-62A6-4DD9-BCDF-1086716BDAA1}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{A915F978-E404-4D82-A6BF-63901739354F}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{B106D02C-8977-44C9-8549-6664A75276A7}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | "{B8B363C7-EBC6-4FAE-9CBC-B7151E48C274}" = protocol=6 | dir=in | app=c:\users\stefanie\appdata\roaming\dropbox\bin\dropbox.exe | "{C3C35988-33EE-418D-B1FF-01E6064A5CCA}" = dir=out | name=mcafee security advisor for lenovo | "{C5765CB0-E15A-4285-AEAD-FD9B08030092}" = dir=out | name=lenovo companion | "{C7DCF722-7D5A-4FAE-BB7C-21705E601AC4}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{CEA130F6-4C7C-4EB5-A918-21520A36F075}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{D2D6EC68-D744-4369-A67D-52F3BB59FC05}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | "{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{E96DC64A-2134-412C-A6E0-191AC2A73C3A}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{EF837BC2-7929-4771-84A5-73E484980E4F}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{EFE1E780-7F28-435F-BB26-018E188F0AEA}" = dir=out | name=powerdvd for lenovo idea | "{F6B756DA-D5B9-40AD-8740-B688F586D917}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{FBDEFFE4-FBC2-4E61-B7ED-9106BF679981}" = dir=out | name=evernote | "TCP Query User{18DFACE8-D69F-4A99-B59A-E41CA03F2C5B}C:\program files (x86)\trillian\plugins\skypekit.exe" = protocol=6 | dir=in | app=c:\program files (x86)\trillian\plugins\skypekit.exe | "TCP Query User{8865EBA3-CF14-4E08-986B-30DF3111D8F8}C:\users\stefanie\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\stefanie\appdata\roaming\spotify\spotify.exe | "TCP Query User{C4DD9329-FE15-4613-8306-2BFBFBDDACC6}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe | "UDP Query User{0A1D1AE8-F81D-4756-9D00-2392465B1006}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe | "UDP Query User{229AFF6E-6D50-44BE-8FDA-E270990958A3}C:\program files (x86)\trillian\plugins\skypekit.exe" = protocol=17 | dir=in | app=c:\program files (x86)\trillian\plugins\skypekit.exe | "UDP Query User{D8687F34-610D-4CC7-B1F2-4F1967A5D606}C:\users\stefanie\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\stefanie\appdata\roaming\spotify\spotify.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}" = Lenovo Bluetooth with Enhanced Data Rate Software "{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64 "{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client "71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42" = Windows-Treiberpaket - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) "8A223E56FB1ED4F697B54E5BF96F1EB63B512684" = Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) "CNXT_AUDIO_HDA" = Conexant HD Audio "Elantech" = Lenovo pointing device "WinRAR archiver" = WinRAR 4.20 (64-Bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{5D642A72-8194-4A22-80DA-11FE610CCA8E}" = Lenovo_Wireless_Driver "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}" = Lenovo EasyCamera "{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2 "{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management "{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = Lenovo PowerDVD10 "{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = Benutzerhandbuch "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package "5513-1208-7298-9440" = JDownloader 0.9 "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "avast" = avast! Free Antivirus "ENTERPRISE" = Microsoft Office Enterprise 2007 "findlyrics@findlyrics.co" = FindLyrics "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam "InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery "InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management "InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = Lenovo PowerDVD10 "InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide "Intel AppUp(SM) center 33057" = Intel AppUp(SM) center "IObit_StartMenu8_is1" = Start Menu 8 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300 "Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "SugarSync" = SugarSync Manager "The Lost Crown_is1" = The Lost Crown version 1.2.1 "Trillian" = Trillian "VirtualCloneDrive" = VirtualCloneDrive ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2589906179-3452524320-955808348-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "Spotify" = Spotify ========== Last 20 Event Log Errors ========== [ System Events ] Error - 22.05.2013 10:29:03 | Computer Name = Steffie | Source = Microsoft-Windows-Kernel-General | ID = 6 Description = Error - 22.05.2013 10:29:52 | Computer Name = Steffie | Source = Service Control Manager | ID = 7000 Description = Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error - 22.05.2013 10:32:47 | Computer Name = Steffie | Source = Microsoft-Windows-Kernel-General | ID = 6 Description = Error - 22.05.2013 10:33:31 | Computer Name = Steffie | Source = Service Control Manager | ID = 7000 Description = Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 < End of report > |
22.05.2013, 15:54 | #6 |
| ClickCompare, Text-Enhance usw. OTL Log Code:
ATTFilter OTL logfile created on: 22.05.2013 16:39:11 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Stefanie\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16580) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,87 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 65,24% Memory free 4,56 Gb Paging File | 3,18 Gb Available in Paging File | 69,74% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 418,43 Gb Total Space | 371,09 Gb Free Space | 88,69% Space Free | Partition Type: NTFS Drive D: | 25,00 Gb Total Space | 23,50 Gb Free Space | 94,01% Space Free | Partition Type: NTFS Computer Name: STEFFIE | User Name: Stefanie | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Stefanie\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe (Adobe Systems, Inc.) PRC - C:\Users\Stefanie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Users\Stefanie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (IObit) PRC - C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (IObit) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe (IObit) PRC - c:\program files (x86)\trillian\plugins\skypekit.exe () PRC - C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios) PRC - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) PRC - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\USB Camera2\VM332STI.EXE (Vimicro) ========== Modules (No Company Name) ========== MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Users\Stefanie\AppData\Roaming\Dropbox\bin\libcef.dll () MOD - c:\program files (x86)\trillian\plugins\skypekit.exe () MOD - C:\Program Files (x86)\Trillian\libpng15.dll () MOD - C:\Program Files (x86)\Trillian\libungif.dll () MOD - C:\Program Files (x86)\Trillian\zlib1.dll () MOD - c:\program files (x86)\trillian\languages\en\buddy.dll () MOD - c:\program files (x86)\trillian\languages\en\talk.dll () MOD - c:\program files (x86)\trillian\languages\en\trillian.dll () MOD - c:\program files (x86)\trillian\languages\en\events.dll () MOD - c:\program files (x86)\trillian\languages\en\toolkit.dll () MOD - C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl () MOD - C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl () MOD - C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl () MOD - C:\Users\Stefanie\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll () MOD - C:\Windows\SysWOW64\vmprp332.ax () ========== Services (SafeList) ========== SRV:64bit: - (mcbootdelaystartsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe /McCoreSvc File not found SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (BcmBtRSupport) -- C:\Windows\SysNative\BtwRSupportService.exe (Broadcom Corporation.) SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (CxAudMsg) -- C:\Windows\SysNative\CxAudMsg64.exe (Conexant Systems Inc.) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (StartMenuService) -- C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (IObit) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (btwdins) -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (ETDService) -- C:\Programme\Elantech\ETDService.exe (ELAN Microelectronics Corp.) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (aswSnx) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\WINDOWS\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswVmm) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys () DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\Drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (aswRvrt) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys () DRV:64bit: - (aswTdi) -- C:\WINDOWS\SysNative\drivers\aswTdi.sys (AVAST Software) DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\Drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswFsBlk) -- C:\WINDOWS\SysNative\drivers\aswFsBlk.sys (AVAST Software) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (LHDmgr) -- C:\Windows\SysNative\Drivers\LhdX64.sys (Lenovo.) DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\Drivers\AcpiVpc.sys (Lenovo Corporation) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\Drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\Drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\Drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation) DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\Drivers\btwampfl.sys (Broadcom Corporation.) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (ETD) -- C:\Windows\SysNative\Drivers\ETD.sys (ELAN Microelectronics Corp.) DRV:64bit: - (bcbtums) -- C:\Windows\SysNative\Drivers\bcbtums.sys (Broadcom Corporation.) DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (vm332avs) -- C:\Windows\SysNative\Drivers\vm332avs.sys (Vimicro Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\Drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation) DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (L1C) -- C:\Windows\SysNative\Drivers\L1C63x64.sys (Qualcomm Atheros Co., Ltd.) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\Drivers\BCMWL63a.SYS (Broadcom Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\Drivers\CHDRT64.sys (Conexant Systems Inc.) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\Drivers\RtsUVStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (wsvd) -- C:\Windows\SysNative\Drivers\wsvd.sys ("CyberLink) DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\Drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (e1iexpress) -- C:\Windows\SysNative\Drivers\e1i63x64.sys (Intel Corporation) DRV:64bit: - (VClone) -- C:\Windows\SysNative\Drivers\VClone.sys (Elaborate Bytes AG) DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys (Elaborate Bytes AG) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{14FB477A-9F40-4C68-AD9C-521518AB56F6}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{14FB477A-9F40-4C68-AD9C-521518AB56F6}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2589906179-3452524320-955808348-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com IE - HKU\S-1-5-21-2589906179-3452524320-955808348-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com [binary data] IE - HKU\S-1-5-21-2589906179-3452524320-955808348-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com IE - HKU\S-1-5-21-2589906179-3452524320-955808348-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com [binary data] IE - HKU\S-1-5-21-2589906179-3452524320-955808348-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com IE - HKU\S-1-5-21-2589906179-3452524320-955808348-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2589906179-3452524320-955808348-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Google" FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.order.1: "Google" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.com/firefox" FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489 FF - prefs.js..extensions.enabledAddons: youtubeunblocker%40unblocker.yt:0.4.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.05.13 14:28:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\findlyrics@findlyrics.co: C:\Program Files (x86)\FindLyrics\FF\ [2013.05.16 14:04:21 | 000,000,000 | ---D | M] [2013.05.13 10:50:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stefanie\AppData\Roaming\Mozilla\Extensions [2013.05.22 13:11:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\6tj79vgf.default\extensions [2013.05.14 18:50:03 | 000,005,429 | ---- | M] () (No name found) -- C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\6tj79vgf.default\extensions\youtubeunblocker@unblocker.yt.xpi [2013.05.13 10:55:57 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\6tj79vgf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.05.22 15:32:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.05.22 15:32:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.05.13 14:28:13 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (FindLyrics) - {44C9CC91-6A4A-4579-B4B5-899ECDC18DC6} - C:\Program Files (x86)\FindLyrics\FindLyrics.dll (FindLyrics) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc.) O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe (Lenovo(beijing) Limited) O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc.) O4 - HKLM..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332STI.EXE (Vimicro) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation) O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink) O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.) O4 - HKU\S-1-5-21-2589906179-3452524320-955808348-1001..\Run: [Spotify] C:\Users\Stefanie\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) O4 - HKU\S-1-5-21-2589906179-3452524320-955808348-1001..\Run: [Spotify Web Helper] C:\Users\Stefanie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - Startup: C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Stefanie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A54B7DA-C654-4E35-999A-4EC3FF947A83}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.22 16:19:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2013.05.22 16:19:34 | 000,000,000 | ---D | C] -- C:\JRT [2013.05.22 16:17:31 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Stefanie\Desktop\JRT.exe [2013.05.22 13:52:29 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Malwarebytes [2013.05.22 13:52:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.05.22 13:52:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.05.22 13:52:10 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys [2013.05.22 13:52:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.05.22 13:51:46 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\Programs [2013.05.22 13:19:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Stefanie\Desktop\OTL.exe [2013.05.20 04:50:25 | 002,206,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll [2013.05.20 04:50:24 | 001,265,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll [2013.05.20 04:50:24 | 000,793,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll [2013.05.20 04:50:24 | 000,579,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll [2013.05.20 04:50:23 | 001,841,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll [2013.05.20 04:50:21 | 000,612,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll [2013.05.20 04:50:20 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe [2013.05.20 04:50:19 | 000,441,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys [2013.05.20 04:50:18 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys [2013.05.20 04:50:18 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.Compression.dll [2013.05.20 04:50:16 | 000,058,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys [2013.05.20 04:50:15 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpaceControl.dll [2013.05.20 04:50:15 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll [2013.05.20 04:50:13 | 000,056,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdstor.sys [2013.05.20 04:50:13 | 000,033,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\battc.sys [2013.05.20 04:50:12 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.Compression.dll [2013.05.20 04:50:11 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\input.dll [2013.05.20 04:50:10 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\input.dll [2013.05.20 04:50:10 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll [2013.05.20 04:50:04 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll [2013.05.20 04:50:02 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SysFxUI.dll [2013.05.20 04:50:01 | 001,836,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll [2013.05.20 04:49:54 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\drmk.sys [2013.05.20 04:49:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kbdhebl3.dll [2013.05.20 04:49:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdhebl3.dll [2013.05.20 04:49:49 | 000,962,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll [2013.05.20 04:49:49 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll [2013.05.20 04:49:49 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPKsp.dll [2013.05.20 04:49:48 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll [2013.05.20 04:49:47 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxSip.dll [2013.05.20 04:49:45 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfapigp.dll [2013.05.20 04:49:40 | 001,226,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll [2013.05.20 04:49:40 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll [2013.05.20 04:49:38 | 002,115,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe [2013.05.20 04:49:25 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll [2013.05.20 04:49:25 | 001,045,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll [2013.05.20 04:49:25 | 000,757,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FirewallAPI.dll [2013.05.20 04:49:25 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icfupgd.dll [2013.05.20 04:49:25 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfapigp.dll [2013.05.20 04:49:24 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll [2013.05.20 04:49:24 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeUISrv.exe [2013.05.20 04:49:21 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll [2013.05.20 04:49:21 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPKsp.dll [2013.05.20 04:49:16 | 002,380,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe [2013.05.20 04:49:15 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSip.dll [2013.05.20 04:49:15 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-pdc.dll [2013.05.20 04:42:01 | 003,245,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll [2013.05.20 04:41:57 | 001,536,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll [2013.05.20 04:41:57 | 001,122,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe [2013.05.20 04:41:57 | 001,027,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe [2013.05.20 04:41:56 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebcamUi.dll [2013.05.20 04:41:56 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WebcamUi.dll [2013.05.20 04:41:55 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserLanguagesCpl.dll [2013.05.20 04:41:52 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnapps.dll [2013.05.20 04:41:50 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserLanguagesCpl.dll [2013.05.20 04:41:49 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstsc.exe [2013.05.20 04:41:49 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wpnapps.dll [2013.05.20 04:41:49 | 000,027,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys [2013.05.20 04:41:48 | 001,217,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll [2013.05.20 04:41:47 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstsc.exe [2013.05.20 04:41:46 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll [2013.05.20 04:41:46 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll [2013.05.20 04:41:45 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL [2013.05.20 04:41:45 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL [2013.05.20 04:41:45 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsutil.dll [2013.05.20 04:41:44 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rfxvmt.dll [2013.05.20 04:41:44 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsldr.exe [2013.05.20 04:41:43 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll [2013.05.20 04:41:43 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vds_ps.dll [2013.05.20 04:41:43 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vds_ps.dll [2013.05.20 04:39:54 | 001,526,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll [2013.05.20 04:39:53 | 001,451,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll [2013.05.20 04:39:52 | 001,566,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll [2013.05.20 04:39:52 | 000,976,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll [2013.05.20 04:39:51 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll [2013.05.20 04:39:49 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\HelpPane.exe [2013.05.20 04:39:46 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafWCN.dll [2013.05.20 04:39:45 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll [2013.05.20 04:39:45 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll [2013.05.20 04:39:45 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bthprops.cpl [2013.05.20 04:39:44 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bthprops.cpl [2013.05.20 04:39:44 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll [2013.05.20 04:39:42 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll [2013.05.20 04:39:40 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll [2013.05.20 04:39:38 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll [2013.05.20 04:39:38 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnApi.dll [2013.05.20 04:39:38 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WcnApi.dll [2013.05.20 04:39:37 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll [2013.05.20 04:39:37 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlansec.dll [2013.05.20 04:39:36 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdWCN.dll [2013.05.20 04:39:35 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnEapAuthProxy.dll [2013.05.20 04:39:34 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfdprov.dll [2013.05.20 04:39:34 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnEapPeerProxy.dll [2013.05.20 04:39:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfdprov.dll [2013.05.20 04:39:31 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\fxppm.sys [2013.05.20 04:39:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanhlp.dll [2013.05.20 04:39:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanhlp.dll [2013.05.20 04:39:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsilog.dll [2013.05.20 04:39:17 | 008,552,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\glcndFilter.dll [2013.05.20 04:39:17 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll [2013.05.20 04:39:03 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpclip.exe [2013.05.20 04:39:02 | 011,459,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\glcndFilter.dll [2013.05.20 04:39:01 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll [2013.05.19 13:39:31 | 001,172,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll [2013.05.19 13:39:30 | 000,929,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll [2013.05.19 13:39:30 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll [2013.05.19 13:39:30 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll [2013.05.19 13:39:30 | 000,513,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll [2013.05.19 13:39:29 | 000,673,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll [2013.05.19 13:38:12 | 001,184,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll [2013.05.19 13:38:12 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll [2013.05.19 13:38:11 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDKURD.DLL [2013.05.19 13:38:10 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDKURD.DLL [2013.05.18 23:08:46 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll [2013.05.18 23:08:46 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll [2013.05.18 23:08:46 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll [2013.05.18 23:08:45 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll [2013.05.18 23:08:45 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll [2013.05.18 23:08:45 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll [2013.05.18 13:40:25 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dskquota.dll [2013.05.18 13:40:24 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dskquota.dll [2013.05.18 11:50:36 | 000,396,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll [2013.05.18 10:43:28 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll [2013.05.18 10:07:26 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll [2013.05.18 10:07:25 | 000,707,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll [2013.05.18 01:11:16 | 013,648,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll [2013.05.18 01:11:15 | 014,267,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll [2013.05.18 01:11:15 | 003,552,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll [2013.05.18 01:11:13 | 011,878,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll [2013.05.18 01:11:12 | 010,789,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll [2013.05.18 01:11:12 | 002,107,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll [2013.05.18 01:11:11 | 002,767,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll [2013.05.18 01:11:10 | 001,593,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll [2013.05.18 01:11:07 | 001,829,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll [2013.05.18 01:11:07 | 001,444,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAudDecMFT.dll [2013.05.18 01:11:02 | 010,116,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll [2013.05.18 01:11:00 | 001,113,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSAudDecMFT.dll [2013.05.18 01:10:59 | 000,306,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kd_02_10ec.dll [2013.05.18 01:10:58 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll [2013.05.18 01:10:57 | 000,298,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rsaenh.dll [2013.05.18 01:10:55 | 000,446,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll [2013.05.18 01:10:55 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe [2013.05.18 01:10:54 | 000,489,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll [2013.05.18 01:10:53 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe [2013.05.18 01:10:53 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmredir.dll [2013.05.18 01:10:52 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll [2013.05.18 01:10:52 | 000,435,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll [2013.05.18 01:10:51 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll [2013.05.18 01:10:51 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll [2013.05.18 01:10:51 | 000,253,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe [2013.05.18 01:10:50 | 000,804,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RecoveryDrive.exe [2013.05.18 01:10:49 | 001,403,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi [2013.05.18 01:10:48 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll [2013.05.18 01:10:47 | 001,267,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe [2013.05.18 01:10:47 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll [2013.05.18 01:10:46 | 002,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll [2013.05.18 01:10:45 | 001,217,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi [2013.05.18 01:10:45 | 000,523,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll [2013.05.18 01:10:44 | 001,093,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe [2013.05.18 01:10:43 | 000,503,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll [2013.05.18 01:10:42 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll [2013.05.18 01:10:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhengine.dll [2013.05.18 01:10:42 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmvdsitf.dll [2013.05.18 01:10:41 | 000,659,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll [2013.05.18 01:10:41 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll [2013.05.18 01:10:40 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll [2013.05.18 01:10:40 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll [2013.05.18 01:10:40 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll [2013.05.18 01:10:40 | 000,123,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll [2013.05.18 01:10:39 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe [2013.05.18 01:10:39 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Robocopy.exe [2013.05.18 01:10:39 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Robocopy.exe [2013.05.18 01:10:39 | 000,077,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdvm.dll [2013.05.18 01:10:38 | 000,522,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll [2013.05.18 01:10:38 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\intl.cpl [2013.05.18 01:10:38 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iuilp.dll [2013.05.18 01:10:37 | 000,463,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll [2013.05.18 01:10:37 | 000,284,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys [2013.05.18 01:10:37 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmvdsitf.dll [2013.05.18 01:10:36 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll [2013.05.18 01:10:36 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll [2013.05.18 01:10:36 | 000,086,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdnet.dll [2013.05.18 01:10:35 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys [2013.05.18 01:10:34 | 000,745,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll [2013.05.18 01:10:34 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GenuineCenter.dll [2013.05.18 01:10:34 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll [2013.05.18 01:10:33 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\intl.cpl [2013.05.18 01:10:33 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fmifs.dll [2013.05.18 01:10:32 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fmifs.dll [2013.05.18 01:10:31 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssphtb.dll [2013.05.18 01:10:31 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll [2013.05.18 01:10:31 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msshooks.dll [2013.05.18 01:10:30 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssitlb.dll [2013.05.18 01:10:30 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msshooks.dll [2013.05.18 01:10:29 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll [2013.05.18 01:10:29 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssitlb.dll [2013.05.18 01:10:29 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll [2013.05.18 01:10:29 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msscntrs.dll [2013.05.16 18:58:26 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_9.dll [2013.05.16 18:58:26 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_9.dll [2013.05.16 18:58:25 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_35.dll [2013.05.16 18:58:25 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_35.dll [2013.05.16 18:58:25 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_35.dll [2013.05.16 18:58:25 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_35.dll [2013.05.16 18:58:23 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_35.dll [2013.05.16 18:58:23 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_35.dll [2013.05.16 18:58:22 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_8.dll [2013.05.16 18:58:22 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_8.dll [2013.05.16 18:58:22 | 000,021,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\x3daudio1_2.dll [2013.05.16 18:58:22 | 000,018,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\x3daudio1_2.dll [2013.05.16 18:58:21 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_34.dll [2013.05.16 18:58:21 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_34.dll [2013.05.16 18:58:21 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_34.dll [2013.05.16 18:58:21 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_34.dll [2013.05.16 18:58:20 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_34.dll [2013.05.16 18:58:20 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_34.dll [2013.05.16 18:58:20 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xinput1_3.dll [2013.05.16 18:58:20 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_3.dll [2013.05.16 18:58:19 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_7.dll [2013.05.16 18:58:19 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_7.dll [2013.05.16 18:58:17 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_33.dll [2013.05.16 18:58:17 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_33.dll [2013.05.16 18:58:17 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_33.dll [2013.05.16 18:58:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_33.dll [2013.05.16 18:58:16 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_33.dll [2013.05.16 18:58:16 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_33.dll [2013.05.16 18:58:16 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_6.dll [2013.05.16 18:58:16 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_6.dll [2013.05.16 18:58:14 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10.dll [2013.05.16 18:58:14 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10.dll [2013.05.16 18:58:14 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_5.dll [2013.05.16 18:58:14 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_5.dll [2013.05.16 18:58:13 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_32.dll [2013.05.16 18:58:13 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_32.dll [2013.05.16 18:58:12 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_4.dll [2013.05.16 18:58:12 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_4.dll [2013.05.16 18:58:12 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\x3daudio1_1.dll [2013.05.16 18:58:12 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\x3daudio1_1.dll [2013.05.16 18:58:11 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_31.dll [2013.05.16 18:58:11 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_31.dll [2013.05.16 18:58:10 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_3.dll [2013.05.16 18:58:10 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_3.dll [2013.05.16 18:58:09 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xinput1_2.dll [2013.05.16 18:58:09 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_2.dll [2013.05.16 18:58:08 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_2.dll [2013.05.16 18:58:08 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_2.dll [2013.05.16 18:58:08 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xinput1_1.dll [2013.05.16 18:58:08 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_1.dll [2013.05.16 18:58:06 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_1.dll [2013.05.16 18:58:06 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_1.dll [2013.05.16 18:58:00 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_30.dll [2013.05.16 18:58:00 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_30.dll [2013.05.16 18:57:58 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_0.dll [2013.05.16 18:57:58 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_0.dll [2013.05.16 18:57:58 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\x3daudio1_0.dll [2013.05.16 18:57:58 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\x3daudio1_0.dll [2013.05.16 18:57:57 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_29.dll [2013.05.16 18:57:57 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_29.dll [2013.05.16 18:57:55 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_28.dll [2013.05.16 18:57:55 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_28.dll [2013.05.16 18:57:53 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_27.dll [2013.05.16 18:57:53 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_27.dll [2013.05.16 18:57:51 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_25.dll [2013.05.16 18:57:51 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_26.dll [2013.05.16 18:57:51 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_25.dll [2013.05.16 18:57:51 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_26.dll [2013.05.16 18:57:47 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_24.dll [2013.05.16 18:57:47 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_24.dll [2013.05.16 18:56:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Lost Crown [2013.05.16 14:24:21 | 000,693,112 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2013.05.16 14:24:21 | 000,078,200 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl [2013.05.16 14:20:24 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice [2013.05.16 14:09:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2013.05.16 14:04:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FindLyrics [2013.05.15 06:04:38 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2013.05.15 06:04:31 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll [2013.05.15 06:04:30 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll [2013.05.15 06:04:29 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll [2013.05.15 06:04:29 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll [2013.05.15 06:04:28 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll [2013.05.15 06:04:28 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe [2013.05.15 06:04:28 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll [2013.05.15 06:03:57 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shdocvw.dll [2013.05.15 06:03:56 | 000,112,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe [2013.05.15 06:03:44 | 002,382,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\esent.dll [2013.05.15 06:03:43 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll [2013.05.15 06:03:41 | 006,987,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe [2013.05.14 11:54:21 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2013.05.14 11:54:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8 [2013.05.14 11:54:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit [2013.05.13 14:28:33 | 000,378,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys [2013.05.13 14:28:33 | 000,033,400 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswFsBlk.sys [2013.05.13 14:28:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013.05.13 14:28:32 | 000,072,016 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys [2013.05.13 14:28:32 | 000,064,288 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswTdi.sys [2013.05.13 14:28:29 | 001,025,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys [2013.05.13 14:28:26 | 000,080,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys [2013.05.13 14:28:25 | 000,287,840 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe [2013.05.13 14:28:00 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2013.05.13 14:27:46 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013.05.13 14:27:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2013.05.13 12:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2013.05.13 12:13:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works [2013.05.13 12:13:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio [2013.05.13 12:13:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2013.05.13 12:13:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH [2013.05.13 12:11:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2013.05.13 12:11:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2013.05.13 12:11:01 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\Microsoft Help [2013.05.13 12:10:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2013.05.13 12:10:19 | 000,000,000 | RH-D | C] -- C:\MSOCache [2013.05.13 12:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes [2013.05.13 12:08:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes [2013.05.13 11:51:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc [2013.05.13 11:44:00 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Dropbox [2013.05.13 11:42:34 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2013.05.13 11:40:24 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Dropbox [2013.05.13 11:32:08 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcr100_clr0400.dll [2013.05.13 11:31:41 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcr100_clr0400.dll [2013.05.13 11:29:25 | 002,094,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmc.exe [2013.05.13 11:29:25 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll [2013.05.13 11:29:25 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll [2013.05.13 11:29:24 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmc.exe [2013.05.13 11:29:22 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupapi.dll [2013.05.13 11:29:21 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll [2013.05.13 11:29:21 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll [2013.05.13 11:29:21 | 000,028,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpiowin32.sys [2013.05.13 11:29:19 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll [2013.05.13 11:29:19 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP4SDECD.DLL [2013.05.13 11:29:19 | 000,303,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys [2013.05.13 11:29:19 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll [2013.05.13 11:29:19 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDMon.dll [2013.05.13 11:29:19 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetpp.dll [2013.05.13 11:29:19 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiaacmgr.exe [2013.05.13 11:29:18 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncbservice.dll [2013.05.13 11:29:18 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiaacmgr.exe [2013.05.13 11:29:17 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP4SDECD.DLL [2013.05.13 11:29:17 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxm.dll [2013.05.13 11:29:17 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhsvc.dll [2013.05.13 11:29:16 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhapi.dll [2013.05.13 11:29:16 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxp.dll [2013.05.13 11:29:16 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\keepaliveprovider.dll [2013.05.13 11:28:40 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll [2013.05.13 11:28:35 | 001,627,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll [2013.05.13 11:28:32 | 005,978,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll [2013.05.13 11:28:31 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll [2013.05.13 11:28:31 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll [2013.05.13 11:28:31 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll [2013.05.13 11:28:30 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll [2013.05.13 11:28:30 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47Langs.dll [2013.05.13 11:28:30 | 000,327,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys [2013.05.13 11:28:29 | 005,091,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll [2013.05.13 11:28:29 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll [2013.05.13 11:28:29 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ubpm.dll [2013.05.13 11:28:28 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll [2013.05.13 11:28:28 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll [2013.05.13 11:28:28 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll [2013.05.13 11:28:28 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll [2013.05.13 11:28:28 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BCP47Langs.dll [2013.05.13 11:28:27 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll [2013.05.13 11:28:27 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TimeBrokerServer.dll [2013.05.13 11:28:26 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll [2013.05.13 11:28:26 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS [2013.05.13 11:28:26 | 000,332,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys [2013.05.13 11:28:24 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll [2013.05.13 11:28:24 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll [2013.05.13 11:28:24 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll [2013.05.13 11:28:24 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll [2013.05.13 11:28:24 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll [2013.05.13 11:28:24 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll [2013.05.13 11:28:23 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll [2013.05.13 11:28:23 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll [2013.05.13 11:28:23 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll [2013.05.13 11:28:22 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll [2013.05.13 11:28:22 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll [2013.05.13 11:28:22 | 000,194,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys [2013.05.13 11:28:18 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll [2013.05.13 11:28:18 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\discan.dll [2013.05.13 11:28:18 | 000,125,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys [2013.05.13 11:28:18 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhost.exe [2013.05.13 11:28:18 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys [2013.05.13 11:28:18 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll [2013.05.13 11:28:17 | 000,058,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe [2013.05.13 11:28:14 | 000,337,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS [2013.05.13 11:28:13 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NdisImPlatform.dll [2013.05.13 11:28:13 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhostex.exe [2013.05.13 11:28:12 | 000,148,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys [2013.05.13 11:28:12 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys [2013.05.13 11:28:11 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuaext.dll [2013.05.13 11:28:10 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fsquirt.exe [2013.05.13 11:28:10 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll [2013.05.13 11:28:10 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.cpl [2013.05.13 11:28:10 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercfg.cpl [2013.05.13 11:28:10 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll [2013.05.13 11:28:10 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll [2013.05.13 11:28:10 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevDispItemProvider.dll [2013.05.13 11:28:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll [2013.05.13 11:28:09 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll [2013.05.13 11:28:08 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncInfo.dll [2013.05.13 11:28:08 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll [2013.05.13 11:28:08 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDPrintProxy.DLL [2013.05.13 11:28:08 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe [2013.05.13 11:28:08 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevDispItemProvider.dll [2013.05.13 11:28:08 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe [2013.05.13 11:28:07 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncInfo.dll [2013.05.13 11:28:07 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll [2013.05.13 11:28:05 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wushareduxresources.dll [2013.05.13 11:23:23 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\synceng.dll [2013.05.13 11:23:23 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\synceng.dll [2013.05.13 11:14:01 | 000,000,000 | ---D | C] -- C:\Program Files\Ulead IPhoto Plus 4 [2013.05.13 11:13:21 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\WinRAR [2013.05.13 11:13:21 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.05.13 11:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.05.13 11:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2013.05.13 11:13:14 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tssdisai.dll [2013.05.13 11:13:14 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appserverai.dll [2013.05.13 11:13:14 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDWebAI.dll [2013.05.13 11:13:14 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VmHostAI.dll [2013.05.13 11:13:10 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe [2013.05.13 11:13:10 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe [2013.05.13 11:12:39 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll [2013.05.13 11:12:39 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll [2013.05.13 11:12:39 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll [2013.05.13 11:12:39 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll [2013.05.13 11:12:38 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll [2013.05.13 11:12:38 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll [2013.05.13 11:12:29 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll [2013.05.13 11:12:29 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll [2013.05.13 11:12:11 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\Macromedia [2013.05.13 11:12:03 | 000,230,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys [2013.05.13 11:11:59 | 000,035,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys [2013.05.13 11:11:33 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcadm.dll [2013.05.13 11:11:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcalua.exe [2013.05.13 11:11:32 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaevts.dll [2013.05.13 11:11:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml6r.dll [2013.05.13 11:11:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msxml6r.dll [2013.05.13 11:11:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml3r.dll [2013.05.13 11:11:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msxml3r.dll [2013.05.13 11:11:28 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnet.dll [2013.05.13 11:11:28 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnet.dll [2013.05.13 11:11:28 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnathlp.dll [2013.05.13 11:11:28 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnathlp.dll [2013.05.13 11:11:28 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnsvr.exe [2013.05.13 11:11:28 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnsvr.exe [2013.05.13 11:11:27 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnhupnp.dll [2013.05.13 11:11:27 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnhpast.dll [2013.05.13 11:11:27 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnhupnp.dll [2013.05.13 11:11:27 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnhpast.dll [2013.05.13 11:11:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnlobby.dll [2013.05.13 11:11:27 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnaddr.dll [2013.05.13 11:11:27 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnlobby.dll [2013.05.13 11:11:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnaddr.dll [2013.05.13 11:11:01 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\duser.dll [2013.05.13 11:11:01 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlroamextension.dll [2013.05.13 11:11:01 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWanAPI.dll [2013.05.13 11:11:01 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll [2013.05.13 11:11:01 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncsi.dll [2013.05.13 11:11:00 | 000,446,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS [2013.05.13 11:11:00 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Connectivity.dll [2013.05.13 11:11:00 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hotspotauth.dll [2013.05.13 11:10:59 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll [2013.05.13 11:10:59 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsRasterService.dll [2013.05.13 11:10:59 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll [2013.05.13 11:10:59 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskkill.exe [2013.05.13 11:10:59 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthAvrcpTg.sys [2013.05.13 11:10:58 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlroamextension.dll [2013.05.13 11:10:58 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWanAPI.dll [2013.05.13 11:10:58 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mbsmsapi.dll [2013.05.13 11:10:58 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mbsmsapi.dll [2013.05.13 11:10:58 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsRasterService.dll [2013.05.13 11:10:58 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tasklist.exe [2013.05.13 11:10:57 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpd_ci.dll [2013.05.13 11:10:57 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tasklist.exe [2013.05.13 11:10:57 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\taskkill.exe [2013.05.13 11:10:57 | 000,061,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\crashdmp.sys [2013.05.13 11:10:57 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidi2c.sys [2013.05.13 11:10:55 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmproxy.dll [2013.05.13 11:10:54 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmsprep.dll [2013.05.13 11:10:53 | 000,029,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthhfHid.sys [2013.05.13 11:10:53 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys [2013.05.13 11:10:37 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll [2013.05.13 11:10:37 | 001,437,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll [2013.05.13 11:10:35 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usb8023.sys [2013.05.13 11:09:45 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll [2013.05.13 11:09:45 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll [2013.05.13 11:09:45 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll [2013.05.13 11:09:45 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll [2013.05.13 11:09:45 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll [2013.05.13 11:09:45 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll [2013.05.13 11:09:45 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dciman32.dll [2013.05.13 11:09:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpk.dll [2013.05.13 11:09:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgentc.exe [2013.05.13 11:09:11 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgentc.exe [2013.05.13 11:09:08 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll [2013.05.13 11:09:08 | 000,945,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resetengmig.dll [2013.05.13 11:09:08 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll [2013.05.13 11:09:08 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll [2013.05.13 11:09:08 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sysreset.exe [2013.05.13 11:06:49 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Trillian [2013.05.13 11:06:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trillian [2013.05.13 11:03:57 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\Spotify [2013.05.13 11:03:22 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Spotify [2013.05.13 11:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2013.05.13 10:50:17 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Mozilla [2013.05.13 10:50:17 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\Mozilla [2013.05.13 10:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.05.13 10:50:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2013.05.13 10:50:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.05.13 10:45:25 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.05.13 10:41:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Energy Management [2013.05.13 10:40:58 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\Broadcom [2013.05.13 10:40:58 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\Documents\Bluetooth-Exchange-Ordner [2013.05.13 10:40:14 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.05.13 10:40:14 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Searches [2013.05.13 10:40:14 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Contacts [2013.05.13 10:40:14 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.05.13 10:39:55 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Macromedia [2013.05.13 10:39:53 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Adobe [2013.05.13 10:39:07 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\VirtualStore [2013.05.13 10:38:56 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\Packages [2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Vorlagen [2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\AppData\Local\Verlauf [2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\AppData\Local\Temporary Internet Files [2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Startmenü [2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\SendTo [2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Recent [2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Netzwerkumgebung [2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Lokale Einstellungen [2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Documents\Eigene Videos [2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Documents\Eigene Musik [2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Eigene Dateien [2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Documents\Eigene Bilder [2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Druckumgebung [2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Cookies [2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\AppData\Local\Anwendungsdaten [2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Anwendungsdaten [2013.05.13 10:38:47 | 000,000,000 | --SD | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft [2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Videos [2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Saved Games [2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Pictures [2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Music [2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Links [2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Favorites [2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Downloads [2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Documents [2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Desktop [2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2013.05.13 10:38:47 | 000,000,000 | -H-D | C] -- C:\Users\Stefanie\AppData [2013.05.13 10:38:47 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\Temp [2013.05.13 10:38:47 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\Microsoft [2013.05.13 10:38:47 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013.05.13 10:38:47 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo [2013.05.02 18:51:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2013.05.02 18:51:48 | 000,000,000 | -HSD | C] -- C:\Programme [2013.05.02 18:51:48 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2013.05.02 18:51:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2013.05.02 18:51:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2013.05.02 18:51:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2013.05.02 18:51:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2013.05.02 18:51:47 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2013.05.02 18:51:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2013.05.02 18:51:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2013.05.02 18:51:11 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2013.05.22 16:39:34 | 001,745,416 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2013.05.22 16:39:34 | 000,753,134 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat [2013.05.22 16:39:34 | 000,710,244 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2013.05.22 16:39:34 | 000,155,826 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat [2013.05.22 16:39:34 | 000,132,614 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2013.05.22 16:38:54 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\FindLyrics Update.job [2013.05.22 16:35:08 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.05.22 16:32:59 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.05.22 16:32:51 | 3323,367,424 | -HS- | M] () -- C:\hiberfil.sys [2013.05.22 16:29:29 | 000,424,616 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2013.05.22 16:17:31 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Stefanie\Desktop\JRT.exe [2013.05.22 16:17:10 | 000,632,031 | ---- | M] () -- C:\Users\Stefanie\Desktop\adwcleaner.exe [2013.05.22 16:13:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.05.22 15:32:25 | 000,001,158 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.05.22 15:14:58 | 000,028,882 | ---- | M] () -- C:\Users\Stefanie\Desktop\OTLogs.zip [2013.05.22 14:54:47 | 000,000,000 | ---- | M] () -- C:\Users\Stefanie\defogger_reenable [2013.05.22 14:50:34 | 000,377,856 | ---- | M] () -- C:\Users\Stefanie\Desktop\gmer_2.1.19163.exe [2013.05.22 13:19:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Stefanie\Desktop\OTL.exe [2013.05.21 01:57:11 | 000,011,335 | ---- | M] () -- C:\Users\Stefanie\Desktop\vintageportrait.png [2013.05.20 12:51:17 | 025,571,773 | ---- | M] () -- C:\Users\Stefanie\Desktop\LostCrown.pdf [2013.05.14 22:57:09 | 000,001,356 | ---- | M] () -- C:\WINDOWS\SysWow64\XBL_MUSIC_30x30_A.scale-80.png [2013.05.14 22:57:09 | 000,001,152 | ---- | M] () -- C:\WINDOWS\SysWow64\XBL_VIDEO_30x30_A.scale-80.png [2013.05.14 22:57:08 | 000,009,792 | ---- | M] () -- C:\WINDOWS\SysWow64\tile_square_default.scale-80.png [2013.05.14 22:57:08 | 000,001,268 | ---- | M] () -- C:\WINDOWS\SysWow64\SupportLogo.scale-80.png [2013.05.14 22:57:08 | 000,001,220 | ---- | M] () -- C:\WINDOWS\SysWow64\XBL_GAMES_30x30_A.scale-80.png [2013.05.14 22:57:08 | 000,001,202 | ---- | M] () -- C:\WINDOWS\SysWow64\logo.scale-80.png [2013.05.14 22:57:08 | 000,000,534 | ---- | M] () -- C:\WINDOWS\SysWow64\smalllogo.scale-80.png [2013.05.14 22:57:08 | 000,000,522 | ---- | M] () -- C:\WINDOWS\SysWow64\smalllogo.scale-100.png [2013.05.14 22:57:08 | 000,000,473 | ---- | M] () -- C:\WINDOWS\SysWow64\sports_logo_small.scale-80.png [2013.05.14 22:57:08 | 000,000,473 | ---- | M] () -- C:\WINDOWS\SysWow64\small.scale-80.png [2013.05.14 22:57:08 | 000,000,399 | ---- | M] () -- C:\WINDOWS\SysWow64\CalendarLogo.scale-80.png [2013.05.14 22:57:08 | 000,000,354 | ---- | M] () -- C:\WINDOWS\SysWow64\PeopleSmall.scale-80.png [2013.05.14 22:57:08 | 000,000,318 | ---- | M] () -- C:\WINDOWS\SysWow64\messaging_small.scale-80.png [2013.05.14 22:57:08 | 000,000,295 | ---- | M] () -- C:\WINDOWS\SysWow64\ReaderSmallLogo.scale-80.png [2013.05.14 22:57:08 | 000,000,283 | ---- | M] () -- C:\WINDOWS\SysWow64\MailSmallLogo.scale-80.png [2013.05.14 11:54:06 | 000,002,064 | ---- | M] () -- C:\Users\Public\Desktop\Start Menu 8.lnk [2013.05.13 14:28:34 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013.05.13 14:28:26 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\config.nt [2013.05.13 12:09:00 | 000,001,261 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk [2013.05.13 11:44:00 | 000,001,015 | ---- | M] () -- C:\Users\Stefanie\Desktop\Dropbox.lnk [2013.05.13 11:43:07 | 000,001,025 | ---- | M] () -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.05.13 11:06:49 | 000,001,090 | ---- | M] () -- C:\Users\Stefanie\Desktop\Trillian.lnk [2013.05.13 11:06:49 | 000,001,054 | ---- | M] () -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk [2013.05.13 11:03:56 | 000,001,793 | ---- | M] () -- C:\Users\Stefanie\Desktop\Spotify.lnk [2013.05.13 10:41:02 | 000,001,133 | ---- | M] () -- C:\Users\Stefanie\Desktop\Cyberlink Power2Go.lnk [2013.05.09 10:59:07 | 001,025,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys [2013.05.09 10:59:07 | 000,378,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys [2013.05.09 10:59:07 | 000,189,936 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys [2013.05.09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys [2013.05.09 10:59:07 | 000,065,336 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys [2013.05.09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswTdi.sys [2013.05.09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys [2013.05.09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswFsBlk.sys [2013.05.09 10:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2013.05.09 10:58:11 | 000,287,840 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe [2013.05.07 22:07:50 | 000,693,112 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2013.05.07 22:07:50 | 000,078,200 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl ========== Files Created - No Company Name ========== [2013.05.22 16:29:16 | 000,424,616 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2013.05.22 16:25:28 | 000,000,295 | ---- | C] () -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk [2013.05.22 16:17:09 | 000,632,031 | ---- | C] () -- C:\Users\Stefanie\Desktop\adwcleaner.exe [2013.05.22 15:14:58 | 000,028,882 | ---- | C] () -- C:\Users\Stefanie\Desktop\OTLogs.zip [2013.05.22 14:54:47 | 000,000,000 | ---- | C] () -- C:\Users\Stefanie\defogger_reenable [2013.05.22 14:50:20 | 000,377,856 | ---- | C] () -- C:\Users\Stefanie\Desktop\gmer_2.1.19163.exe [2013.05.21 01:57:09 | 000,011,335 | ---- | C] () -- C:\Users\Stefanie\Desktop\vintageportrait.png [2013.05.20 12:51:16 | 025,571,773 | ---- | C] () -- C:\Users\Stefanie\Desktop\LostCrown.pdf [2013.05.18 01:10:27 | 000,387,688 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml [2013.05.16 18:45:08 | 1385,271,296 | ---- | C] () -- C:\Users\Stefanie\Desktop\gns-tlcr.iso [2013.05.16 14:26:19 | 000,002,143 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser Choice.lnk [2013.05.16 14:10:19 | 000,002,012 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [2013.05.16 14:10:19 | 000,001,956 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk [2013.05.16 14:10:19 | 000,001,935 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [2013.05.16 14:04:22 | 000,000,400 | ---- | C] () -- C:\WINDOWS\tasks\FindLyrics Update.job [2013.05.14 22:57:09 | 000,001,356 | ---- | C] () -- C:\WINDOWS\SysWow64\XBL_MUSIC_30x30_A.scale-80.png [2013.05.14 22:57:09 | 000,001,152 | ---- | C] () -- C:\WINDOWS\SysWow64\XBL_VIDEO_30x30_A.scale-80.png [2013.05.14 22:57:08 | 000,009,792 | ---- | C] () -- C:\WINDOWS\SysWow64\tile_square_default.scale-80.png [2013.05.14 22:57:08 | 000,001,268 | ---- | C] () -- C:\WINDOWS\SysWow64\SupportLogo.scale-80.png [2013.05.14 22:57:08 | 000,001,220 | ---- | C] () -- C:\WINDOWS\SysWow64\XBL_GAMES_30x30_A.scale-80.png [2013.05.14 22:57:08 | 000,001,202 | ---- | C] () -- C:\WINDOWS\SysWow64\logo.scale-80.png [2013.05.14 22:57:08 | 000,000,534 | ---- | C] () -- C:\WINDOWS\SysWow64\smalllogo.scale-80.png [2013.05.14 22:57:08 | 000,000,522 | ---- | C] () -- C:\WINDOWS\SysWow64\smalllogo.scale-100.png [2013.05.14 22:57:08 | 000,000,473 | ---- | C] () -- C:\WINDOWS\SysWow64\sports_logo_small.scale-80.png [2013.05.14 22:57:08 | 000,000,473 | ---- | C] () -- C:\WINDOWS\SysWow64\small.scale-80.png [2013.05.14 22:57:08 | 000,000,399 | ---- | C] () -- C:\WINDOWS\SysWow64\CalendarLogo.scale-80.png [2013.05.14 22:57:08 | 000,000,354 | ---- | C] () -- C:\WINDOWS\SysWow64\PeopleSmall.scale-80.png [2013.05.14 22:57:08 | 000,000,318 | ---- | C] () -- C:\WINDOWS\SysWow64\messaging_small.scale-80.png [2013.05.14 22:57:08 | 000,000,295 | ---- | C] () -- C:\WINDOWS\SysWow64\ReaderSmallLogo.scale-80.png [2013.05.14 22:57:08 | 000,000,283 | ---- | C] () -- C:\WINDOWS\SysWow64\MailSmallLogo.scale-80.png [2013.05.14 11:54:06 | 000,002,064 | ---- | C] () -- C:\Users\Public\Desktop\Start Menu 8.lnk [2013.05.13 14:28:34 | 000,001,933 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2013.05.13 14:28:29 | 000,189,936 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys [2013.05.13 14:28:29 | 000,065,336 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys [2013.05.13 14:28:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysWow64\config.nt [2013.05.13 12:09:00 | 000,001,261 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk [2013.05.13 11:44:00 | 000,001,015 | ---- | C] () -- C:\Users\Stefanie\Desktop\Dropbox.lnk [2013.05.13 11:43:07 | 000,001,025 | ---- | C] () -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.05.13 11:06:49 | 000,001,090 | ---- | C] () -- C:\Users\Stefanie\Desktop\Trillian.lnk [2013.05.13 11:06:49 | 000,001,054 | ---- | C] () -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk [2013.05.13 11:06:48 | 000,001,120 | ---- | C] () -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trillian.lnk [2013.05.13 11:03:56 | 000,001,793 | ---- | C] () -- C:\Users\Stefanie\Desktop\Spotify.lnk [2013.05.13 11:03:56 | 000,001,779 | ---- | C] () -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [2013.05.13 11:02:50 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.05.13 10:50:11 | 000,001,170 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.05.13 10:50:11 | 000,001,158 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.05.13 10:40:12 | 000,001,449 | ---- | C] () -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.05.13 10:38:47 | 000,001,133 | ---- | C] () -- C:\Users\Stefanie\Desktop\Cyberlink Power2Go.lnk [2013.05.13 10:38:47 | 000,000,189 | ---- | C] () -- C:\Users\Stefanie\Desktop\Lenovo Telephony Start Now.url [2013.05.02 18:51:14 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys [2013.05.02 18:51:10 | 3323,367,424 | -HS- | C] () -- C:\hiberfil.sys [2013.02.19 06:27:25 | 000,001,915 | ---- | C] () -- C:\WINDOWS\vm332Rmv.ini [2013.02.19 06:27:25 | 000,001,915 | ---- | C] () -- C:\WINDOWS\SysWow64\vm332Rmv.ini [2013.02.19 06:24:50 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl [2012.10.11 18:47:49 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll [2012.09.05 14:09:43 | 000,598,780 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng700.bin [2012.09.05 14:09:19 | 000,064,512 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll [2012.09.05 14:09:15 | 000,755,048 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng700.bin [2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2012.07.25 22:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin [2012.07.25 22:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin [2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2012.04.20 14:59:44 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [2013.05.16 18:57:39 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
22.05.2013, 15:55 | #7 |
| ClickCompare, Text-Enhance usw. Hoppla.. Doppelpost... Tut mir leid. Geändert von Staplerin (22.05.2013 um 15:58 Uhr) Grund: Doppelpost |
22.05.2013, 20:11 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | ClickCompare, Text-Enhance usw. Sieht ok aus, hattest offensichtlich nur nervige Adware drauf. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Vollscan mit Malwarebytes Anti-Malware (MBAM) (falls du vor kurzem erst einen Vollscan gemacht hast, reicht auch ein Quickscan (spart Zeit), das dann mir bitte auch mitteilen) Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu ClickCompare, Text-Enhance usw. |
abgebrochen, adblock, avast, dateien, ebenfalls, ergebnis, firefox, foren, forum, funktioniert, geliefert, hallo zusammen, infizierte, klicke, laptop, links, löschen, neue, neuen, nicht mehr, scan, scannen, seite, seiten, suche, win, youtube |