Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Nach Formatierung noch Malware vorhanden?

Nach Formatierung noch Malware vorhanden?


Log-Analyse und Auswertung: Nach Formatierung noch Malware vorhanden?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 1 von 2 1 2
Alt 08.07.2013, 10:33   #1
Loki51
 
Nach Formatierung noch Malware vorhanden? - Standard

Nach Formatierung noch Malware vorhanden?


Hallo Community

Ich habe seit einer Weile PC-Probleme, und es begann damit, dass auf einmal das Internet nicht mehr funktionierte, obwohl in der Taskleiste eine hergestellte Verbindung angezigt wurde. Pakete konnten zwar gesendet werden, doch nichts oder sehr wenige empfangen. Da ich vorhin mit den Einstellungen am Router gespielt hatte, hab ich den zuerst resettet, was aber nichts gebracht hat. Ich habs am Laptop getestet und da funktionierte das Internet normal - Wireless und auch mit demselben Kabel, das normalerweise am PC angehängt ist.

Als nächstes hab ich den Virenscanner laufen lassen und auch was im Java gefunden. Sofort gelöscht und auch Java gleich mit deinstalliert. Welcher Virus das gewesen ist kann ich nicht mehr sagen, Log-file ist bei der Formatierung draufgegangen (dazu komme ich gleich).
Chechdisk meldete Fehler im MFT und Dateisystem.

Nach vielen vergeblichen Versuchen das hinzukriegen hab ich mich entschieden die Systempartition zu formatieren und Windows neu zu installieren... war eh wieder Zeit dafür.

Doch zu meiner Überraschung war nicht alles wieder in Butter.

Das Internet geht zwar wieder normal, doch (als Test) die Reparaturfunktion geht nicht. Alle Schritte sind ok bis auf den letzten - Die "Registrierung beim DNS" - das will nicht klappen.

Und Windows Update funktioniert auch nicht - mit dem Hinweis [Fehlernummer: 0x80244019]

Ich habe auch keinen Zugriff auf die "System Volume Information" der anderen Partitionen (auch nicht als Admin angemeldet).

Ich habe einige Male verschiedene Virenscanner suchen lassen, Malwarebytes Anti-Malware hat was gefunden, ich poste das.

Auch CheckDisk meldet immer noch sporadisch dieselben Fehler. Und das gleich nach einer Neuinstallation.....


Schliesslich hab ich aufgegeben und hoffe ihr könnt mir bei diesem verhexten System weiterhelfen.
Ich poste die Logs und danke schon mal für eure Hilfe.

edit: Hoppla, kam die Warnung, dass der Text zu lang sei. Ich poste den Rest dann im nächsten Beitrag...


OTL
Code:
ATTFilter
OTL logfile created on: 25.06.2013 10:57:09 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Antonio\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
511.48 Mb Total Physical Memory | 192.35 Mb Available Physical Memory | 37.61% Memory free
1.60 Gb Paging File | 1.23 Gb Available in Paging File | 76.89% Paging File free
Paging file location(s): F:\pagefile.sys 1152 1152 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 12.16 Gb Total Space | 7.90 Gb Free Space | 64.95% Space Free | Partition Type: NTFS
Drive D: | 25.10 Gb Total Space | 2.94 Gb Free Space | 11.70% Space Free | Partition Type: NTFS
Drive E: | 6.55 Gb Total Space | 1.07 Gb Free Space | 16.39% Space Free | Partition Type: NTFS
Drive F: | 1.32 Gb Total Space | 0.18 Gb Free Space | 13.45% Space Free | Partition Type: NTFS
 
Computer Name: TONYPC | User Name: Antonio | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Antonio\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV - (MSDTC) --  File not found
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (cmdAgent) -- E:\Programme\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (cmdvirth) -- E:\Programme\COMODO\COMODO Internet Security\cmdvirth.exe (COMODO)
SRV - (GeekBuddyRSP) -- C:\Programme\Gemeinsame Dateien\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
SRV - (CLPSLauncher) -- C:\Programme\Gemeinsame Dateien\COMODO\launcher_service.exe (Comodo Security Solutions Inc.)
SRV - (KSS) -- C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
SRV - (Iprip) -- C:\WINDOWS\system32\iprip.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (ATICDSDr) -- C:\DOKUME~1\Admin\LOKALE~1\Temp\ATICDSDr.sys File not found
DRV - (Inspect) -- C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO)
DRV - (cmdHlp) -- C:\WINDOWS\System32\DRIVERS\cmdhlp.sys (COMODO)
DRV - (cmdGuard) -- C:\WINDOWS\System32\DRIVERS\cmdguard.sys (COMODO)
DRV - (cmderd) -- C:\WINDOWS\System32\DRIVERS\cmderd.sys (COMODO)
DRV - (CFRMD) -- C:\WINDOWS\System32\DRIVERS\CFRMD.sys (Windows (R) Win 7 DDK provider)
DRV - (ltmodem5) -- C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys (LT)
DRV - (ALCXWDM) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ALCXSENS) -- C:\WINDOWS\System32\drivers\ALCXSENS.SYS (Sensaura Ltd)
DRV - (RTL8023) -- C:\WINDOWS\System32\DRIVERS\Rtlnic51.sys (Realtek Semiconductor Corporation                           )
DRV - (ati2mtag) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.)
DRV - (viaagp1) -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://GLOBAL.ACER.COM/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://GLOBAL.ACER.COM/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://GLOBAL.ACER.COM/
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3233042676-3779935395-2167395947-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://global.acer.com/
IE - HKU\S-1-5-21-3233042676-3779935395-2167395947-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: E:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: E:\Programme\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: E:\Programme\Mozilla Firefox\plugins
 
[2013.06.19 18:50:02 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten\Mozilla\Extensions
 
O1 HOSTS File: ([2001.08.18 20:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O4 - HKLM..\Run: [COMODO Internet Security] E:\Programme\COMODO\COMODO Internet Security\cistray.exe (COMODO)
O4 - HKLM..\Run: [gbrspcontrol] C:\Programme\Gemeinsame Dateien\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3233042676-3779935395-2167395947-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3233042676-3779935395-2167395947-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKU\S-1-5-21-3233042676-3779935395-2167395947-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-3233042676-3779935395-2167395947-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-3233042676-3779935395-2167395947-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-21-3233042676-3779935395-2167395947-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O15 - HKU\S-1-5-21-3233042676-3779935395-2167395947-1006\..Trusted Domains: microsoft.com ([answers] http in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-3233042676-3779935395-2167395947-1006\..Trusted Domains: microsoft.com ([support] http in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-3233042676-3779935395-2167395947-1006\..Trusted Domains: microsoft.com ([www.update] http in Vertrauenswürdige Sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1371655848902 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1371660383640 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{69030617-FDCF-4C98-9266-E24C2B0ED25D}: NameServer = 8.26.56.26,8.20.247.20
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\web\wallpaper\1024x768.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\web\wallpaper\1024x768.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.06.19 13:49:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.24 16:22:59 | 000,000,000 | ---D | C] -- C:\Programme\Kaspersky Lab
[2013.06.24 16:22:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab
[2013.06.24 16:05:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Eigene Dateien\Downloads
[2013.06.24 15:57:07 | 000,000,000 | -H-D | C] -- C:\VTRoot
[2013.06.24 15:43:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten\Comodo
[2013.06.24 15:32:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe
[2013.06.24 15:28:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Lokale Einstellungen\Anwendungsdaten\Adobe
[2013.06.24 15:20:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PDFCreator
[2013.06.24 15:20:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten\pdfforge
[2013.06.24 15:20:07 | 001,070,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCTL.OCX
[2013.06.24 15:20:07 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMAPI32.OCX
[2013.06.24 15:20:06 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2013.06.24 15:20:01 | 000,095,416 | ---- | C] (pdfforge GmbH) -- C:\WINDOWS\System32\pdfcmon.dll
[2013.06.24 15:19:59 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCDE.DLL
[2013.06.24 15:19:59 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6DE.DLL
[2013.06.24 15:19:59 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCC2DE.DLL
[2013.06.24 15:19:58 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMPIDE.DLL
[2013.06.24 14:44:45 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Shared Space
[2013.06.24 14:39:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\COMODO
[2013.06.24 14:39:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\COMODO
[2013.06.24 14:38:54 | 000,000,000 | ---D | C] -- C:\Programme\COMODO
[2013.06.24 14:38:53 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\COMODO
[2013.06.24 14:38:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Comodo Downloader
[2013.06.24 12:28:48 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2013.06.24 12:25:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\IrfanView
[2013.06.20 13:33:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Antonio\Desktop\OTL.exe
[2013.06.20 12:18:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten\Malwarebytes
[2013.06.20 12:17:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2013.06.20 12:17:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2013.06.20 12:17:30 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.06.20 11:36:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten\vlc
[2013.06.20 11:32:16 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Antonio\Startmenü\Programme\Verwaltung
[2013.06.20 09:45:32 | 020,034,184 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Antonio\Desktop\Windows-KB890830-V5.1.exe
[2013.06.20 09:16:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Lokale Einstellungen\Anwendungsdaten\Opera
[2013.06.20 09:16:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten\Opera
[2013.06.20 09:16:25 | 000,000,000 | ---D | C] -- C:\Programme\Opera
[2013.06.20 09:11:16 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Antonio\Eigene Dateien
[2013.06.19 19:20:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten\ASCOMP Software
[2013.06.19 18:49:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Lokale Einstellungen\Anwendungsdaten\Mozilla
[2013.06.19 18:49:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten\Mozilla
[2013.06.19 17:30:07 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Antonio\UserData
[2013.06.19 16:49:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Secure Eraser
[2013.06.19 16:48:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN
[2013.06.19 16:44:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MyDefrag v4.3.1
[2013.06.19 16:44:57 | 001,061,888 | ---- | C] (J.C. Kessels) -- C:\WINDOWS\System32\MyDefragScreenSaver_v4.3.1.exe
[2013.06.19 16:44:57 | 000,475,648 | ---- | C] (J.C. Kessels) -- C:\WINDOWS\System32\MyDefragScreenSaver_v4.3.1.scr
[2013.06.19 16:44:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\HD Tune
[2013.06.19 16:43:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ClearProg
[2013.06.19 16:42:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\7-Zip
[2013.06.19 16:39:51 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten\Microsoft
[2013.06.19 16:39:51 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Antonio\Cookies
[2013.06.19 16:39:51 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Antonio\Druckumgebung
[2013.06.19 16:39:51 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten
[2013.06.19 16:39:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten\Sun
[2013.06.19 16:39:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2013.06.19 16:39:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten\InterTrust
[2013.06.19 16:39:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten\Identities
[2013.06.19 16:39:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Favoriten
[2013.06.19 16:39:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Desktop
[2013.06.19 16:39:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten\Adobe
[2013.06.19 16:39:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Lokale Einstellungen\Anwendungsdaten\{7148F0A6-6813-11D6-A77B-00B0D0142010}
[2013.06.19 16:39:50 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Antonio\Startmenü\Programme\Zubehör
[2013.06.19 16:39:50 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Antonio\Vorlagen
[2013.06.19 16:39:50 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Antonio\SendTo
[2013.06.19 16:39:50 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Antonio\Recent
[2013.06.19 16:39:50 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Antonio\Netzwerkumgebung
[2013.06.19 16:39:50 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Antonio\Lokale Einstellungen
[2013.06.19 16:39:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\WINDOWS
[2013.06.19 16:39:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Startmenü
[2013.06.19 16:39:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Antonio\Startmenü\Programme\Autostart
[2013.06.19 16:34:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013.06.19 16:34:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013.06.19 16:17:39 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logman.exe
[2013.06.19 16:17:39 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\proxycfg.exe
[2013.06.19 16:17:33 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2013.06.19 16:17:33 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2013.06.19 16:17:33 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2013.06.19 16:17:33 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2013.06.19 16:17:33 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2013.06.19 16:17:33 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2013.06.19 16:17:33 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2013.06.19 16:17:32 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2013.06.19 16:17:32 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2013.06.19 16:17:32 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2013.06.19 16:17:32 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2013.06.19 16:17:32 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2013.06.19 16:17:32 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2013.06.19 16:17:32 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2013.06.19 16:17:32 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2013.06.19 16:17:32 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2013.06.19 16:17:32 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2013.06.19 16:17:32 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2013.06.19 16:17:32 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2013.06.19 16:17:32 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2013.06.19 16:17:32 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2013.06.19 16:17:32 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2013.06.19 16:17:32 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2013.06.19 16:17:32 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2013.06.19 16:17:32 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2013.06.19 16:17:32 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2013.06.19 16:17:32 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2013.06.19 16:17:31 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2013.06.19 16:17:31 | 000,035,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2013.06.19 16:17:31 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2013.06.19 16:17:31 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2013.06.19 16:17:31 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2013.06.19 16:17:31 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2013.06.19 16:17:31 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2013.06.19 16:17:31 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2013.06.19 16:17:30 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2013.06.19 16:17:30 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2013.06.19 16:17:30 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2013.06.19 16:17:30 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2013.06.19 16:17:29 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2013.06.19 16:17:29 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2013.06.19 16:17:29 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2013.06.19 16:17:29 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2013.06.19 16:17:29 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2013.06.19 16:17:29 | 000,030,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2013.06.19 16:17:29 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2013.06.19 16:17:29 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2013.06.19 16:17:29 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2013.06.19 16:17:29 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2013.06.19 16:17:28 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2013.06.19 16:17:28 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2013.06.19 16:17:28 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2013.06.19 16:17:28 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2013.06.19 16:17:28 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2013.06.19 16:17:28 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2013.06.19 16:17:28 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2013.06.19 16:17:28 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2013.06.19 16:17:28 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2013.06.19 16:17:28 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2013.06.19 16:17:28 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2013.06.19 16:17:28 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2013.06.19 16:17:27 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2013.06.19 16:17:27 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthprops.cpl
[2013.06.19 16:17:27 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2013.06.19 16:17:27 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll
[2013.06.19 16:17:27 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll
[2013.06.19 16:17:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2013.06.19 16:17:27 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll
[2013.06.19 16:17:27 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2013.06.19 16:17:27 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2013.06.19 16:17:26 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2013.06.19 16:17:26 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl
[2013.06.19 16:17:26 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll
[2013.06.19 16:17:26 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2013.06.19 16:17:26 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2013.06.19 16:17:25 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2013.06.19 16:17:25 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2013.06.19 16:17:24 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2013.06.19 16:17:24 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2013.06.19 16:17:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll
[2013.06.19 16:17:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll
[2013.06.19 16:17:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll
[2013.06.19 16:17:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll
[2013.06.19 16:17:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll
[2013.06.19 16:17:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2013.06.19 16:17:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2013.06.19 16:17:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll
[2013.06.19 16:17:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll
[2013.06.19 16:17:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2013.06.19 16:17:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll
[2013.06.19 16:17:23 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2013.06.19 16:17:23 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2013.06.19 16:17:23 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2013.06.19 16:17:23 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2013.06.19 16:17:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2013.06.19 16:17:22 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2013.06.19 16:17:22 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2013.06.19 16:17:22 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2013.06.19 16:17:22 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2013.06.19 16:17:22 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2013.06.19 16:17:22 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2013.06.19 16:17:22 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll
[2013.06.19 16:17:21 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2013.06.19 16:17:21 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2013.06.19 16:17:21 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2013.06.19 16:17:21 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2013.06.19 16:17:21 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2013.06.19 16:17:21 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2013.06.19 16:17:20 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2013.06.19 16:17:19 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2013.06.19 16:17:19 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2013.06.19 16:17:18 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2013.06.19 16:17:18 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2013.06.19 16:17:18 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2013.06.19 16:17:18 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2013.06.19 16:17:18 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2013.06.19 16:17:18 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2013.06.19 16:17:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2013.06.19 16:17:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2013.06.19 16:15:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2013.06.19 16:10:39 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2013.06.19 16:08:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2013.06.19 16:08:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2013.06.19 15:10:13 | 000,000,000 | ---D | C] -- C:\ATI
[2013.06.19 14:55:01 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.06.19 14:42:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\FxsTmp
[2013.06.19 14:42:24 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsxp32.dll
[2013.06.19 14:42:24 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclntR.dll
[2013.06.19 14:42:24 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscfgwz.dll
[2013.06.19 14:42:24 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\evntagnt.dll
[2013.06.19 14:42:24 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\evntwin.exe
[2013.06.19 14:42:24 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscom.dll
[2013.06.19 14:42:24 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsevent.dll
[2013.06.19 14:42:24 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hostmib.dll
[2013.06.19 14:42:24 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iprip.dll
[2013.06.19 14:42:24 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lmmib2.dll
[2013.06.19 14:42:24 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsroute.dll
[2013.06.19 14:42:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\evntcmd.exe
[2013.06.19 14:42:24 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsmon.dll
[2013.06.19 14:42:24 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\simptcp.dll
[2013.06.19 14:42:24 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxssend.exe
[2013.06.19 14:42:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snmpmib.dll
[2013.06.19 14:42:23 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsst.dll
[2013.06.19 14:42:23 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxstiff.dll
[2013.06.19 14:42:23 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscomex.dll
[2013.06.19 14:42:23 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxst30.dll
[2013.06.19 14:42:23 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscover.exe
[2013.06.19 14:42:23 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxswzrd.dll
[2013.06.19 14:42:23 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsui.dll
[2013.06.19 14:42:23 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclnt.exe
[2013.06.19 14:42:23 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsdrv.dll
[2013.06.19 14:42:23 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsext32.dll
[2013.06.19 14:42:23 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsperf.dll
[2013.06.19 14:42:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsres.dll
[2013.06.19 14:42:21 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsapi.dll
[2013.06.19 14:40:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013.06.19 14:01:26 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2013.06.19 14:00:03 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2013.06.19 14:00:03 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2013.06.19 14:00:03 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wstdecod.dll
[2013.06.19 14:00:03 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2013.06.19 14:00:03 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbisurf.ax
[2013.06.19 14:00:03 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2013.06.19 14:00:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2013.06.19 14:00:03 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2013.06.19 14:00:03 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2013.06.19 13:59:39 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4dmod.dll
[2013.06.19 13:59:38 | 000,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmod.dll
[2013.06.19 13:59:38 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmod.dll
[2013.06.19 13:59:38 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmadmod.dll
[2013.06.19 13:59:37 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmadmoe.dll
[2013.06.19 13:59:36 | 002,105,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvcore.dll
[2013.06.19 13:59:36 | 001,050,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmnetmgr.dll
[2013.06.19 13:59:36 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qasf.dll
[2013.06.19 13:59:36 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logagent.exe
[2013.06.19 13:59:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\laprxy.dll
[2013.06.19 13:59:35 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msnetobj.dll
[2013.06.19 13:59:35 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmasf.dll
[2013.06.19 13:59:34 | 000,695,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drmv2clt.dll
[2013.06.19 13:59:34 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drmclien.dll
[2013.06.19 13:59:34 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blackbox.dll
[2013.06.19 13:59:34 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drmstor.dll
[2013.06.19 13:58:35 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2013.06.19 13:58:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CyberLink PowerDVD
[2013.06.19 13:58:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CyberLink
[2013.06.19 13:58:01 | 000,000,000 | ---D | C] -- C:\Programme\CyberLink
[2013.06.19 13:57:12 | 000,226,816 | ---- | C] (honest technology) -- C:\WINDOWS\System32\htvcdsvcd.ax
[2013.06.19 13:57:12 | 000,081,920 | ---- | C] (MyCompanyName) -- C:\WINDOWS\System32\ezrgb24.ax
[2013.06.19 13:57:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Vbox
[2013.06.19 13:57:11 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\regsvr32.exe
[2013.06.19 13:57:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\NTI CD & DVD-Maker
[2013.06.19 13:57:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Iosubsys
[2013.06.19 13:56:58 | 000,000,000 | ---D | C] -- C:\Program Files
[2013.06.19 13:56:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2013.06.19 13:56:15 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerror.dll
[2013.06.19 13:56:15 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpasf.dll
[2013.06.19 13:56:15 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asferror.dll
[2013.06.19 13:56:14 | 002,973,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmploc.dll
[2013.06.19 13:56:13 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpcore.dll
[2013.06.19 13:56:12 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpui.dll
[2013.06.19 13:56:12 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpcd.dll
[2013.06.19 13:56:12 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmp.ocx
[2013.06.19 13:56:02 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msscp.dll
[2013.06.19 13:56:02 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswmdm.dll
[2013.06.19 13:56:02 | 000,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspmsp.dll
[2013.06.19 13:56:02 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cewmdm.dll
[2013.06.19 13:56:02 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmdmlog.dll
[2013.06.19 13:56:02 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmdmps.dll
[2013.06.19 13:55:50 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sdmod.dll
[2013.06.19 13:55:50 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp43dmod.dll
[2013.06.19 13:55:49 | 001,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe2.dll
[2013.06.19 13:55:49 | 001,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe2.dll
[2013.06.19 13:55:49 | 000,896,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmoe.dll
[2013.06.19 13:55:49 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll
[2013.06.19 13:55:48 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx.dll
[2013.06.19 13:55:25 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Adobe
[2013.06.19 13:55:25 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2013.06.19 13:55:23 | 000,328,704 | ---- | C] (InstallShield Software Corporation ) -- C:\WINDOWS\IsUn0407.exe
[2013.06.19 13:55:07 | 000,724,992 | ---- | C] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2013.06.19 13:55:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Generic USB Card Reader Driver v1.9e3
[2013.06.19 13:55:06 | 000,000,000 | ---D | C] -- C:\Programme\Generic
[2013.06.19 13:54:34 | 000,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2013.06.19 13:54:34 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2013.06.19 13:54:30 | 000,000,000 | ---D | C] -- C:\Programme\Realtek Sound Manager
[2013.06.19 13:54:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Realtek Sound Manager
[2013.06.19 13:54:29 | 000,000,000 | ---D | C] -- C:\Programme\AvRack
[2013.06.19 13:54:28 | 010,435,072 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\ALSNDMGR.CPL
[2013.06.19 13:54:28 | 000,765,952 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System\crlds3d.dll
[2013.06.19 13:54:28 | 000,720,896 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\Audio3D.dll
[2013.06.19 13:54:28 | 000,720,896 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\a3d.dll
[2013.06.19 13:54:28 | 000,462,940 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS
[2013.06.19 13:54:28 | 000,404,736 | ---- | C] (Sensaura Ltd) -- C:\WINDOWS\System32\drivers\ALCXSENS.SYS
[2013.06.19 13:54:28 | 000,057,344 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
[2013.06.19 13:54:27 | 000,208,896 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcupd.exe
[2013.06.19 13:54:27 | 000,139,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\alcrmv.exe
[2013.06.19 13:54:27 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information
[2013.06.19 13:54:26 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\InstallShield
[2013.06.19 13:54:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2013.06.19 13:54:08 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2013.06.19 13:54:04 | 000,027,904 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\drivers\VIAAGP1.SYS
[2013.06.19 13:53:56 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2013.06.19 13:53:51 | 000,000,000 | -H-D | C] -- C:\Programme\Uninstall Information
[2013.06.19 13:53:20 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp1hfm.exe
[2013.06.19 13:52:44 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2013.06.19 13:52:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AcerSystem
[2013.06.19 13:51:54 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013.06.19 13:49:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2013.06.19 13:49:06 | 000,000,000 | ---D | C] -- C:\Programme\xerox
[2013.06.19 13:49:06 | 000,000,000 | ---D | C] -- C:\Programme\microsoft frontpage
[2013.06.19 13:48:49 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2013.06.19 13:48:12 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\DRM
[2013.06.19 13:48:04 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2013.06.19 13:48:04 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2013.06.19 13:47:54 | 000,000,000 | ---D | C] -- C:\Programme\Online-Dienste
[2013.06.19 13:47:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2013.06.19 13:47:38 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2013.06.19 13:47:38 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2013.06.19 13:47:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2013.06.19 13:47:38 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2013.06.19 13:47:38 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2013.06.19 13:47:36 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2013.06.19 13:47:36 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2013.06.19 13:47:36 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2013.06.19 13:47:36 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2013.06.19 13:47:36 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Dienste
[2013.06.19 13:47:35 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2013.06.19 13:47:35 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2013.06.19 13:47:35 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2013.06.19 13:47:35 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2013.06.19 13:47:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2013.06.19 13:47:35 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2013.06.19 13:47:35 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\MSSoap
[2013.06.19 13:47:33 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2013.06.19 13:47:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2013.06.19 13:47:33 | 000,000,000 | ---D | C] -- C:\Programme\Movie Maker
[2013.06.19 13:47:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2013.06.19 13:47:31 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2013.06.19 13:47:31 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2013.06.19 13:47:31 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2013.06.19 13:47:31 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2013.06.19 13:47:31 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2013.06.19 13:47:31 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2013.06.19 13:47:31 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2013.06.19 13:47:31 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2013.06.19 13:47:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2013.06.19 13:47:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHealth
[2013.06.19 13:47:31 | 000,000,000 | ---D | C] -- C:\Programme\Outlook Express
[2013.06.19 13:47:31 | 000,000,000 | ---D | C] -- C:\Programme\NetMeeting
[2013.06.19 13:47:30 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\System
[2013.06.19 13:47:30 | 000,000,000 | ---D | C] -- C:\Programme\Internet Explorer
[2013.06.19 13:47:27 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Musik
[2013.06.19 13:47:27 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Bilder
[2013.06.19 13:47:05 | 000,000,000 | ---D | C] -- C:\Programme\ComPlus Applications
[2013.06.19 13:47:00 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Verwaltung
[2013.06.19 13:47:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2013.06.19 13:46:32 | 000,000,000 | -H-D | C] -- C:\Programme\WindowsUpdate
[2013.06.19 13:46:31 | 000,000,000 | ---D | C] -- C:\Programme\Windows Media Player
[2013.06.19 13:46:25 | 000,000,000 | ---D | C] -- C:\Programme\Messenger
[2013.06.19 13:46:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2013.06.19 13:46:22 | 000,000,000 | ---D | C] -- C:\Programme\MSN Gaming Zone
[2013.06.19 13:46:21 | 000,354,304 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2013.06.19 13:46:21 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2013.06.19 13:46:21 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2013.06.19 13:46:21 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2013.06.19 13:46:21 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2013.06.19 13:46:21 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2013.06.19 13:46:21 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2013.06.19 13:46:21 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2013.06.19 13:46:21 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2013.06.19 13:46:21 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2013.06.19 13:46:19 | 000,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2013.06.19 13:46:19 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2013.06.19 13:46:19 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2013.06.19 13:46:19 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2013.06.19 13:46:19 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2013.06.19 13:46:19 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2013.06.19 13:46:19 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2013.06.19 13:46:19 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2013.06.19 13:46:19 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2013.06.19 13:46:19 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2013.06.19 13:46:19 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2013.06.19 13:46:19 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2013.06.19 13:46:19 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2013.06.19 13:46:19 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2013.06.19 13:46:19 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2013.06.19 13:46:19 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2013.06.19 13:46:19 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2013.06.19 13:46:19 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2013.06.19 13:46:19 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2013.06.19 13:46:19 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2013.06.19 13:46:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2013.06.19 13:46:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2013.06.19 13:46:19 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2013.06.19 13:46:19 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2013.06.19 13:46:19 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2013.06.19 13:46:19 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2013.06.19 13:46:19 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2013.06.19 13:46:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2013.06.19 13:46:19 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2013.06.19 13:46:19 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2013.06.19 13:46:19 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2013.06.19 13:46:19 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2013.06.19 13:46:18 | 000,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2013.06.19 13:46:18 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2013.06.19 13:46:17 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2013.06.19 13:46:17 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2013.06.19 13:46:17 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2013.06.19 13:46:15 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2013.06.19 13:46:15 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2013.06.19 13:46:15 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2013.06.19 13:46:15 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2013.06.19 13:46:15 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2013.06.19 13:46:15 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2013.06.19 13:46:15 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2013.06.19 13:46:15 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2013.06.19 13:46:15 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2013.06.19 13:46:15 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2013.06.19 13:46:15 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2013.06.19 13:46:15 | 000,000,000 | ---D | C] -- C:\Programme\Windows NT
[2013.06.19 13:46:14 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2013.06.19 13:46:14 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2013.06.19 13:46:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2013.06.19 13:46:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2013.06.19 13:45:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Zubehör
[2013.06.19 13:44:18 | 000,607,196 | ---- | C] (LT) -- C:\WINDOWS\System32\drivers\ltmdmnt.sys
[2013.06.19 13:43:57 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2013.06.19 13:43:53 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2013.06.19 13:42:55 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ODBC
[2013.06.19 13:42:53 | 000,000,000 | R--D | C] -- C:\Programme
[2013.06.19 13:42:53 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\SpeechEngines
[2013.06.19 13:42:53 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared
[2013.06.19 13:42:53 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien
[2013.06.19 13:42:49 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2013.06.19 13:42:49 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2013.06.19 13:42:49 | 000,127,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2013.06.19 13:42:49 | 000,109,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2013.06.19 13:42:49 | 000,103,936 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2013.06.19 13:42:49 | 000,086,556 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2013.06.19 13:42:49 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2013.06.19 13:42:49 | 000,073,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2013.06.19 13:42:49 | 000,070,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2013.06.19 13:42:49 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\mmsystem.dll
[2013.06.19 13:42:49 | 000,033,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2013.06.19 13:42:49 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2013.06.19 13:42:49 | 000,025,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2013.06.19 13:42:49 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2013.06.19 13:42:49 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2013.06.19 13:42:49 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2013.06.19 13:42:49 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2013.06.19 13:42:49 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2013.06.19 13:42:49 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2013.06.19 13:42:49 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2013.06.19 13:42:49 | 000,009,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2013.06.19 13:42:49 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2013.06.19 13:42:49 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2013.06.19 13:42:49 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2013.06.19 13:42:49 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2013.06.19 13:42:49 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2013.06.19 13:42:49 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2013.06.19 13:42:49 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2013.06.19 13:42:49 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2013.06.19 13:42:49 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2013.06.19 13:42:48 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2013.06.19 13:42:41 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente
[2013.06.19 13:42:41 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü
[2013.06.19 13:42:41 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
[2013.06.19 13:42:41 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Vorlagen
[2013.06.19 13:42:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Favoriten
[2013.06.19 13:42:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Desktop
[2013.06.19 13:42:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2013.06.19 13:42:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2013.06.19 13:42:26 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
[2013.06.19 13:42:26 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten
[2013.06.19 13:42:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen
[2013.06.19 13:41:44 | 000,000,000 | ---D | C] -- C:\DRV
[2013.06.19 13:40:15 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2013.06.19 13:40:15 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2013.06.19 13:40:15 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2013.06.19 13:40:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2013.06.19 13:40:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.25 10:54:11 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
[2013.06.25 10:54:11 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
[2013.06.25 10:54:11 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
[2013.06.25 10:54:11 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
[2013.06.25 10:53:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.06.25 10:53:22 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.24 22:27:26 | 000,140,253 | ---- | M] () -- C:\Dokumente und Einstellungen\Antonio\Lokale Einstellungen\Anwendungsdaten\census.cache
[2013.06.24 22:26:53 | 000,142,568 | ---- | M] () -- C:\Dokumente und Einstellungen\Antonio\Lokale Einstellungen\Anwendungsdaten\ars.cache
[2013.06.24 19:48:42 | 000,000,036 | ---- | M] () -- C:\Dokumente und Einstellungen\Antonio\Lokale Einstellungen\Anwendungsdaten\housecall.guid.cache
[2013.06.24 19:44:18 | 000,009,728 | ---- | M] () -- C:\Dokumente und Einstellungen\Antonio\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.06.24 16:29:58 | 000,072,224 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2013.06.24 16:09:32 | 000,002,716 | ---- | M] () -- C:\WINDOWS\System32\drivers\fvstore.dat
[2013.06.24 15:56:40 | 000,001,667 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\COMODO Internet Security.lnk
[2013.06.24 14:44:58 | 000,000,759 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Gemeinsamer Bereich.lnk
[2013.06.24 14:39:08 | 000,001,764 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AntiError.lnk
[2013.06.24 14:39:08 | 000,001,760 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\GeekBuddy.lnk
[2013.06.24 12:06:10 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2013.06.24 09:40:08 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.06.20 13:29:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Antonio\Desktop\OTL.exe
[2013.06.20 10:29:01 | 020,034,184 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Antonio\Desktop\Windows-KB890830-V5.1.exe
[2013.06.20 09:26:54 | 000,173,620 | ---- | M] () -- C:\Dokumente und Einstellungen\Antonio\Desktop\WindowsUpdateDiagnostic.diagcab
[2013.06.20 09:16:32 | 000,001,456 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Opera.lnk
[2013.06.19 18:47:42 | 000,000,595 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2013.06.19 18:06:07 | 000,262,144 | ---- | M] () -- C:\WINDOWS\System32\default_user_class.dat
[2013.06.19 16:48:41 | 000,000,604 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk
[2013.06.19 16:39:06 | 000,318,106 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.06.19 16:39:06 | 000,312,946 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.06.19 16:39:06 | 000,049,028 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.06.19 16:39:06 | 000,040,664 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.06.19 16:35:17 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013.06.19 16:34:02 | 000,091,888 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.06.19 16:32:55 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.06.19 16:12:14 | 000,251,184 | RHS- | M] () -- C:\ntldr
[2013.06.19 16:12:14 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2013.06.19 15:21:39 | 000,000,010 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2013.06.19 14:42:40 | 000,000,525 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2013.06.19 14:09:36 | 000,000,798 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013.06.19 14:08:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl_old
[2013.06.19 14:03:56 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2013.06.19 14:01:18 | 000,000,061 | ---- | M] () -- C:\WINDOWS\smscfg.ini
[2013.06.19 14:01:14 | 000,000,333 | ---- | M] () -- C:\WINDOWS\System32\$ncsp$.inf
[2013.06.19 13:58:06 | 000,001,552 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PowerDVD.lnk
[2013.06.19 13:57:12 | 000,001,689 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\NTI CD & DVD-Maker 6.5 Gold.lnk
[2013.06.19 13:56:56 | 000,001,024 | RH-- | M] () -- C:\WINDOWS\System32\NTICDMK32.dll
[2013.06.19 13:55:06 | 000,724,992 | ---- | M] (Indigo Rose Corporation) -- C:\WINDOWS\iun6002.exe
[2013.06.19 13:54:32 | 000,001,387 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AvRack.lnk
[2013.06.19 13:53:56 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2013.06.19 13:53:52 | 000,000,011 | ---- | M] () -- C:\WINDOWS\System32\drivers\Acer_Aspire T120.MRK
[2013.06.19 13:49:00 | 000,002,951 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.06.19 13:49:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013.06.19 13:49:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013.06.19 13:49:00 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2013.06.19 13:49:00 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2013.06.19 13:48:58 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2013.06.19 13:48:58 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.06.19 13:48:58 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.06.19 13:48:52 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013.06.19 13:47:24 | 000,021,740 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.06.19 13:33:02 | 000,000,512 | -HS- | M] () -- C:\BOOTSECT.DOS
[2013.06.18 17:16:22 | 000,099,520 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2013.06.18 17:16:22 | 000,032,816 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2013.06.18 17:16:21 | 000,593,408 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys
[2013.06.18 17:16:20 | 000,018,528 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmderd.sys
[2013.06.18 17:15:48 | 000,035,488 | ---- | M] (COMODO) -- C:\WINDOWS\System32\cmdcsr.dll
[2013.06.18 17:15:47 | 000,348,584 | ---- | M] (COMODO) -- C:\WINDOWS\System32\guard32.dll
[2013.06.18 17:15:35 | 000,278,232 | ---- | M] (COMODO) -- C:\WINDOWS\System32\cmdvrt32.dll
[2013.06.18 17:15:34 | 000,040,664 | ---- | M] (COMODO) -- C:\WINDOWS\System32\cmdkbd32.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.24 22:27:26 | 000,140,253 | ---- | C] () -- C:\Dokumente und Einstellungen\Antonio\Lokale Einstellungen\Anwendungsdaten\census.cache
[2013.06.24 22:26:53 | 000,142,568 | ---- | C] () -- C:\Dokumente und Einstellungen\Antonio\Lokale Einstellungen\Anwendungsdaten\ars.cache
[2013.06.24 19:48:42 | 000,000,036 | ---- | C] () -- C:\Dokumente und Einstellungen\Antonio\Lokale Einstellungen\Anwendungsdaten\housecall.guid.cache
[2013.06.24 15:56:57 | 000,002,716 | ---- | C] () -- C:\WINDOWS\System32\drivers\fvstore.dat
[2013.06.24 15:11:59 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
[2013.06.24 15:11:59 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
[2013.06.24 15:11:59 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
[2013.06.24 15:11:58 | 000,000,432 | ---- | C] () -- C:\WINDOWS\tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
[2013.06.24 15:10:52 | 000,072,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2013.06.24 14:44:59 | 000,001,667 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\COMODO Internet Security.lnk
[2013.06.24 14:44:58 | 000,000,759 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Gemeinsamer Bereich.lnk
[2013.06.24 14:39:08 | 000,001,764 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AntiError.lnk
[2013.06.24 14:39:08 | 000,001,760 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\GeekBuddy.lnk
[2013.06.24 12:06:56 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys
[2013.06.20 09:26:54 | 000,173,620 | ---- | C] () -- C:\Dokumente und Einstellungen\Antonio\Desktop\WindowsUpdateDiagnostic.diagcab
[2013.06.20 09:18:16 | 000,000,484 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Konsole1.lnk
[2013.06.20 09:16:32 | 000,001,462 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Opera.lnk
[2013.06.20 09:16:32 | 000,001,456 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Opera.lnk
[2013.06.19 18:47:42 | 000,000,595 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2013.06.19 18:47:42 | 000,000,595 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2013.06.19 18:06:07 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
[2013.06.19 16:48:41 | 000,000,604 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\VLC media player.lnk
[2013.06.19 16:41:07 | 000,009,728 | ---- | C] () -- C:\Dokumente und Einstellungen\Antonio\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.06.19 16:40:05 | 000,000,772 | ---- | C] () -- C:\Dokumente und Einstellungen\Antonio\Startmenü\Programme\Windows Media Player.lnk
[2013.06.19 16:39:51 | 000,001,503 | ---- | C] () -- C:\Dokumente und Einstellungen\Antonio\Startmenü\Programme\Remoteunterstützung.lnk
[2013.06.19 16:39:51 | 000,000,747 | ---- | C] () -- C:\Dokumente und Einstellungen\Antonio\Startmenü\Programme\Internet Explorer.lnk
[2013.06.19 16:17:31 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2013.06.19 16:17:31 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013.06.19 16:17:30 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2013.06.19 16:17:25 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2013.06.19 15:11:09 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2013.06.19 14:42:26 | 000,000,525 | ---- | C] () -- C:\WINDOWS\System32\mapisvc.inf
[2013.06.19 14:42:24 | 000,107,882 | ---- | C] () -- C:\WINDOWS\System32\mib_ii.mib
[2013.06.19 14:42:24 | 000,049,275 | ---- | C] () -- C:\WINDOWS\System32\wfospf.mib
[2013.06.19 14:42:24 | 000,048,593 | ---- | C] () -- C:\WINDOWS\System32\hostmib.mib
[2013.06.19 14:42:24 | 000,038,608 | ---- | C] () -- C:\WINDOWS\System32\nipx.mib
[2013.06.19 14:42:24 | 000,034,317 | ---- | C] () -- C:\WINDOWS\System32\msiprip2.mib
[2013.06.19 14:42:24 | 000,030,448 | ---- | C] () -- C:\WINDOWS\System32\mcastmib.mib
[2013.06.19 14:42:24 | 000,026,236 | ---- | C] () -- C:\WINDOWS\System32\wins.mib
[2013.06.19 14:42:24 | 000,026,100 | ---- | C] () -- C:\WINDOWS\System32\lmmib2.mib
[2013.06.19 14:42:24 | 000,021,386 | ---- | C] () -- C:\WINDOWS\System32\mipx.mib
[2013.06.19 14:42:24 | 000,016,617 | ---- | C] () -- C:\WINDOWS\System32\authserv.mib
[2013.06.19 14:42:24 | 000,015,799 | ---- | C] () -- C:\WINDOWS\System32\ipforwd.mib
[2013.06.19 14:42:24 | 000,015,597 | ---- | C] () -- C:\WINDOWS\System32\accserv.mib
[2013.06.19 14:42:24 | 000,013,767 | ---- | C] () -- C:\WINDOWS\System32\msipbtp.mib
[2013.06.19 14:42:24 | 000,010,313 | ---- | C] () -- C:\WINDOWS\System32\mripsap.mib
[2013.06.19 14:42:24 | 000,004,597 | ---- | C] () -- C:\WINDOWS\System32\dhcp.mib
[2013.06.19 14:42:24 | 000,004,332 | ---- | C] () -- C:\WINDOWS\System32\smi.mib
[2013.06.19 14:42:24 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2013.06.19 14:42:24 | 000,001,428 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\quotes
[2013.06.19 14:42:24 | 000,001,361 | ---- | C] () -- C:\WINDOWS\System32\fxscount.h
[2013.06.19 14:42:24 | 000,000,581 | ---- | C] () -- C:\WINDOWS\System32\msft.mib
[2013.06.19 14:03:55 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2013.06.19 14:01:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2013.06.19 14:01:13 | 000,000,333 | ---- | C] () -- C:\WINDOWS\System32\$ncsp$.inf
[2013.06.19 14:00:03 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2013.06.19 14:00:03 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2013.06.19 14:00:03 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2013.06.19 14:00:03 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2013.06.19 13:59:44 | 000,000,672 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Windows Movie Maker.lnk
[2013.06.19 13:58:04 | 000,001,552 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PowerDVD.lnk
[2013.06.19 13:57:10 | 000,001,689 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\NTI CD & DVD-Maker 6.5 Gold.lnk
[2013.06.19 13:56:54 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK32.dll
[2013.06.19 13:55:52 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2013.06.19 13:54:30 | 000,001,387 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AvRack.lnk
[2013.06.19 13:54:29 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\ALSNDMGR.WAV
[2013.06.19 13:54:29 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2013.06.19 13:54:27 | 000,000,640 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2013.06.19 13:53:50 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\drivers\Acer_Aspire T120.MRK
[2013.06.19 13:53:48 | 000,094,262 | ---- | C] () -- C:\WINDOWS\System32\drivers\mrk.exe
[2013.06.19 13:52:14 | 000,000,116 | ---- | C] () -- C:\WINDOWS\ZEN0030A.REG
[2013.06.19 13:52:14 | 000,000,113 | ---- | C] () -- C:\WINDOWS\SCREENS.REG
[2013.06.19 13:52:14 | 000,000,103 | ---- | C] () -- C:\WINDOWS\USB.REG
[2013.06.19 13:51:17 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.06.19 13:48:58 | 000,002,951 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.06.19 13:48:58 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013.06.19 13:48:58 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013.06.19 13:48:58 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2013.06.19 13:48:58 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2013.06.19 13:48:57 | 000,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2013.06.19 13:48:57 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.06.19 13:48:56 | 000,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2013.06.19 13:48:56 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.06.19 13:47:37 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2013.06.19 13:47:37 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2013.06.19 13:47:22 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.06.19 13:46:19 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2013.06.19 13:46:19 | 000,001,237 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013.06.19 13:46:19 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2013.06.19 13:46:17 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2013.06.19 13:42:59 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013.06.19 13:42:55 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.06.19 13:42:49 | 000,001,806 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2013.06.19 13:42:13 | 000,091,888 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.06.19 13:41:47 | 000,000,798 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2013.06.19 13:33:02 | 000,000,512 | -HS- | C] () -- C:\BOOTSECT.DOS
[2013.06.19 08:43:03 | 001,028,096 | R--- | C] () -- C:\WINDOWS\EAW Vehicles.scr
[2013.06.19 08:43:02 | 004,489,216 | R--- | C] () -- C:\WINDOWS\EAW Deathstar.scr
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2004.08.04 00:57:34 | 001,483,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2004.08.04 00:57:20 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2004.08.04 00:57:38 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.06.24 14:44:58 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Shared Space
[2013.06.19 19:20:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten\ASCOMP Software
[2013.06.19 13:55:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten\InterTrust
[2013.06.20 09:16:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten\Opera
[2013.06.24 15:20:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten\pdfforge
[2013.06.19 13:55:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Default User\Anwendungsdaten\InterTrust
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 176 bytes -> C:\Dokumente und Einstellungen\Antonio\Desktop\Windows-KB890830-V5.1.exe:SummaryInformation

< End of report >

OTL Extra
Code:
ATTFilter
OTL Extras logfile created on: 25.06.2013 10:57:09 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Antonio\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
511.48 Mb Total Physical Memory | 192.35 Mb Available Physical Memory | 37.61% Memory free
1.60 Gb Paging File | 1.23 Gb Available in Paging File | 76.89% Paging File free
Paging file location(s): F:\pagefile.sys 1152 1152 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 12.16 Gb Total Space | 7.90 Gb Free Space | 64.95% Space Free | Partition Type: NTFS
Drive D: | 25.10 Gb Total Space | 2.94 Gb Free Space | 11.70% Space Free | Partition Type: NTFS
Drive E: | 6.55 Gb Total Space | 1.07 Gb Free Space | 16.39% Space Free | Partition Type: NTFS
Drive F: | 1.32 Gb Total Space | 0.18 Gb Free Space | 13.45% Space Free | Partition Type: NTFS
 
Computer Name: TONYPC | User Name: Antonio | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- E:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-3233042676-3779935395-2167395947-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- E:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "E:\Programme\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "E:\Programme\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "E:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "E:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{A47642B2-4CB5-4325-8093-C88D4747953F}" = GeekBuddy
"{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD &  DVD-Maker
"{F1EC4151-805B-4097-B9BB-7D71A417AAF1}" = COMODO Internet Security Premium
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"7-Zip" = 7-Zip 9.20
"ATI Display Driver" = ATI Display Driver
"ClearProg" = ClearProg 1.6.0 Final
"ESET Online Scanner" = ESET Online Scanner v3
"Generic USB Card Reader Driver" = Generic USB Card Reader Driver v1.9e3
"HD Tune_is1" = HD Tune 2.55
"InstallShield_{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker 6.5 Gold 
"InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"Opera 12.15.1748" = Opera 12.15
"Secure Eraser_is1" = Secure Eraser
"VLC media player" = VLC media player 2.0.7
"Windows XP Service Pack" = Windows XP Service Pack 2
 
< End of report >

Alt 08.07.2013, 10:50   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Nach Formatierung noch Malware vorhanden? - Standard

Nach Formatierung noch Malware vorhanden?


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 08.07.2013, 13:24   #3
Loki51
 
Nach Formatierung noch Malware vorhanden? - Standard

Nach Formatierung noch Malware vorhanden?


Hallo, hier sind die Scanresultate:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2013
Ran by Antonio (administrator) on 08-07-2013 13:59:23
Running from C:\Dokumente und Einstellungen\Antonio\Desktop
Microsoft Windows XP Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 6
Boot Mode: Normal

==================== Could not list processes ===============

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SoundMan] SOUNDMAN.EXE [x]
HKLM\...\Run: [gbrspcontrol] "C:\Programme\Gemeinsame Dateien\COMODO\GeekBuddyRSP.exe" -controlservice -slave [1851088 2013-04-17] (Comodo Security Solutions, Inc.)
HKLM\...\Run: [COMODO Internet Security] E:\Programme\COMODO\COMODO Internet Security\cistray.exe [x]
SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://global.acer.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://GLOBAL.ACER.COM/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope value is missing.
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\System32\browseui.dll (Microsoft Corporation)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1371655848902
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1371660383640
Handler: ipp - No CLSID Value - 
Handler: msdaipp - No CLSID Value - 
Tcpip\Parameters: [DhcpNameServer] 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Antonio\Anwendungsdaten\Mozilla\Firefox\Profiles\ayel3a1u.default
FF NetworkProxy: "type", 0
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - E:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - E:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - E:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - E:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

========================== Services (Whitelisted) =================

R2 Ati HotKey Poller; C:\Windows\System32\Ati2evxx.exe [303104 2003-07-20] ()
S3 CLPSLauncher; C:\Programme\Gemeinsame Dateien\COMODO\launcher_service.exe [70344 2013-04-17] (Comodo Security Solutions Inc.)
R2 cmdAgent; E:\Programme\COMODO\COMODO Internet Security\cmdagent.exe [4785848 2013-06-18] (COMODO)
S3 cmdvirth; E:\Programme\COMODO\COMODO Internet Security\cmdvirth.exe [127192 2013-06-18] (COMODO)
S3 GeekBuddyRSP; C:\Programme\Gemeinsame Dateien\COMODO\GeekBuddyRSP.exe [1851088 2013-04-17] (Comodo Security Solutions, Inc.)
R2 Iprip; C:\Windows\System32\iprip.dll [36864 2004-08-04] (Microsoft Corporation)
R2 KSS; C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202328 2012-12-07] (Kaspersky Lab ZAO)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
S4 HidServ; %SystemRoot%\System32\hidserv.dll [x]

==================== Drivers (Whitelisted) ====================

R3 ALCXSENS; C:\Windows\System32\drivers\ALCXSENS.SYS [404736 2003-09-23] (Sensaura Ltd)
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [462940 2003-09-23] (Realtek Semiconductor Corp.)
R3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [600064 2003-07-20] (ATI Technologies Inc.)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [36112 2012-09-03] (Windows (R) Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [18528 2013-06-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [593408 2013-06-18] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [32816 2013-06-18] (COMODO)
R0 Inspect; C:\Windows\System32\DRIVERS\inspect.sys [99520 2013-06-18] (COMODO)
R3 ltmodem5; C:\Windows\System32\DRIVERS\ltmdmnt.sys [607196 2004-08-04] (LT)
R3 RTL8023; C:\Windows\System32\DRIVERS\Rtlnic51.sys [65152 2003-08-04] (Realtek Semiconductor Corporation                           )
S3 Secdrv; C:\Windows\System32\DRIVERS\secdrv.sys [27440 2002-03-25] ()
R0 viaagp1; C:\Windows\System32\DRIVERS\viaagp1.sys [27904 2003-07-02] (VIA Technologies, Inc.)
S3 ATICDSDr; \??\C:\DOKUME~1\Admin\LOKALE~1\Temp\ATICDSDr.sys [x]
S4 IntelIde; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-08 13:59 - 2013-07-08 13:59 - 00000000 ____D C:\FRST
2013-07-04 17:27 - 2013-07-04 17:27 - 00000000 ____D C:\PCWELT
2013-06-26 20:03 - 2004-08-03 22:58 - 00015104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbscan.sys
2013-06-26 20:03 - 2004-08-03 22:58 - 00015104 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\usbscan.sys
2013-06-26 19:55 - 2013-06-26 19:55 - 00000000 ___HD C:\CanoScan
2013-06-26 19:55 - 2003-06-20 16:31 - 00749568 ____A (CANON INC.) C:\Windows\System32\CNQA2405.dll
2013-06-26 19:55 - 2003-06-05 11:41 - 00192512 ____A (Canon) C:\Windows\System32\CNQL2405.dll
2013-06-26 19:55 - 2003-04-04 14:25 - 00040960 ____A (CANON INC.) C:\Windows\System32\CNQU72.DLL
2013-06-26 19:55 - 2002-05-24 03:04 - 00389180 ____A (Canon) C:\Windows\System32\UCS32P.DLL
2013-06-26 13:14 - 2013-06-26 13:14 - 00000000 ___HD C:\Windows\PIF
2013-06-24 15:57 - 2013-06-24 15:57 - 00000000 ___HD C:\VTRoot
2013-06-24 15:56 - 2013-06-24 16:09 - 00002716 ____A C:\Windows\System32\Drivers\fvstore.dat
2013-06-24 15:20 - 2013-04-09 15:13 - 00095416 ____A (pdfforge GmbH) C:\Windows\System32\pdfcmon.dll
2013-06-24 15:20 - 2013-01-09 15:52 - 01070152 ____A (Microsoft Corporation) C:\Windows\System32\MSCOMCTL.OCX
2013-06-24 15:20 - 2012-05-05 11:54 - 00662288 ____A (Microsoft Corporation) C:\Windows\System32\MSCOMCT2.OCX
2013-06-24 15:20 - 2012-05-05 11:54 - 00137000 ____A (Microsoft Corporation) C:\Windows\System32\MSMAPI32.OCX
2013-06-24 15:19 - 2012-05-05 11:54 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\MSMPIDE.DLL
2013-06-24 15:19 - 1998-07-06 18:56 - 00125712 ____A (Microsoft Corporation) C:\Windows\System32\VB6DE.DLL
2013-06-24 15:19 - 1998-07-06 18:55 - 00158208 ____A (Microsoft Corporation) C:\Windows\System32\MSCMCDE.DLL
2013-06-24 15:19 - 1998-07-06 18:55 - 00064512 ____A (Microsoft Corporation) C:\Windows\System32\MSCC2DE.DLL
2013-06-24 15:11 - 2013-07-08 13:50 - 00000432 ____A C:\Windows\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
2013-06-24 15:11 - 2013-07-08 13:45 - 00000432 ____A C:\Windows\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2013-06-24 15:11 - 2013-07-08 13:45 - 00000432 ____A C:\Windows\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2013-06-24 15:11 - 2013-07-08 13:45 - 00000432 ____A C:\Windows\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
2013-06-24 15:10 - 2013-07-08 13:54 - 00231344 ____A C:\Windows\System32\Drivers\sfi.dat
2013-06-20 12:17 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-20 11:10 - 2004-08-03 23:08 - 00026496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2013-06-20 11:10 - 2004-08-03 23:08 - 00026496 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\usbstor.sys
2013-06-20 09:45 - 2013-06-03 17:43 - 73393752 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-19 18:06 - 2013-06-19 18:06 - 00262144 ____A C:\Windows\System32\default_user_class.dat
2013-06-19 18:06 - 2013-06-19 18:06 - 00001024 ___AH C:\Windows\System32\default_user_class.dat.LOG
2013-06-19 16:44 - 2010-05-21 12:11 - 01061888 ____A (J.C. Kessels) C:\Windows\System32\MyDefragScreenSaver_v4.3.1.exe
2013-06-19 16:44 - 2010-05-21 12:11 - 00475648 ____A (J.C. Kessels) C:\Windows\System32\MyDefragScreenSaver_v4.3.1.scr
2013-06-19 16:34 - 2013-07-08 13:56 - 00189571 ____A C:\Windows\WindowsUpdate.log
2013-06-19 16:34 - 2013-06-19 16:35 - 00028863 ____A C:\Windows\spupdsvc.log
2013-06-19 16:34 - 2013-06-19 16:34 - 00000251 ____A C:\Windows\System32\spupdwxp.log
2013-06-19 16:18 - 2013-06-19 16:18 - 00000200 ____A C:\Windows\cmsetacl.log
2013-06-19 16:17 - 2013-06-19 16:17 - 00000000 ____D C:\Windows\provisioning
2013-06-19 16:17 - 2013-06-19 16:17 - 00000000 ____D C:\Windows\peernet
2013-06-19 16:17 - 2012-06-04 17:35 - 00210968 ____A (Microsoft Corporation) C:\Windows\System32\wuweb.dll
2013-06-19 16:17 - 2012-06-04 17:35 - 00210968 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wuweb.dll
2013-06-19 16:17 - 2004-08-04 00:58 - 00381440 ____N (Microsoft Corporation) C:\Windows\System32\irprops.cpl
2013-06-19 16:17 - 2004-08-04 00:58 - 00168448 ____N (Microsoft Corporation) C:\Windows\System32\wuauclt1.exe
2013-06-19 16:17 - 2004-08-04 00:58 - 00162816 ____N (Microsoft Corporation) C:\Windows\System32\wuaucpl.cpl
2013-06-19 16:17 - 2004-08-04 00:58 - 00148480 ____N (Microsoft Corporation) C:\Windows\System32\wscui.cpl
2013-06-19 16:17 - 2004-08-04 00:58 - 00110592 ____N (Microsoft Corporation) C:\Windows\System32\bthprops.cpl
2013-06-19 16:17 - 2004-08-04 00:58 - 00080384 ____N (Microsoft Corporation) C:\Windows\System32\firewall.cpl
2013-06-19 16:17 - 2004-08-04 00:58 - 00073796 ____N (Smart Link) C:\Windows\System32\slserv.exe
2013-06-19 16:17 - 2004-08-04 00:58 - 00061440 ____N (Microsoft Corporation) C:\Windows\System32\logman.exe
2013-06-19 16:17 - 2004-08-04 00:58 - 00049152 ____N (Microsoft Corporation) C:\Windows\System32\powercfg.exe
2013-06-19 16:17 - 2004-08-04 00:58 - 00032866 ____N (Smart Link) C:\Windows\System32\slrundll.exe
2013-06-19 16:17 - 2004-08-04 00:58 - 00032866 ____N (Smart Link) C:\Windows\slrundll.exe
2013-06-19 16:17 - 2004-08-04 00:58 - 00028672 ____N (Microsoft Corporation) C:\Windows\System32\vidcap.ax
2013-06-19 16:17 - 2004-08-04 00:58 - 00025600 ____N (Microsoft Corporation) C:\Windows\System32\netsetup.cpl
2013-06-19 16:17 - 2004-08-04 00:58 - 00023040 ____N (ATI Technologies Inc.) C:\Windows\System32\ativmvxx.ax
2013-06-19 16:17 - 2004-08-04 00:58 - 00013824 ____N (Microsoft Corporation) C:\Windows\System32\wscntfy.exe
2013-06-19 16:17 - 2004-08-04 00:58 - 00009728 ____N (Microsoft Corporation) C:\Windows\System32\proxycfg.exe
2013-06-19 16:17 - 2004-08-04 00:58 - 00009728 ____N (ATI Technologies Inc.) C:\Windows\System32\ativdaxx.ax
2013-06-19 16:17 - 2004-08-04 00:58 - 00008192 ____N (Microsoft Corporation) C:\Windows\System32\smbinst.exe
2013-06-19 16:17 - 2004-08-04 00:57 - 04274816 ____N (NVIDIA Corporation) C:\Windows\System32\nv4_disp.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 01737856 ____N (Matrox Graphics Inc.) C:\Windows\System32\mtxparhd.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00526848 ____N (Microsoft Corporation) C:\Windows\System32\p2psvc.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00516768 ____N (ATI Technologies Inc. ) C:\Windows\System32\ativvaxx.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00431616 ____N (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00397056 ____N (S3 Graphics, Inc.) C:\Windows\System32\s3gnb.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00377984 ____N (ATI Technologies Inc.) C:\Windows\System32\ati2dvaa.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00312320 ____N (Microsoft Corporation) C:\Windows\System32\p2pgraph.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00286792 ____N (Smart Link) C:\Windows\System32\slextspk.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00229376 ____N (ATI Technologies Inc.) C:\Windows\System32\ati2cqag.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00193024 ____N (Microsoft Corporation) C:\Windows\System32\fsquirt.exe
2013-06-19 16:17 - 2004-08-04 00:57 - 00188508 ____N (Smart Link) C:\Windows\System32\slgen.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00183808 ____N (Microsoft Corporation) C:\Windows\System32\wuaueng1.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00129536 ____N (Microsoft Corporation) C:\Windows\System32\xmlprov.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00118784 ____N (Microsoft Corporation) C:\Windows\System32\msdadiag.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00116224 ____N (Microsoft Corporation) C:\Windows\System32\p2p.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00113664 ____N (Microsoft Corporation) C:\Windows\System32\wucltui.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00108032 ____N (Microsoft Corporation) C:\Windows\System32\wshbth.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00088064 ____N (Microsoft Corporation) C:\Windows\System32\p2pnetsh.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00086016 ____N (Microsoft Corporation) C:\Windows\System32\p2pgasvc.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00086016 ____N (Conexant) C:\Windows\System32\mdmxsdk.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00081920 ____N C:\Windows\System32\ieencode.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00081408 ____N (Microsoft Corporation) C:\Windows\System32\wscsvc.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00075776 ____N (Microsoft Corporation) C:\Windows\System32\strmfilt.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00073832 ____N (Smart Link) C:\Windows\System32\slcoinst.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00071680 ____N (Microsoft Corporation) C:\Windows\System32\blastcln.exe
2013-06-19 16:17 - 2004-08-04 00:57 - 00060416 ____N (Microsoft Corporation) C:\Windows\System32\fwcfg.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00055808 ____N (Microsoft Corporation) C:\Windows\System32\extmgr.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00050688 ____N (Microsoft Corporation) C:\Windows\System32\btpanui.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00050176 ____N (Microsoft Corporation) C:\Windows\System32\xmlprovi.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00048640 ____N (Microsoft Corporation) C:\Windows\System32\pnrpnsp.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00044032 ____N (Microsoft Corporation) C:\Windows\System32\twext.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00036864 ____N (Microsoft Corporation) C:\Windows\System32\wups.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00032768 ____N (ATI Technologies Inc.) C:\Windows\System32\ativtmxx.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00032285 ____N (Conexant Systems, Inc.) C:\Windows\System32\hsfcisp2.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00030208 ____N (Microsoft Corporation) C:\Windows\System32\bthserv.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00029184 ____N (Microsoft Corporation) C:\Windows\System32\sdhcinst.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00025471 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv04nt5.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00024576 ____N (Microsoft Corporation) C:\Windows\System32\httpapi.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00022528 ____N (Microsoft Corporation) C:\Windows\System32\fltmc.exe
2013-06-19 16:17 - 2004-08-04 00:57 - 00021183 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv01nt5.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00020992 ____N (Microsoft Corporation) C:\Windows\System32\bthci.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00017408 ____N (Microsoft Corporation) C:\Windows\System32\winshfhc.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00017279 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv10nt5.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00016896 ____N (Microsoft Corporation) C:\Windows\System32\fltlib.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00015872 ____N (Microsoft Corporation) C:\Windows\System32\w3ssl.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00015423 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\ch7xxnt5.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00014336 ____N (Microsoft Corporation) C:\Windows\System32\auditusr.exe
2013-06-19 16:17 - 2004-08-04 00:57 - 00014143 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv06nt5.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00013824 ____N (Microsoft Corporation) C:\Windows\System32\cmsetacl.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00011359 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv02nt5.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00011325 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\vchnt5.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00008192 ____N (Microsoft Corporation) C:\Windows\System32\bitsprx2.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00007168 ____N (Microsoft Corporation) C:\Windows\System32\bitsprx3.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00004255 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv01nt5.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00003967 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv02nt5.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00003901 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\siint5.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00003775 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv11nt5.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00003711 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv09nt5.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00003647 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv07nt5.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00003615 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv05nt5.dll
2013-06-19 16:17 - 2004-08-04 00:57 - 00003135 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv08nt5.dll
2013-06-19 16:17 - 2004-08-04 00:56 - 02981888 ____N (Microsoft Corporation) C:\Windows\System32\xpsp2res.dll
2013-06-19 16:17 - 2004-08-04 00:55 - 00438784 ____N (Microsoft Corporation) C:\Windows\System32\xpob2res.dll
2013-06-19 16:17 - 2004-08-04 00:55 - 00007680 ____N (Microsoft Corporation) C:\Windows\System32\kbdsmsno.dll
2013-06-19 16:17 - 2004-08-04 00:55 - 00007680 ____N (Microsoft Corporation) C:\Windows\System32\kbdsmsfi.dll
2013-06-19 16:17 - 2004-08-04 00:55 - 00007168 ____N (Microsoft Corporation) C:\Windows\System32\kbdukx.dll
2013-06-19 16:17 - 2004-08-04 00:55 - 00007168 ____N (Microsoft Corporation) C:\Windows\System32\kbdno1.dll
2013-06-19 16:17 - 2004-08-04 00:55 - 00007168 ____N (Microsoft Corporation) C:\Windows\System32\kbdfi1.dll
2013-06-19 16:17 - 2004-08-04 00:55 - 00006656 ____N (Microsoft Corporation) C:\Windows\System32\kbdinmal.dll
2013-06-19 16:17 - 2004-08-04 00:55 - 00006656 ____N (Microsoft Corporation) C:\Windows\System32\kbdinben.dll
2013-06-19 16:17 - 2004-08-04 00:55 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdmlt48.dll
2013-06-19 16:17 - 2004-08-04 00:55 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdmlt47.dll
2013-06-19 16:17 - 2004-08-04 00:55 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdinbe1.dll
2013-06-19 16:17 - 2004-08-04 00:55 - 00005632 ____N (Microsoft Corporation) C:\Windows\System32\kbdmaori.dll
2013-06-19 16:17 - 2004-08-04 00:44 - 00040192 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
2013-06-19 16:17 - 2004-08-04 00:42 - 00425472 ____N (Microsoft Corporation) C:\Windows\System32\html.iec
2013-06-19 16:17 - 2004-08-04 00:41 - 00025856 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2013-06-19 16:17 - 2004-08-04 00:40 - 00275200 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2013-06-19 16:17 - 2004-08-04 00:38 - 00327168 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtaa.sys
2013-06-19 16:17 - 2004-08-03 23:10 - 00078464 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2013-06-19 16:17 - 2004-08-03 23:10 - 00059648 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys
2013-06-19 16:17 - 2004-08-03 23:10 - 00038016 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys
2013-06-19 16:17 - 2004-08-03 23:10 - 00035456 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthprint.sys
2013-06-19 16:17 - 2004-08-03 23:10 - 00018944 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthusb.sys
2013-06-19 16:17 - 2004-08-03 23:10 - 00017024 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2013-06-19 16:17 - 2004-08-03 23:08 - 00015104 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys
2013-06-19 16:17 - 2004-08-03 23:07 - 00067584 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2013-06-19 16:17 - 2004-08-03 23:07 - 00046464 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\gagp30kx.sys
2013-06-19 16:17 - 2004-08-03 23:07 - 00044928 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\agpcpq.sys
2013-06-19 16:17 - 2004-08-03 23:07 - 00044672 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\uagp35.sys
2013-06-19 16:17 - 2004-08-03 23:07 - 00043008 ____N (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\amdagp.sys
2013-06-19 16:17 - 2004-08-03 23:07 - 00042752 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\alim1541.sys
2013-06-19 16:17 - 2004-08-03 23:07 - 00042368 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\agp440.sys
2013-06-19 16:17 - 2004-08-03 23:07 - 00042240 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\viaagp.sys
2013-06-19 16:17 - 2004-08-03 23:07 - 00041088 ____N (Silicon Integrated Systems Corporation) C:\Windows\System32\Drivers\sisagp.sys
2013-06-19 16:17 - 2004-08-03 23:07 - 00015488 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\mssmbios.sys
2013-06-19 16:17 - 2004-08-03 23:07 - 00006016 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\smbali.sys
2013-06-19 16:17 - 2004-08-03 23:04 - 00030080 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\rndismpx.sys
2013-06-19 16:17 - 2004-08-03 23:04 - 00013568 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys
2013-06-19 16:17 - 2004-08-03 23:04 - 00012672 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023x.sys
2013-06-19 16:17 - 2004-08-03 23:04 - 00012672 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\mutohpen.sys
2013-06-19 16:17 - 2004-08-03 23:01 - 00124800 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\fltmgr.sys
2013-06-19 16:17 - 2004-08-03 23:00 - 00263040 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2013-06-19 16:17 - 2004-08-03 23:00 - 00029056 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\ip6fw.sys
2013-06-19 16:17 - 2004-08-03 22:59 - 00011136 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\sffdisk.sys
2013-06-19 16:17 - 2004-08-03 22:59 - 00010240 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_sd.sys
2013-06-19 16:17 - 2004-08-03 22:58 - 00100992 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthpan.sys
2013-06-19 16:17 - 2004-08-03 22:41 - 01309184 ____N (Smart Link) C:\Windows\System32\Drivers\mtlstrm.sys
2013-06-19 16:17 - 2004-08-03 22:41 - 01041536 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfdpsp2.sys
2013-06-19 16:17 - 2004-08-03 22:41 - 00685056 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfcxts2.sys
2013-06-19 16:17 - 2004-08-03 22:41 - 00404990 ____N (Smart Link) C:\Windows\System32\Drivers\slntamr.sys
2013-06-19 16:17 - 2004-08-03 22:41 - 00220032 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfbs2s2.sys
2013-06-19 16:17 - 2004-08-03 22:41 - 00180360 ____N (Smart Link) C:\Windows\System32\Drivers\ntmtlfax.sys
2013-06-19 16:17 - 2004-08-03 22:41 - 00129535 ____N (Smart Link) C:\Windows\System32\Drivers\slnt7554.sys
2013-06-19 16:17 - 2004-08-03 22:41 - 00126686 ____N (Smart Link) C:\Windows\System32\Drivers\mtlmnt5.sys
2013-06-19 16:17 - 2004-08-03 22:41 - 00095424 ____N (Smart Link) C:\Windows\System32\Drivers\slnthal.sys
2013-06-19 16:17 - 2004-08-03 22:41 - 00013776 ____N (Smart Link) C:\Windows\System32\Drivers\recagent.sys
2013-06-19 16:17 - 2004-08-03 22:41 - 00013240 ____N (Smart Link) C:\Windows\System32\Drivers\slwdmsup.sys
2013-06-19 16:17 - 2004-08-03 22:41 - 00011868 ____N (Conexant) C:\Windows\System32\Drivers\mdmxsdk.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 01897408 ____N (NVIDIA Corporation) C:\Windows\System32\Drivers\nv4_mini.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00452736 ____N (Matrox Graphics Inc.) C:\Windows\System32\Drivers\mtxparhm.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00166912 ____N (S3 Graphics, Inc.) C:\Windows\System32\Drivers\s3gnbm.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00104960 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinrvxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00073216 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atintuxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00063663 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1rvxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00063488 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxsxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00057856 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinbtxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00056623 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1btxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00052224 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinraxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00036463 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1tuxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00034735 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xsxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00031744 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxbxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00030671 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1raxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00029455 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xbxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00028672 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinsnxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00026367 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1snxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00025471 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\watv10nt.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00022271 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\watv06nt.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00021343 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1ttxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00014336 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinpdxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinttxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinmdxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00012047 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1pdxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00011935 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv11nt.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00011871 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv09nt.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00011807 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv07nt.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00011615 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1mdxx.sys
2013-06-19 16:17 - 2004-08-03 22:29 - 00011295 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv08nt.sys
2013-06-19 16:17 - 2004-07-17 22:55 - 00129045 ____N C:\Windows\System32\Drivers\cxthsfs2.cty
2013-06-19 16:17 - 2004-07-17 11:36 - 00064352 ____N C:\Windows\System32\Drivers\ativmc20.cod
2013-06-19 16:17 - 2004-07-17 11:35 - 00067866 ____N C:\Windows\System32\Drivers\netwlan5.img
2013-06-19 16:15 - 2013-06-19 16:15 - 00000000 ____D C:\Windows\ServicePackFiles
2013-06-19 16:10 - 2004-08-03 22:42 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\spupdsvc.exe
2013-06-19 16:10 - 2004-07-17 11:40 - 00019528 ____A C:\Windows\002160_.tmp
2013-06-19 16:08 - 2013-06-19 16:10 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-06-19 16:08 - 2013-06-19 16:08 - 00000565 ____A C:\Windows\medctroc.Log
2013-06-19 15:58 - 2013-06-19 16:33 - 00416005 ____A C:\Windows\svcpack.log
2013-06-19 15:11 - 2013-06-19 15:21 - 00000010 ____A C:\Windows\WININIT.INI
2013-06-19 15:10 - 2013-06-19 15:10 - 00000000 ____D C:\ATI
2013-06-19 14:42 - 2013-06-24 15:21 - 00000000 ____D C:\Windows\System32\FxsTmp
2013-06-19 14:42 - 2004-08-04 00:58 - 00032768 ____A (Microsoft Corporation) C:\Windows\System32\snmp.exe
2013-06-19 14:42 - 2004-08-04 00:58 - 00008704 ____A (Microsoft Corporation) C:\Windows\System32\snmptrap.exe
2013-06-19 14:42 - 2004-08-04 00:57 - 00563200 ____A (Microsoft Corporation) C:\Windows\System32\fxsst.dll
2013-06-19 14:42 - 2004-08-04 00:57 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\fxsapi.dll
2013-06-19 14:42 - 2004-08-04 00:57 - 00400896 ____A (Microsoft Corporation) C:\Windows\System32\fxsxp32.dll
2013-06-19 14:42 - 2004-08-04 00:57 - 00397312 ____A (Microsoft Corporation) C:\Windows\System32\fxstiff.dll
2013-06-19 14:42 - 2004-08-04 00:57 - 00285184 ____A (Microsoft Corporation) C:\Windows\System32\fxscomex.dll
2013-06-19 14:42 - 2004-08-04 00:57 - 00268800 ____A (Microsoft Corporation) C:\Windows\System32\fxssvc.exe
2013-06-19 14:42 - 2004-08-04 00:57 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\fxst30.dll
2013-06-19 14:42 - 2004-08-04 00:57 - 00235520 ____A (Microsoft Corporation) C:\Windows\System32\fxscover.exe
2013-06-19 14:42 - 2004-08-04 00:57 - 00195584 ____A (Microsoft Corporation) C:\Windows\System32\fxswzrd.dll
2013-06-19 14:42 - 2004-08-04 00:57 - 00155648 ____A (Microsoft Corporation) C:\Windows\System32\fxsui.dll
2013-06-19 14:42 - 2004-08-04 00:57 - 00143360 ____A (Microsoft Corporation) C:\Windows\System32\fxsclnt.exe
2013-06-19 14:42 - 2004-08-04 00:57 - 00108032 ____A (Microsoft Corporation) C:\Windows\System32\evntagnt.dll
2013-06-19 14:42 - 2004-08-04 00:57 - 00094208 ____A (Microsoft Corporation) C:\Windows\System32\evntwin.exe
2013-06-19 14:42 - 2004-08-04 00:57 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\fxscom.dll
2013-06-19 14:42 - 2004-08-04 00:57 - 00064000 ____A (Microsoft Corporation) C:\Windows\System32\fxsevent.dll
2013-06-19 14:42 - 2004-08-04 00:57 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\hostmib.dll
2013-06-19 14:42 - 2004-08-04 00:57 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\iprip.dll
2013-06-19 14:42 - 2004-08-04 00:57 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\lmmib2.dll
2013-06-19 14:42 - 2004-08-04 00:57 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\fxsdrv.dll
2013-06-19 14:42 - 2004-08-04 00:57 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\evntcmd.exe
2013-06-19 14:42 - 2004-08-04 00:57 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\fxsmon.dll
2013-06-19 14:42 - 2004-08-04 00:57 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\fxsext32.dll
2013-06-19 14:42 - 2004-08-04 00:57 - 00008704 ____A (Microsoft Corporation) C:\Windows\System32\fxsperf.dll
2013-06-19 14:42 - 2004-08-04 00:57 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\snmpmib.dll
2013-06-19 14:42 - 2004-08-04 00:55 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\fxsres.dll
2013-06-19 14:42 - 2001-08-18 20:00 - 00139264 ____A (Microsoft Corporation) C:\Windows\System32\fxsclntR.dll
2013-06-19 14:42 - 2001-08-18 20:00 - 00139264 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\fxsclntr.dll
2013-06-19 14:42 - 2001-08-18 20:00 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\fxscfgwz.dll
2013-06-19 14:42 - 2001-08-18 20:00 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\fxscfgwz.dll
2013-06-19 14:42 - 2001-08-18 20:00 - 00107882 ____A C:\Windows\System32\mib_ii.mib
2013-06-19 14:42 - 2001-08-18 20:00 - 00049275 ____A C:\Windows\System32\wfospf.mib
2013-06-19 14:42 - 2001-08-18 20:00 - 00048593 ____A C:\Windows\System32\hostmib.mib
2013-06-19 14:42 - 2001-08-18 20:00 - 00038608 ____A C:\Windows\System32\nipx.mib
2013-06-19 14:42 - 2001-08-18 20:00 - 00034317 ____A C:\Windows\System32\msiprip2.mib
2013-06-19 14:42 - 2001-08-18 20:00 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\fxsroute.dll
2013-06-19 14:42 - 2001-08-18 20:00 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\fxsroute.dll
2013-06-19 14:42 - 2001-08-18 20:00 - 00030448 ____A C:\Windows\System32\mcastmib.mib
2013-06-19 14:42 - 2001-08-18 20:00 - 00026236 ____A C:\Windows\System32\wins.mib
2013-06-19 14:42 - 2001-08-18 20:00 - 00026100 ____A C:\Windows\System32\lmmib2.mib
2013-06-19 14:42 - 2001-08-18 20:00 - 00021386 ____A C:\Windows\System32\mipx.mib
2013-06-19 14:42 - 2001-08-18 20:00 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\simptcp.dll
2013-06-19 14:42 - 2001-08-18 20:00 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\simptcp.dll
2013-06-19 14:42 - 2001-08-18 20:00 - 00016617 ____A C:\Windows\System32\authserv.mib
2013-06-19 14:42 - 2001-08-18 20:00 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\smierrsm.dll
2013-06-19 14:42 - 2001-08-18 20:00 - 00015799 ____A C:\Windows\System32\ipforwd.mib
2013-06-19 14:42 - 2001-08-18 20:00 - 00015597 ____A C:\Windows\System32\accserv.mib
2013-06-19 14:42 - 2001-08-18 20:00 - 00013767 ____A C:\Windows\System32\msipbtp.mib
2013-06-19 14:42 - 2001-08-18 20:00 - 00011264 ____A (Microsoft Corporation) C:\Windows\System32\fxssend.exe
2013-06-19 14:42 - 2001-08-18 20:00 - 00011264 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\fxssend.exe
2013-06-19 14:42 - 2001-08-18 20:00 - 00010313 ____A C:\Windows\System32\mripsap.mib
2013-06-19 14:42 - 2001-08-18 20:00 - 00010240 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\snmpstup.dll
2013-06-19 14:42 - 2001-08-18 20:00 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\smimsgif.dll
2013-06-19 14:42 - 2001-08-18 20:00 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\smierrsy.dll
2013-06-19 14:42 - 2001-08-18 20:00 - 00004597 ____A C:\Windows\System32\dhcp.mib
2013-06-19 14:42 - 2001-08-18 20:00 - 00004332 ____A C:\Windows\System32\smi.mib
2013-06-19 14:42 - 2001-08-18 20:00 - 00003776 ____A C:\Windows\System32\fxsperf.ini
2013-06-19 14:42 - 2001-08-18 20:00 - 00001428 ____A C:\Windows\System32\Drivers\etc\quotes
2013-06-19 14:42 - 2001-08-18 20:00 - 00001361 ____A C:\Windows\System32\fxscount.h
2013-06-19 14:42 - 2001-08-18 20:00 - 00000581 ____A C:\Windows\System32\msft.mib
2013-06-19 14:40 - 2013-06-19 14:40 - 00000000 ____D C:\Windows\pss
2013-06-19 14:10 - 2002-12-11 17:34 - 00208896 ____A (Microsoft Corporation) C:\Windows\System32\wmpns.dll
2013-06-19 14:03 - 2013-06-19 14:03 - 00008192 ____A C:\Windows\REGLOCS.OLD
2013-06-19 14:01 - 2013-06-19 14:01 - 00000061 ____A C:\Windows\smscfg.ini
2013-06-19 14:00 - 2013-06-19 14:10 - 00064884 ____A C:\Windows\DirectX.log
2013-06-19 14:00 - 2004-08-04 00:58 - 00118272 ____A C:\Windows\System32\mpeg2data.ax
2013-06-19 14:00 - 2004-08-04 00:58 - 00091136 ____A (Microsoft Corporation) C:\Windows\System32\kswdmcap.ax
2013-06-19 14:00 - 2004-08-04 00:58 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\kstvtune.ax
2013-06-19 14:00 - 2004-08-04 00:58 - 00056832 ____A C:\Windows\System32\msdvbnp.ax
2013-06-19 14:00 - 2004-08-04 00:58 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\ksxbar.ax
2013-06-19 14:00 - 2004-08-04 00:58 - 00033280 ____A C:\Windows\System32\psisrndr.ax
2013-06-19 14:00 - 2004-08-04 00:58 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\vbisurf.ax
2013-06-19 14:00 - 2004-08-04 00:58 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\bdaplgin.ax
2013-06-19 14:00 - 2004-08-04 00:58 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ipsink.ax
2013-06-19 14:00 - 2004-08-04 00:57 - 01432576 ____A (Microsoft Corporation) C:\Windows\System32\msvidctl.dll
2013-06-19 14:00 - 2004-08-04 00:57 - 00363520 ____A C:\Windows\System32\psisdecd.dll
2013-06-19 14:00 - 2004-08-04 00:57 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\wstdecod.dll
2013-06-19 14:00 - 2004-08-04 00:57 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\msyuv.dll
2013-06-19 14:00 - 2004-08-03 23:10 - 00085376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\nabtsfec.sys
2013-06-19 14:00 - 2004-08-03 23:10 - 00051328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msdv.sys
2013-06-19 14:00 - 2004-08-03 23:10 - 00019328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wstcodec.sys
2013-06-19 14:00 - 2004-08-03 23:10 - 00017024 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ccdecode.sys
2013-06-19 14:00 - 2004-08-03 23:10 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\streamip.sys
2013-06-19 14:00 - 2004-08-03 23:10 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mpe.sys
2013-06-19 14:00 - 2004-08-03 23:10 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bdasup.sys
2013-06-19 14:00 - 2004-08-03 23:10 - 00011136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\slip.sys
2013-06-19 14:00 - 2004-08-03 23:10 - 00010880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndisip.sys
2013-06-19 13:59 - 2004-08-04 00:58 - 02105344 ____A (Microsoft Corporation) C:\Windows\System32\wmvcore.dll
2013-06-19 13:59 - 2004-08-04 00:58 - 00695296 ____A (Microsoft Corporation) C:\Windows\System32\drmv2clt.dll
2013-06-19 13:59 - 2004-08-04 00:58 - 00299520 ____A (Microsoft Corporation) C:\Windows\System32\drmclien.dll
2013-06-19 13:59 - 2004-08-04 00:58 - 00259072 ____A (Microsoft Corporation) C:\Windows\System32\msnetobj.dll
2013-06-19 13:59 - 2004-08-04 00:58 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\logagent.exe
2013-06-19 13:59 - 2004-08-04 00:57 - 01050624 ____A (Microsoft Corporation) C:\Windows\System32\wmnetmgr.dll
2013-06-19 13:59 - 2004-08-04 00:57 - 00809984 ____A (Microsoft Corporation) C:\Windows\System32\wmvdmod.dll
2013-06-19 13:59 - 2004-08-04 00:57 - 00759296 ____A (Microsoft Corporation) C:\Windows\System32\wmsdmod.dll
2013-06-19 13:59 - 2004-08-04 00:57 - 00670720 ____A (Microsoft Corporation) C:\Windows\System32\wmadmoe.dll
2013-06-19 13:59 - 2004-08-04 00:57 - 00408064 ____A (Microsoft Corporation) C:\Windows\System32\wmadmod.dll
2013-06-19 13:59 - 2004-08-04 00:57 - 00286208 ____A (Microsoft Corporation) C:\Windows\System32\blackbox.dll
2013-06-19 13:59 - 2004-08-04 00:57 - 00240640 ____A (Microsoft Corporation) C:\Windows\System32\mpg4dmod.dll
2013-06-19 13:59 - 2004-08-04 00:57 - 00237568 ____A (Microsoft Corporation) C:\Windows\System32\qasf.dll
2013-06-19 13:59 - 2004-08-04 00:57 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wmasf.dll
2013-06-19 13:59 - 2004-08-04 00:57 - 00087040 ____A (Microsoft Corporation) C:\Windows\System32\drmstor.dll
2013-06-19 13:59 - 2004-08-04 00:57 - 00006656 ____A (Microsoft Corporation) C:\Windows\System32\laprxy.dll
2013-06-19 13:58 - 2013-06-19 13:59 - 00003091 ____A C:\Windows\System32\jupdate-1.4.2_01-b06.log
2013-06-19 13:57 - 2013-06-19 13:57 - 00000000 ____D C:\Windows\Vbox
2013-06-19 13:57 - 2013-06-19 13:57 - 00000000 ____D C:\Windows\System32\Iosubsys
2013-06-19 13:57 - 2002-12-11 11:08 - 00081920 ____A (MyCompanyName) C:\Windows\System32\ezrgb24.ax
2013-06-19 13:57 - 2002-04-26 11:39 - 00226816 ____A (honest technology) C:\Windows\System32\htvcdsvcd.ax
2013-06-19 13:56 - 2013-06-19 13:57 - 00000000 ____D C:\Program Files\NewTech Infosystems
2013-06-19 13:56 - 2013-06-19 13:56 - 00006912 ____A (NewTech Infosystems, Inc.) C:\Windows\System32\Drivers\NTIDrvr.sys
2013-06-19 13:56 - 2013-06-19 13:56 - 00001024 ___RH C:\Windows\System32\NTICDMK32.dll
2013-06-19 13:56 - 2013-06-19 13:56 - 00000000 ____D C:\Windows\RegisteredPackages
2013-06-19 13:56 - 2004-08-04 00:58 - 00356352 ____A (Microsoft Corporation) C:\Windows\System32\msscp.dll
2013-06-19 13:56 - 2004-08-04 00:57 - 04874240 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
2013-06-19 13:56 - 2004-08-04 00:57 - 02973696 ____A (Microsoft Corporation) C:\Windows\System32\wmploc.dll
2013-06-19 13:56 - 2004-08-04 00:57 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\mswmdm.dll
2013-06-19 13:56 - 2004-08-04 00:57 - 00233472 ____A (Microsoft Corporation) C:\Windows\System32\wmpdxm.dll
2013-06-19 13:56 - 2004-08-04 00:57 - 00201728 ____A (Microsoft Corporation) C:\Windows\System32\mspmsp.dll
2013-06-19 13:56 - 2004-08-04 00:57 - 00159232 ____A (Microsoft Corporation) C:\Windows\System32\cewmdm.dll
2013-06-19 13:56 - 2004-08-04 00:57 - 00114688 ____A (Microsoft Corporation) C:\Windows\System32\wmpasf.dll
2013-06-19 13:56 - 2004-08-04 00:57 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\wmpshell.dll
2013-06-19 13:56 - 2004-08-04 00:57 - 00052736 ____A (Microsoft Corporation) C:\Windows\System32\mspmsnsv.dll
2013-06-19 13:56 - 2004-08-04 00:57 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\wmdmlog.dll
2013-06-19 13:56 - 2004-08-04 00:57 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\wmdmps.dll
2013-06-19 13:56 - 2004-08-04 00:57 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\wmpui.dll
2013-06-19 13:56 - 2004-08-04 00:57 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\wmpcore.dll
2013-06-19 13:56 - 2004-08-04 00:57 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\wmpcd.dll
2013-06-19 13:56 - 2004-08-04 00:56 - 00202752 ____A (Microsoft Corporation) C:\Windows\System32\wmerror.dll
2013-06-19 13:56 - 2004-08-04 00:54 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\asferror.dll
2013-06-19 13:56 - 2004-08-03 23:04 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\wmp.ocx
2013-06-19 13:55 - 2013-06-19 16:40 - 00137055 ____A C:\Windows\wmsetup.log
2013-06-19 13:55 - 2013-06-19 16:35 - 00316640 ____A C:\Windows\WMSysPr9.prx
2013-06-19 13:55 - 2013-06-19 13:55 - 00724992 ____A (Indigo Rose Corporation) C:\Windows\iun6002.exe
2013-06-19 13:55 - 2004-08-04 00:57 - 01119744 ____A (Microsoft Corporation) C:\Windows\System32\wmsdmoe2.dll
2013-06-19 13:55 - 2004-08-04 00:57 - 01001472 ____A (Microsoft Corporation) C:\Windows\System32\wmvdmoe2.dll
2013-06-19 13:55 - 2004-08-04 00:57 - 00896512 ____A (Microsoft Corporation) C:\Windows\System32\wmspdmoe.dll
2013-06-19 13:55 - 2004-08-04 00:57 - 00484864 ____A (Microsoft Corporation) C:\Windows\System32\wmspdmod.dll
2013-06-19 13:55 - 2004-08-04 00:57 - 00384512 ____A (Microsoft Corporation) C:\Windows\System32\mp4sdmod.dll
2013-06-19 13:55 - 2004-08-04 00:57 - 00310272 ____A (Microsoft Corporation) C:\Windows\System32\mp43dmod.dll
2013-06-19 13:55 - 2004-08-04 00:57 - 00151552 ____A (Microsoft Corporation) C:\Windows\System32\wmidx.dll
2013-06-19 13:55 - 2004-08-03 23:15 - 00082944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wdmaud.sys
2013-06-19 13:55 - 2004-08-03 23:07 - 00052864 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dmusic.sys
2013-06-19 13:55 - 2004-08-03 23:07 - 00006400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\splitter.sys
2013-06-19 13:55 - 2001-08-17 14:00 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\swmidi.sys
2013-06-19 13:55 - 1998-11-17 12:44 - 00328704 ____A (InstallShield Software Corporation ) C:\Windows\IsUn0407.exe
2013-06-19 13:54 - 2013-06-19 16:10 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2013-06-19 13:54 - 2004-08-04 00:58 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\wdmaud.drv
2013-06-19 13:54 - 2004-08-03 23:15 - 00145792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2013-06-19 13:54 - 2004-08-03 23:15 - 00060800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sysaudio.sys
2013-06-19 13:54 - 2004-08-03 23:08 - 00060288 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2013-06-19 13:54 - 2004-08-03 23:07 - 00171776 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\kmixer.sys
2013-06-19 13:54 - 2004-08-03 23:07 - 00002944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
2013-06-19 13:54 - 2004-08-03 22:39 - 00142464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\aec.sys
2013-06-19 13:54 - 2003-09-23 09:14 - 00000164 ____A C:\Windows\avrack.ini
2013-06-19 13:54 - 2003-09-23 09:10 - 00720896 ____A (Sensaura Ltd) C:\Windows\System32\Audio3D.dll
2013-06-19 13:54 - 2003-09-23 09:10 - 00720896 ____A (Sensaura Ltd) C:\Windows\System32\a3d.dll
2013-06-19 13:54 - 2003-09-23 09:10 - 00141016 ____A C:\Windows\System32\ALSNDMGR.WAV
2013-06-19 13:54 - 2003-09-23 09:10 - 00000640 ____A C:\Windows\System32\Drivers\alcxinit.dat
2013-06-19 13:54 - 2003-09-23 09:09 - 10435072 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\ALSNDMGR.CPL
2013-06-19 13:54 - 2003-09-23 09:09 - 00462940 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\ALCXWDM.SYS
2013-06-19 13:54 - 2003-09-23 09:09 - 00057344 ____A (Realtek Semiconductor Corp.) C:\Windows\SOUNDMAN.EXE
2013-06-19 13:54 - 2003-09-23 09:03 - 00404736 ____A (Sensaura Ltd) C:\Windows\System32\Drivers\ALCXSENS.SYS
2013-06-19 13:54 - 2003-09-23 09:02 - 00208896 ____A (Realtek Semiconductor Corp.) C:\Windows\alcupd.exe
2013-06-19 13:54 - 2003-09-23 09:02 - 00139264 ____A (Realtek Semiconductor Corp.) C:\Windows\alcrmv.exe
2013-06-19 13:54 - 2003-07-02 04:42 - 00027904 ____A (VIA Technologies, Inc.) C:\Windows\System32\Drivers\VIAAGP1.SYS
2013-06-19 13:54 - 2001-08-18 04:18 - 00036224 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\isapnp.sys
2013-06-19 13:54 - 1998-10-29 19:45 - 00306688 ____A (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2013-06-19 13:53 - 2013-06-19 13:53 - 00006922 ____A C:\Windows\KB824146.log
2013-06-19 13:53 - 2013-06-19 13:53 - 00000578 ____A C:\Windows\xpsp1hfm.log
2013-06-19 13:53 - 2013-06-19 13:53 - 00000011 ____A C:\Windows\System32\Drivers\Acer_Aspire T120.MRK
2013-06-19 13:53 - 2013-06-19 13:53 - 00000000 ___HD C:\Windows\$NtUninstallQ816509$
2013-06-19 13:53 - 2013-06-19 13:53 - 00000000 ___HD C:\Windows\$NtUninstallKB824146$
2013-06-19 13:53 - 2004-08-04 00:57 - 01281536 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
2013-06-19 13:53 - 2004-08-04 00:57 - 00581120 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2013-06-19 13:53 - 2004-08-04 00:57 - 00395776 ____A (Microsoft Corporation) C:\Windows\System32\rpcss.dll
2013-06-19 13:53 - 2003-10-14 21:30 - 00094262 ____A C:\Windows\System32\Drivers\mrk.exe
2013-06-19 13:53 - 2003-08-02 06:14 - 00025600 ____A (Microsoft Corporation) C:\Windows\System32\xpsp1hfm.exe
2013-06-19 13:52 - 2013-06-19 13:53 - 00005739 ____A C:\Windows\Q816509.log
2013-06-19 13:52 - 2013-06-19 13:52 - 00005616 ____A C:\Windows\Q327979.log
2013-06-19 13:52 - 2013-06-19 13:52 - 00000000 ___HD C:\Windows\$NtUninstallQ327979$
2013-06-19 13:52 - 2004-07-17 22:55 - 00008704 ____N (Microsoft Corporation) C:\Windows\System32\spmsg.dll
2013-06-19 13:52 - 2003-09-11 08:36 - 00000116 ____A C:\Windows\ZEN0030A.REG
2013-06-19 13:52 - 2003-09-11 08:36 - 00000113 ____A C:\Windows\SCREENS.REG
2013-06-19 13:52 - 2003-09-11 08:36 - 00000103 ____A C:\Windows\USB.REG
2013-06-19 13:51 - 2013-07-04 17:57 - 00032644 ____A C:\Windows\SchedLgU.Txt
2013-06-19 13:51 - 2001-08-18 20:00 - 00048256 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\w32.dll
2013-06-19 13:51 - 2001-08-18 20:00 - 00041600 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\weitekp9.dll
2013-06-19 13:51 - 2001-08-18 20:00 - 00031360 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\weitekp9.sys
2013-06-19 13:51 - 2001-08-18 20:00 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\tsprof.exe
2013-06-19 13:50 - 2001-08-18 20:00 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\thawbrkr.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00131584 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\pmxviceo.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00101376 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\srusbusd.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00092416 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mga.sys
2013-06-19 13:50 - 2001-08-18 20:00 - 00092032 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mga.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00081408 ____A (Ricoh Co., Ltd.) C:\Windows\System32\dllcache\rwia330.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00081408 ____A (Ricoh Co., Ltd.) C:\Windows\System32\dllcache\rwia001.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm9aw.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\smb6w.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sma3w.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm87w.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm81w.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00029184 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm8cw.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00026624 ____A (Ricoh Co., Ltd.) C:\Windows\System32\dllcache\rw330ext.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm93w.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm92w.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm90w.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm8dw.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm8aw.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm89w.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sm59w.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\rw001ext.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00021896 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\tdipx.sys
2013-06-19 13:50 - 2001-08-18 20:00 - 00019464 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\tdspx.sys
2013-06-19 13:50 - 2001-08-18 20:00 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\jupiw.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00016896 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\quser.exe
2013-06-19 13:50 - 2001-08-18 20:00 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\register.exe
2013-06-19 13:50 - 2001-08-18 20:00 - 00013192 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\tdasync.sys
2013-06-19 13:50 - 2001-08-18 20:00 - 00011264 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\pmxmcro.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00010240 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\query.exe
2013-06-19 13:50 - 2001-08-18 20:00 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbdnecat.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbdnecnt.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbdnec95.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbdibm02.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00006656 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbdlk41a.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\pmxgl.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbdlk41j.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbdax2.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbd106n.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbd101a.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbd101.dll
2013-06-19 13:50 - 2001-08-18 20:00 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\kbdusa.dll
2013-06-19 13:50 - 2001-08-18 04:55 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_regtrace.exe
2013-06-19 13:50 - 2001-08-18 04:54 - 00205824 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_seo.dll
2013-06-19 13:50 - 2001-08-18 04:54 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_scripto.dll
2013-06-19 13:50 - 2001-08-18 04:54 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_ntfsdrv.dll
2013-06-19 13:50 - 2001-08-18 04:54 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_seos.dll
2013-06-19 13:50 - 2001-08-18 04:54 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_smtpctrs.dll
2013-06-19 13:50 - 2001-08-18 04:54 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_smtpapi.dll
2013-06-19 13:50 - 2001-08-18 04:54 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_rwnh.dll
2013-06-19 13:50 - 2001-08-18 04:54 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_snprfdll.dll
2013-06-19 13:50 - 2001-08-18 04:53 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_mailmsg.dll
2013-06-19 13:49 - 2013-06-19 13:49 - 00000000 ____D C:\Windows\System32\xircom
2013-06-19 13:49 - 2001-08-18 20:00 - 00514587 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\edb500.dll
2013-06-19 13:49 - 2001-08-18 20:00 - 00218112 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\c_g18030.dll
2013-06-19 13:49 - 2001-08-18 20:00 - 00057856 ____A (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esuimgd.dll
2013-06-19 13:49 - 2001-08-18 20:00 - 00054528 ____A (Philips Semiconductors GmbH) C:\Windows\System32\dllcache\cap7146.sys
2013-06-19 13:49 - 2001-08-18 20:00 - 00045568 ____A (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esunid.dll
2013-06-19 13:49 - 2001-08-18 20:00 - 00031744 ____A (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esucmd.dll
2013-06-19 13:49 - 2001-08-18 20:00 - 00025856 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\et4000.sys
2013-06-19 13:49 - 2001-08-18 20:00 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cprofile.exe
2013-06-19 13:49 - 2001-08-18 20:00 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\agt0804.dll
2013-06-19 13:49 - 2001-08-18 20:00 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\agt0412.dll
2013-06-19 13:49 - 2001-08-18 20:00 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\agt0411.dll
2013-06-19 13:49 - 2001-08-18 20:00 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\agt040d.dll
2013-06-19 13:49 - 2001-08-18 20:00 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\agt0404.dll
2013-06-19 13:49 - 2001-08-18 20:00 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\agt0401.dll
2013-06-19 13:49 - 2001-08-18 20:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\chgport.exe
2013-06-19 13:49 - 2001-08-18 20:00 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\flattemp.exe
2013-06-19 13:49 - 2001-08-18 20:00 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\chgusr.exe
2013-06-19 13:49 - 2001-08-18 20:00 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\chglogon.exe
2013-06-19 13:49 - 2001-08-18 20:00 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\c_iscii.dll
2013-06-19 13:49 - 2001-08-18 20:00 - 00010240 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\change.exe
2013-06-19 13:49 - 2001-08-18 20:00 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\f3ahvoas.dll
2013-06-19 13:49 - 2001-08-18 20:00 - 00006656 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\c_is2022.dll
2013-06-19 13:49 - 2001-08-18 20:00 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ftlx041e.dll
2013-06-19 13:49 - 2001-08-18 04:54 - 02134528 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_smtpsnap.dll
2013-06-19 13:49 - 2001-08-18 04:54 - 00175616 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_smtpadm.dll
2013-06-19 13:49 - 2001-08-18 04:53 - 00316928 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_aqueue.dll
2013-06-19 13:49 - 2001-08-18 04:53 - 00046592 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_aqadmin.dll
2013-06-19 13:49 - 2001-08-18 04:53 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_fcachdll.dll
2013-06-19 13:49 - 2001-08-18 04:52 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\EXCH_adsiisex.dll
2013-06-19 13:48 - 2013-07-08 13:44 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-19 13:48 - 2013-06-19 13:53 - 00025065 ____A C:\Windows\System32\wmpscheme.xml
2013-06-19 13:48 - 2013-06-19 13:49 - 00002951 ____A C:\Windows\System32\CONFIG.NT
2013-06-19 13:48 - 2013-06-19 13:49 - 00000000 _RASH C:\MSDOS.SYS
2013-06-19 13:48 - 2013-06-19 13:49 - 00000000 _RASH C:\IO.SYS
2013-06-19 13:48 - 2013-06-19 13:49 - 00000000 ____A C:\Windows\control.ini
2013-06-19 13:48 - 2013-06-19 13:49 - 00000000 ____A C:\CONFIG.SYS
2013-06-19 13:48 - 2013-06-19 13:49 - 00000000 ____A C:\AUTOEXEC.BAT
2013-06-19 13:48 - 2013-06-19 13:48 - 00299552 ____A C:\Windows\WMSysPrx.prx
2013-06-19 13:48 - 2013-06-19 13:48 - 00023392 ____A C:\Windows\System32\nscompat.tlb
2013-06-19 13:48 - 2013-06-19 13:48 - 00016832 ____A C:\Windows\System32\amcompat.tlb
2013-06-19 13:48 - 2013-06-19 13:48 - 00000488 __RAH C:\Windows\System32\WindowsLogon.manifest
2013-06-19 13:48 - 2013-06-19 13:48 - 00000488 __RAH C:\Windows\System32\logonui.exe.manifest
2013-06-19 13:48 - 2013-06-19 13:48 - 00000280 ____A C:\Windows\Windows Update.log
2013-06-19 13:48 - 2013-06-19 13:48 - 00000000 ___RD C:\Windows\Offline Web Pages
2013-06-19 13:48 - 2001-08-18 20:00 - 00112128 ____A (Microsoft Corporation) C:\Windows\System32\mapi32.dll
2013-06-19 13:47 - 2013-06-19 19:21 - 00000000 ____D C:\Windows\System32\Restore
2013-06-19 13:47 - 2013-06-19 16:14 - 00000000 ____D C:\Windows\srchasst
2013-06-19 13:47 - 2013-06-19 13:48 - 00000749 __RAH C:\Windows\WindowsShell.Manifest
2013-06-19 13:47 - 2013-06-19 13:48 - 00000749 __RAH C:\Windows\System32\wuaucpl.cpl.manifest
2013-06-19 13:47 - 2013-06-19 13:48 - 00000749 __RAH C:\Windows\System32\sapi.cpl.manifest
2013-06-19 13:47 - 2013-06-19 13:48 - 00000749 __RAH C:\Windows\System32\nwc.cpl.manifest
2013-06-19 13:47 - 2013-06-19 13:48 - 00000749 __RAH C:\Windows\System32\ncpa.cpl.manifest
2013-06-19 13:47 - 2013-06-19 13:48 - 00000749 __RAH C:\Windows\System32\cdplayer.exe.manifest
2013-06-19 13:47 - 2013-06-19 13:47 - 00021740 ____A C:\Windows\System32\emptyregdb.dat
2013-06-19 13:47 - 2013-06-19 13:47 - 00000037 ____A C:\Windows\vbaddin.ini
2013-06-19 13:47 - 2013-06-19 13:47 - 00000036 ____A C:\Windows\vb.ini
2013-06-19 13:47 - 2013-06-19 13:47 - 00000000 ____D C:\Windows\System32\Macromed
2013-06-19 13:47 - 2013-06-19 13:47 - 00000000 ____D C:\Windows\System32\DirectX
2013-06-19 13:47 - 2013-06-19 13:47 - 00000000 ____D C:\Windows\Registration
2013-06-19 13:47 - 2013-06-19 13:47 - 00000000 ____D C:\Windows\PCHealth
2013-06-19 13:47 - 2004-08-04 00:58 - 00192512 ____A (Microsoft Corporation) C:\Windows\System32\msh261.drv
2013-06-19 13:47 - 2004-08-04 00:58 - 00032768 ____A (Microsoft Corporation) C:\Windows\System32\mnmsrvc.exe
2013-06-19 13:47 - 2004-08-04 00:58 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mstinit.exe
2013-06-19 13:47 - 2004-08-04 00:57 - 00678400 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00382464 ____A (Microsoft Corporation) C:\Windows\System32\qmgr.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00282624 ____A (Microsoft Corporation) C:\Windows\System32\inetcfg.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00280064 ____A (Microsoft Corporation) C:\Windows\System32\mstask.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00252928 ____A (Microsoft Corporation) C:\Windows\System32\msoeacct.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00242176 ____A (Microsoft Corporation) C:\Windows\System32\srrstr.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00192000 ____A (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00171008 ____A (Microsoft Corporation) C:\Windows\System32\srsvc.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00105984 ____A (Microsoft Corporation) C:\Windows\System32\msoert2.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00086016 ____A (Microsoft Corporation) C:\Windows\System32\isign32.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\ils.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\icwdial.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\msconf.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\srclient.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\icwphbk.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00045568 ____A (Microsoft Corporation) C:\Windows\System32\safrslv.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\racpldlg.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\safrcdlg.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00034560 ____A (Microsoft Corporation) C:\Windows\System32\mnmdd.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00032768 ____A (Intel Corporation) C:\Windows\System32\isrdbg32.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00029696 ____A (Microsoft Corporation) C:\Windows\System32\safrdm.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00028672 ____A (Microsoft Corporation) C:\Windows\System32\nmmkcert.dll
2013-06-19 13:47 - 2004-08-04 00:57 - 00018944 ____A (Microsoft Corporation) C:\Windows\System32\qmgrprxy.dll
2013-06-19 13:47 - 2004-08-04 00:55 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\inetres.dll
2013-06-19 13:47 - 2004-08-04 00:50 - 00073472 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sr.sys
2013-06-19 13:47 - 2002-08-29 03:43 - 00520192 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wmpvis.dll
2013-06-19 13:47 - 2002-08-29 03:43 - 00163897 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wmmutil.dll
2013-06-19 13:47 - 2002-08-29 03:43 - 00110648 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wmmfilt.dll
2013-06-19 13:47 - 2002-08-29 03:42 - 00331839 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wmmres.dll
2013-06-19 13:47 - 2001-08-18 20:00 - 04399505 ____A C:\Windows\System32\dllcache\nls302en.lex
2013-06-19 13:47 - 2001-08-18 20:00 - 00235520 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mssoap1.dll
2013-06-19 13:47 - 2001-08-18 20:00 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\msg723.acm
2013-06-19 13:47 - 2001-08-18 20:00 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\helphost.exe
2013-06-19 13:47 - 2001-08-18 20:00 - 00094208 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ieinfo5.ocx
2013-06-19 13:47 - 2001-08-18 20:00 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\icwtutor.exe
2013-06-19 13:47 - 2001-08-18 20:00 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\acctres.dll
2013-06-19 13:47 - 2001-08-18 20:00 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\acctres.dll
2013-06-19 13:47 - 2001-08-18 20:00 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\icwres.dll
2013-06-19 13:47 - 2001-08-18 20:00 - 00048680 __ASH C:\Windows\winnt256.bmp
2013-06-19 13:47 - 2001-08-18 20:00 - 00048680 __ASH C:\Windows\winnt.bmp
2013-06-19 13:47 - 2001-08-18 20:00 - 00047104 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\srdiag.exe
2013-06-19 13:47 - 2001-08-18 20:00 - 00040960 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\trialoc.dll
2013-06-19 13:47 - 2001-08-18 20:00 - 00040448 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\msinfo32.exe
2013-06-19 13:47 - 2001-08-18 20:00 - 00035328 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\notiflag.exe
2013-06-19 13:47 - 2001-08-18 20:00 - 00028160 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\msoobe.exe
2013-06-19 13:47 - 2001-08-18 20:00 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wisc10.dll
2013-06-19 13:47 - 2001-08-18 20:00 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mssoapr.dll
2013-06-19 13:47 - 2001-08-18 20:00 - 00021504 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\brpinfo.dll
2013-06-19 13:47 - 2001-08-18 20:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\icfgnt5.dll
2013-06-19 13:47 - 2001-08-18 20:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\isignup.exe
2013-06-19 13:47 - 2001-08-18 20:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\icfgnt5.dll
2013-06-19 13:47 - 2001-08-18 20:00 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\nmevtmsg.dll
2013-06-19 13:47 - 2001-08-18 20:00 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wb32.exe
2013-06-19 13:47 - 2001-08-18 20:00 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\nmevtmsg.dll
2013-06-19 13:47 - 2001-08-18 20:00 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cb32.exe
2013-06-19 13:47 - 2001-08-18 20:00 - 00011264 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\atrace.dll
2013-06-19 13:47 - 2001-08-18 20:00 - 00011264 ____A (Microsoft Corporation) C:\Windows\System32\atrace.dll
2013-06-19 13:47 - 2001-08-18 20:00 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hcappres.dll
2013-06-19 13:47 - 2001-08-18 20:00 - 00000984 ____A C:\Windows\System32\dllcache\srframe.mmf
2013-06-19 13:47 - 2001-08-18 20:00 - 00000002 ____A C:\Windows\System32\desktop.ini
2013-06-19 13:47 - 2001-08-18 20:00 - 00000002 ____A C:\Windows\desktop.ini
2013-06-19 13:46 - 2013-06-19 16:35 - 00000731 ____A C:\Windows\DtcInstall.log
2013-06-19 13:46 - 2013-06-19 16:18 - 00003085 ____A C:\Windows\sessmgr.setup.log
2013-06-19 13:46 - 2013-06-19 16:14 - 00000000 ____D C:\Windows\System32\Com
2013-06-19 13:46 - 2013-06-19 13:46 - 00000000 ____D C:\Windows\System32\MsDtc
2013-06-19 13:46 - 2004-08-04 00:58 - 00346624 ____A (Microsoft Corporation) C:\Windows\System32\mspaint.exe
2013-06-19 13:46 - 2004-08-04 00:58 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\sessmgr.exe
2013-06-19 13:46 - 2004-08-04 00:58 - 00139400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2013-06-19 13:46 - 2004-08-04 00:58 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\sndrec32.exe
2013-06-19 13:46 - 2004-08-04 00:58 - 00124928 ____A (Microsoft Corporation) C:\Windows\System32\mplay32.exe
2013-06-19 13:46 - 2004-08-04 00:58 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-06-19 13:46 - 2004-08-04 00:58 - 00087176 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2013-06-19 13:46 - 2004-08-04 00:58 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\access.cpl
2013-06-19 13:46 - 2004-08-04 00:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\rdshost.exe
2013-06-19 13:46 - 2004-08-04 00:58 - 00062464 ____A (Microsoft Corporation) C:\Windows\System32\rdpclip.exe
2013-06-19 13:46 - 2004-08-04 00:58 - 00040840 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\termdd.sys
2013-06-19 13:46 - 2004-08-04 00:58 - 00021896 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2013-06-19 13:46 - 2004-08-04 00:58 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\qprocess.exe
2013-06-19 13:46 - 2004-08-04 00:58 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\rdsaddin.exe
2013-06-19 13:46 - 2004-08-04 00:58 - 00012040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdpipe.sys
2013-06-19 13:46 - 2004-08-04 00:58 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\msdtc.exe
2013-06-19 13:46 - 2004-08-04 00:57 - 01251840 ____A (Microsoft Corporation) C:\Windows\System32\comsvcs.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 01134592 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00949248 ____A (Microsoft Corporation) C:\Windows\System32\msdtctm.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00628224 ____A (Microsoft Corporation) C:\Windows\System32\catsrvut.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00501248 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00425472 ____A (Microsoft Corporation) C:\Windows\System32\msdtcprx.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00354304 ____A (Hilgraeve, Inc.) C:\Windows\System32\hypertrm.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00297472 ____A (Microsoft Corporation) C:\Windows\System32\termsrv.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\catsrv.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00189440 ____A (Microsoft Corporation) C:\Windows\System32\cmprops.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00188416 ____A (Microsoft Corporation) C:\Windows\System32\accwiz.exe
2013-06-19 13:46 - 2004-08-04 00:57 - 00161280 ____A (Microsoft Corporation) C:\Windows\System32\msdtcuiu.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00147968 ____A (Microsoft Corporation) C:\Windows\System32\rdchost.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00110080 ____A (Microsoft Corporation) C:\Windows\System32\clbcatex.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00104448 ____A (Microsoft Corporation) C:\Windows\System32\clipbrd.exe
2013-06-19 13:46 - 2004-08-04 00:57 - 00094720 ____A (Microsoft Corporation) C:\Windows\System32\tscfgwmi.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00090112 ____A (Microsoft Corporation) C:\Windows\System32\mtxoci.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\catsrvps.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00062464 ____A (Microsoft Corporation) C:\Windows\System32\colbact.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\remotepg.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\msdtclog.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\licwmi.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00056320 ____A (Microsoft Corporation) C:\Windows\System32\servdeps.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\cfgbkend.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\rdpsnd.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00017920 ____A (Microsoft Corporation) C:\Windows\System32\mmfutil.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\xolehlp.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00011264 ____A (Microsoft Corporation) C:\Windows\System32\icaapi.dll
2013-06-19 13:46 - 2004-08-04 00:57 - 00006656 ____A (Microsoft Corporation) C:\Windows\System32\wuauserv.dll
2013-06-19 13:46 - 2004-08-04 00:54 - 00540160 ____A (Microsoft Corporation) C:\Windows\System32\comuid.dll
2013-06-19 13:46 - 2004-08-04 00:38 - 00412672 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-06-19 13:46 - 2004-08-04 00:38 - 00044544 ____A (Microsoft Corporation) C:\Windows\System32\tscupgrd.exe
2013-06-19 13:46 - 2004-08-03 23:01 - 00196864 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpdr.sys
2013-06-19 13:46 - 2004-08-03 22:59 - 00655360 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 02178131 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\shvlres.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 01817687 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\bckgres.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 01175635 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hrtzres.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 01042515 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cmnresm.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00781397 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\chkrres.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00753236 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\rvseres.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00683520 ____A (Microsoft Corporation) C:\Windows\System32\getuname.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00683520 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\getuname.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00273920 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\msiprov.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\avtapi.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\avtapi.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00217160 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cmnclim.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00147456 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\comsnap.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00147456 ____A (Microsoft Corporation) C:\Windows\System32\comsnap.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\sndvol32.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sndvol32.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00128000 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mshearts.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00120320 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\winmine.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00120320 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\dsprov.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00116224 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\updprov.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00114688 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\calc.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00114688 ____A (Microsoft Corporation) C:\Windows\System32\calc.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00113222 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\zoneclim.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00093702 ____A C:\Windows\System32\subrange.uce
2013-06-19 13:46 - 2001-08-18 20:00 - 00082501 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\bckg.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\comrepl.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\comrepl.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00080896 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\charmap.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00080896 ____A (Microsoft Corporation) C:\Windows\System32\charmap.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wmipicmp.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\avwav.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\avwav.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00066113 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\shvl.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00063488 ____A C:\Windows\System32\wmimgmt.msc
2013-06-19 13:46 - 2001-08-18 20:00 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\tmplprov.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wmimsg.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00060458 ____A C:\Windows\System32\ideograf.uce
2013-06-19 13:46 - 2001-08-18 20:00 - 00059904 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wbemdisp.tlb
2013-06-19 13:46 - 2001-08-18 20:00 - 00059904 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\trnsprov.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00057409 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hrtz.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sol.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00055808 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\freecell.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\stclient.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\stclient.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\fwdprov.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wmitimep.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00048706 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\rvse.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00045568 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wmi2xml.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00044544 ____A (Hilgraeve, Inc.) C:\Windows\System32\hticons.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00042577 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\bckgzm.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00042575 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\chkrzm.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00042574 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\rvsezm.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00042573 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\shvlzm.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00042573 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\hrtzzm.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00041029 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\zcorem.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00040960 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\smtpcons.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00040515 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\chkr.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00036937 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\zclientm.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\winchat.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\winchat.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\regini.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\regini.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00032339 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\uniansi.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wbemads.tlb
2013-06-19 13:46 - 2001-08-18 20:00 - 00029760 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\znetm.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00027055 ____A C:\Windows\System32\tslabels.ini
2013-06-19 13:46 - 2001-08-18 20:00 - 00025600 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\comaddin.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00025600 ____A (Microsoft Corporation) C:\Windows\System32\comaddin.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\mtxlegih.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mtxlegih.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00024006 ____A C:\Windows\System32\gb2312.uce
2013-06-19 13:46 - 2001-08-18 20:00 - 00022984 ____A C:\Windows\System32\bopomofo.uce
2013-06-19 13:46 - 2001-08-18 20:00 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\qwinsta.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\msg.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\qwinsta.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\msg.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\mtxdm.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mtxdm.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mtsadmin.tlb
2013-06-19 13:46 - 2001-08-18 20:00 - 00017920 ____A (Microsoft Corporation) C:\Windows\System32\tsshutdn.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00017920 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\winmgmtr.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00017920 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\tsshutdn.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\qappsrv.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\qappsrv.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00016896 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\unsecapp.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00016740 ____A C:\Windows\System32\shiftjis.uce
2013-06-19 13:46 - 2001-08-18 20:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\tskill.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\rwinsta.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\tskill.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\rwinsta.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\avmeter.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\avmeter.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\logoff.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\logoff.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\cdmodem.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\cdmodem.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\tsdiscon.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\tscon.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\shadow.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\tsdiscon.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\tscon.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\shadow.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00013894 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\zonelibm.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\winmgmt.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00013312 ____A (Hilgraeve, Inc.) C:\Windows\System32\dllcache\htrn_jis.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00012876 ____A C:\Windows\System32\korean.uce
2013-06-19 13:46 - 2001-08-18 20:00 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wbemads.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00010240 ____A (Microsoft Corporation) C:\Windows\System32\reset.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00010240 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\reset.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00008484 ____A C:\Windows\System32\kanji_2.uce
2013-06-19 13:46 - 2001-08-18 20:00 - 00006948 ____A C:\Windows\System32\kanji_1.uce
2013-06-19 13:46 - 2001-08-18 20:00 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\write.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\write.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\dcomcnfg.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\comrereg.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\dcomcnfg.exe
2013-06-19 13:46 - 2001-08-18 20:00 - 00004677 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\zeeverm.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00004608 ____A (Microsoft Corporation) C:\Windows\System32\rdpcfgex.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00004608 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\rdpcfgex.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00004096 ____A (Microsoft Corporation) C:\Windows\System32\mtxex.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00004096 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mtxex.dll
2013-06-19 13:46 - 2001-08-18 20:00 - 00003999 ____A C:\Windows\System32\msdtcprf.ini
2013-06-19 13:46 - 2001-08-18 20:00 - 00003286 ____A C:\Windows\System32\tslabels.h
2013-06-19 13:46 - 2001-08-18 20:00 - 00001237 ____A C:\Windows\System32\usrlogon.cmd
2013-06-19 13:46 - 2001-08-18 20:00 - 00000768 ____A C:\Windows\System32\msdtcprf.h
2013-06-19 13:45 - 2013-07-08 13:45 - 00000159 ____A C:\Windows\wiadebug.log
2013-06-19 13:45 - 2013-07-08 13:44 - 00000050 ____A C:\Windows\wiaservc.log
2013-06-19 13:45 - 2013-06-19 13:45 - 00000000 ____A C:\Windows\Sti_Trace.log
2013-06-19 13:45 - 2001-08-17 13:59 - 00003072 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\audstub.sys
2013-06-19 13:44 - 2004-08-04 00:47 - 00607196 ____A (LT) C:\Windows\System32\Drivers\ltmdmnt.sys
2013-06-19 13:44 - 2004-08-04 00:40 - 00057600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\redbook.sys
2013-06-19 13:43 - 2013-06-19 16:35 - 00004649 ____A C:\Windows\ocmsn.log
2013-06-19 13:43 - 2004-08-04 00:57 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\usbui.dll
2013-06-19 13:43 - 2001-08-17 13:46 - 00006400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\enum1394.sys
2013-06-19 13:42 - 2013-07-08 13:57 - 00654217 ____A C:\Windows\setupapi.log
2013-06-19 13:42 - 2013-06-24 16:22 - 00000000 ___RD C:\Programme
2013-06-19 13:42 - 2013-06-19 18:18 - 00004614 ____A C:\Windows\regopt.log
2013-06-19 13:42 - 2013-06-19 16:39 - 00728266 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-19 13:42 - 2013-06-19 16:35 - 00082634 ____A C:\Windows\FaxSetup.log
2013-06-19 13:42 - 2013-06-19 16:35 - 00058162 ____A C:\Windows\ocgen.log
2013-06-19 13:42 - 2013-06-19 16:35 - 00032169 ____A C:\Windows\tsoc.log
2013-06-19 13:42 - 2013-06-19 16:35 - 00032090 ____A C:\Windows\comsetup.log
2013-06-19 13:42 - 2013-06-19 16:35 - 00019764 ____A C:\Windows\ntdtcsetup.log
2013-06-19 13:42 - 2013-06-19 16:35 - 00007467 ____A C:\Windows\iis6.log
2013-06-19 13:42 - 2013-06-19 16:35 - 00004696 ____A C:\Windows\imsins.log
2013-06-19 13:42 - 2013-06-19 16:35 - 00003803 ____A C:\Windows\msgsocm.log
2013-06-19 13:42 - 2013-06-19 16:34 - 00091888 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-19 13:42 - 2013-06-19 16:32 - 00001374 ____A C:\Windows\imsins.BAK
2013-06-19 13:42 - 2013-06-19 14:09 - 00218269 ____A C:\Windows\setupact.log
2013-06-19 13:42 - 2013-06-19 14:09 - 00000427 ____A C:\Windows\setuperr.log
2013-06-19 13:42 - 2013-06-19 13:48 - 00004161 ____A C:\Windows\ODBCINST.INI
2013-06-19 13:42 - 2004-08-04 00:58 - 00070144 ____A (Microsoft Corporation) C:\Windows\notepad.exe
2013-06-19 13:42 - 2004-08-04 00:57 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\storprop.dll
2013-06-19 13:42 - 2004-08-04 00:57 - 00008704 ____A (Microsoft Corporation) C:\Windows\System32\batt.dll
2013-06-19 13:42 - 2004-08-03 23:00 - 00011264 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\irenum.sys
2013-06-19 13:42 - 2003-09-11 08:36 - 00007046 ____A C:\Windows\System32\dllcache\OEMBIOS.CAT
2013-06-19 13:42 - 2002-04-19 18:20 - 00066082 ____A C:\Windows\System32\c_28603.nls
2013-06-19 13:42 - 2001-08-18 20:00 - 01685606 ____A C:\Windows\System32\dllcache\sam.spd
2013-06-19 13:42 - 2001-08-18 20:00 - 00817199 ____A C:\Windows\System32\dllcache\NT5IIS.CAT
2013-06-19 13:42 - 2001-08-18 20:00 - 00774144 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\spttseng.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00643717 ____A C:\Windows\System32\dllcache\ltts1033.lxa
2013-06-19 13:42 - 2001-08-18 20:00 - 00605050 ____A C:\Windows\System32\dllcache\r1033tts.lxa
2013-06-19 13:42 - 2001-08-18 20:00 - 00399645 ____A C:\Windows\System32\dllcache\MAPIMIG.CAT
2013-06-19 13:42 - 2001-08-18 20:00 - 00176157 ____A (Digi International, Inc.) C:\Windows\System32\dllcache\dgrpsetu.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00176157 ____A (Digi International, Inc.) C:\Windows\System32\dgrpsetu.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00127104 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\msvideo.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00109504 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\avifile.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00103936 ____A (Equinox Systems Inc.) C:\Windows\System32\EqnClass.Dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00103936 ____A (Equinox Systems Inc.) C:\Windows\System32\dllcache\eqnclass.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00086556 ____A (Digi International) C:\Windows\System32\dllcache\dgsetup.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00086556 ____A (Digi International) C:\Windows\System32\dgsetup.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00082944 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\olecli.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00077824 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\spcommon.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00073760 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mciavi.drv
2013-06-19 13:42 - 2001-08-18 20:00 - 00070368 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\avicap.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00066594 ____A C:\Windows\System32\c_869.nls
2013-06-19 13:42 - 2001-08-18 20:00 - 00066594 ____A C:\Windows\System32\c_866.nls
2013-06-19 13:42 - 2001-08-18 20:00 - 00066594 ____A C:\Windows\System32\c_857.nls
2013-06-19 13:42 - 2001-08-18 20:00 - 00066594 ____A C:\Windows\System32\c_855.nls
2013-06-19 13:42 - 2001-08-18 20:00 - 00066594 ____A C:\Windows\System32\c_852.nls
2013-06-19 13:42 - 2001-08-18 20:00 - 00066594 ____A C:\Windows\System32\c_737.nls
2013-06-19 13:42 - 2001-08-18 20:00 - 00066082 ____A C:\Windows\System32\c_875.nls
2013-06-19 13:42 - 2001-08-18 20:00 - 00066082 ____A C:\Windows\System32\c_28599.nls
2013-06-19 13:42 - 2001-08-18 20:00 - 00066082 ____A C:\Windows\System32\C_28597.NLS
2013-06-19 13:42 - 2001-08-18 20:00 - 00066082 ____A C:\Windows\System32\C_28595.NLS
2013-06-19 13:42 - 2001-08-18 20:00 - 00066082 ____A C:\Windows\System32\C_28594.NLS
2013-06-19 13:42 - 2001-08-18 20:00 - 00066082 ____A C:\Windows\System32\c_20127.nls
2013-06-19 13:42 - 2001-08-18 20:00 - 00066082 ____A C:\Windows\System32\c_10082.nls
2013-06-19 13:42 - 2001-08-18 20:00 - 00066082 ____A C:\Windows\System32\c_10081.nls
2013-06-19 13:42 - 2001-08-18 20:00 - 00066082 ____A C:\Windows\System32\c_10029.nls
2013-06-19 13:42 - 2001-08-18 20:00 - 00066082 ____A C:\Windows\System32\c_10017.nls
2013-06-19 13:42 - 2001-08-18 20:00 - 00066082 ____A C:\Windows\System32\c_10010.nls
2013-06-19 13:42 - 2001-08-18 20:00 - 00066082 ____A C:\Windows\System32\c_10007.nls
2013-06-19 13:42 - 2001-08-18 20:00 - 00066082 ____A C:\Windows\System32\c_10006.nls
2013-06-19 13:42 - 2001-08-18 20:00 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\spcplui.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00041270 ____A C:\Windows\System32\dllcache\MW770.CAT
2013-06-19 13:42 - 2001-08-18 20:00 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sapisvr.exe
2013-06-19 13:42 - 2001-08-18 20:00 - 00033744 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\commdlg.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00028160 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mciwave.drv
2013-06-19 13:42 - 2001-08-18 20:00 - 00025296 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mciseq.drv
2013-06-19 13:42 - 2001-08-18 20:00 - 00024661 ____A (Perle Systems Ltd.) C:\Windows\System32\spxcoins.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00024661 ____A (Perle Systems Ltd.) C:\Windows\System32\dllcache\spxcoins.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00024064 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\olesvr.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\agt0408.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\agt040e.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\agt041f.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\agt0419.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\agt0415.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\agt0405.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00019200 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\tapi.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00015872 ____A (Microsoft Corporation) C:\Windows\TASKMAN.EXE
2013-06-19 13:42 - 2001-08-18 20:00 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\taskman.exe
2013-06-19 13:42 - 2001-08-18 20:00 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\irclass.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\irclass.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00013600 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\wfwnet.drv
2013-06-19 13:42 - 2001-08-18 20:00 - 00013472 ____A C:\Windows\System32\dllcache\HPCRDP.CAT
2013-06-19 13:42 - 2001-08-18 20:00 - 00009936 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\lzexpand.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00009200 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\ver.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00008574 ____A C:\Windows\System32\dllcache\IASNT4.CAT
2013-06-19 13:42 - 2001-08-18 20:00 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\shell.dll
2013-06-19 13:42 - 2001-08-18 20:00 - 00004048 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\timer.drv
2013-06-19 13:42 - 2001-08-18 20:00 - 00003360 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\system.drv
2013-06-19 13:42 - 2001-08-18 20:00 - 00002951 ____A C:\Windows\System32\CONFIG.TMP
2013-06-19 13:42 - 2001-08-18 20:00 - 00002176 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\vga.drv
2013-06-19 13:42 - 2001-08-18 20:00 - 00002032 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mouse.drv
2013-06-19 13:42 - 2001-08-18 20:00 - 00002000 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\keyboard.drv
2013-06-19 13:42 - 2001-08-18 20:00 - 00001806 ____A C:\Windows\System32\AUTOEXEC.NT
2013-06-19 13:42 - 2001-08-18 20:00 - 00001744 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\sound.drv
2013-06-19 13:42 - 2001-08-18 20:00 - 00001152 ____A (Microsoft Corporation) C:\Windows\System32\dllcache\mmtask.tsk
2013-06-19 13:42 - 2001-08-18 20:00 - 00000888 ____A C:\Windows\System32\dllcache\sam.sdf
2013-06-19 13:41 - 2013-06-19 18:18 - 00001024 ___AH C:\Windows\System32\config\userdiff.LOG
2013-06-19 13:41 - 2013-06-19 13:41 - 00606208 ____A C:\Windows\System32\config\software.sav
2013-06-19 13:41 - 2013-06-19 13:41 - 00401408 ____A C:\Windows\System32\config\system.sav
2013-06-19 13:41 - 2013-06-19 13:41 - 00262144 ____A C:\Windows\System32\config\userdiff
2013-06-19 13:41 - 2013-06-19 13:41 - 00094208 ____A C:\Windows\System32\config\default.sav
2013-06-19 13:41 - 2013-06-19 13:41 - 00001024 ___AH C:\Windows\System32\config\TempKey.LOG
2013-06-19 13:41 - 2013-06-19 13:41 - 00000000 ____D C:\DRV
2013-06-19 13:40 - 2013-07-04 17:29 - 00000000 ____D C:\Windows\system
2013-06-19 13:40 - 2013-06-26 20:03 - 00000000 ____D C:\Windows\twain_32
2013-06-19 13:40 - 2013-06-26 19:59 - 00000000 ____D C:\Windows\System32\ias
2013-06-19 13:40 - 2013-06-19 17:03 - 00000000 ____D C:\Windows\security
2013-06-19 13:40 - 2013-06-19 16:17 - 00000000 ____D C:\Windows\System32\mui
2013-06-19 13:40 - 2013-06-19 16:17 - 00000000 ____D C:\Windows\Media
2013-06-19 13:40 - 2013-06-19 16:17 - 00000000 ____D C:\Windows\ime
2013-06-19 13:40 - 2013-06-19 16:17 - 00000000 ____D C:\Windows\Help
2013-06-19 13:40 - 2013-06-19 16:14 - 00000000 ____D C:\Windows\System32\usmt
2013-06-19 13:40 - 2013-06-19 16:14 - 00000000 ____D C:\Windows\System32\npp
2013-06-19 13:40 - 2013-06-19 16:14 - 00000000 ____D C:\Windows\msagent
2013-06-19 13:40 - 2013-06-19 16:12 - 00000000 ___RD C:\Windows\Web
2013-06-19 13:40 - 2013-06-19 16:12 - 00000000 ____D C:\Windows\System32\1031
2013-06-19 13:40 - 2013-06-19 14:42 - 00000000 ____D C:\Windows\addins
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\wins
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\spool
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\ShellExt
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\ras
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\inetsrv
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\IME
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\icsxml
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\export
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\Drivers\disdn
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\dhcp
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\3com_dmi
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\3076
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\2052
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\1054
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\1042
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\1041
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\1037
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\1033
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\1028
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\1025
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\Resources
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\repair
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\mui
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\Driver Cache
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\Cursors
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\Connection Wizard
2013-06-19 13:33 - 2013-06-19 13:33 - 00000512 __ASH C:\BOOTSECT.DOS
2013-06-19 08:43 - 2006-01-20 21:05 - 04489216 ___RA C:\Windows\EAW Deathstar.scr
2013-06-19 08:43 - 2006-01-20 20:20 - 01028096 ___RA C:\Windows\EAW Vehicles.scr

==================== One Month Modified Files and Folders ========

2013-07-08 13:59 - 2013-07-08 13:59 - 00000000 ____D C:\FRST
2013-07-08 13:57 - 2013-06-19 13:42 - 00654217 ____A C:\Windows\setupapi.log
2013-07-08 13:56 - 2013-06-19 16:34 - 00189571 ____A C:\Windows\WindowsUpdate.log
2013-07-08 13:54 - 2013-06-24 15:10 - 00231344 ____A C:\Windows\System32\Drivers\sfi.dat
2013-07-08 13:50 - 2013-06-24 15:11 - 00000432 ____A C:\Windows\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
2013-07-08 13:45 - 2013-06-24 15:11 - 00000432 ____A C:\Windows\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2013-07-08 13:45 - 2013-06-24 15:11 - 00000432 ____A C:\Windows\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2013-07-08 13:45 - 2013-06-24 15:11 - 00000432 ____A C:\Windows\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
2013-07-08 13:45 - 2013-06-19 13:45 - 00000159 ____A C:\Windows\wiadebug.log
2013-07-08 13:44 - 2013-06-19 13:48 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-08 13:44 - 2013-06-19 13:45 - 00000050 ____A C:\Windows\wiaservc.log
2013-07-08 13:44 - 1980-01-01 00:00 - 00001158 ____A C:\Windows\System32\wpa.dbl
2013-07-04 17:57 - 2013-06-19 13:51 - 00032644 ____A C:\Windows\SchedLgU.Txt
2013-07-04 17:29 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\system
2013-07-04 17:27 - 2013-07-04 17:27 - 00000000 ____D C:\PCWELT
2013-06-26 20:03 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\twain_32
2013-06-26 19:59 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\ias
2013-06-26 19:55 - 2013-06-26 19:55 - 00000000 ___HD C:\CanoScan
2013-06-26 13:14 - 2013-06-26 13:14 - 00000000 ___HD C:\Windows\PIF
2013-06-24 16:22 - 2013-06-19 13:42 - 00000000 ___RD C:\Programme
2013-06-24 16:09 - 2013-06-24 15:56 - 00002716 ____A C:\Windows\System32\Drivers\fvstore.dat
2013-06-24 15:57 - 2013-06-24 15:57 - 00000000 ___HD C:\VTRoot
2013-06-24 15:21 - 2013-06-19 14:42 - 00000000 ____D C:\Windows\System32\FxsTmp
2013-06-24 12:06 - 1980-01-01 00:00 - 00000503 ____A C:\Windows\win.ini
2013-06-24 12:06 - 1980-01-01 00:00 - 00000227 ____A C:\Windows\system.ini
2013-06-24 12:06 - 1980-01-01 00:00 - 00000211 _RASH C:\boot.ini
2013-06-19 19:21 - 2013-06-19 13:47 - 00000000 ____D C:\Windows\System32\Restore
2013-06-19 18:18 - 2013-06-19 13:42 - 00004614 ____A C:\Windows\regopt.log
2013-06-19 18:18 - 2013-06-19 13:41 - 00001024 ___AH C:\Windows\System32\config\userdiff.LOG
2013-06-19 18:06 - 2013-06-19 18:06 - 00262144 ____A C:\Windows\System32\default_user_class.dat
2013-06-19 18:06 - 2013-06-19 18:06 - 00001024 ___AH C:\Windows\System32\default_user_class.dat.LOG
2013-06-19 17:03 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\security
2013-06-19 16:40 - 2013-06-19 13:55 - 00137055 ____A C:\Windows\wmsetup.log
2013-06-19 16:39 - 2013-06-19 13:42 - 00728266 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-19 16:35 - 2013-06-19 16:34 - 00028863 ____A C:\Windows\spupdsvc.log
2013-06-19 16:35 - 2013-06-19 13:55 - 00316640 ____A C:\Windows\WMSysPr9.prx
2013-06-19 16:35 - 2013-06-19 13:46 - 00000731 ____A C:\Windows\DtcInstall.log
2013-06-19 16:35 - 2013-06-19 13:43 - 00004649 ____A C:\Windows\ocmsn.log
2013-06-19 16:35 - 2013-06-19 13:42 - 00082634 ____A C:\Windows\FaxSetup.log
2013-06-19 16:35 - 2013-06-19 13:42 - 00058162 ____A C:\Windows\ocgen.log
2013-06-19 16:35 - 2013-06-19 13:42 - 00032169 ____A C:\Windows\tsoc.log
2013-06-19 16:35 - 2013-06-19 13:42 - 00032090 ____A C:\Windows\comsetup.log
2013-06-19 16:35 - 2013-06-19 13:42 - 00019764 ____A C:\Windows\ntdtcsetup.log
2013-06-19 16:35 - 2013-06-19 13:42 - 00007467 ____A C:\Windows\iis6.log
2013-06-19 16:35 - 2013-06-19 13:42 - 00004696 ____A C:\Windows\imsins.log
2013-06-19 16:35 - 2013-06-19 13:42 - 00003803 ____A C:\Windows\msgsocm.log
2013-06-19 16:34 - 2013-06-19 16:34 - 00000251 ____A C:\Windows\System32\spupdwxp.log
2013-06-19 16:34 - 2013-06-19 13:42 - 00091888 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-19 16:33 - 2013-06-19 15:58 - 00416005 ____A C:\Windows\svcpack.log
2013-06-19 16:32 - 2013-06-19 13:42 - 00001374 ____A C:\Windows\imsins.BAK
2013-06-19 16:18 - 2013-06-19 16:18 - 00000200 ____A C:\Windows\cmsetacl.log
2013-06-19 16:18 - 2013-06-19 13:46 - 00003085 ____A C:\Windows\sessmgr.setup.log
2013-06-19 16:17 - 2013-06-19 16:17 - 00000000 ____D C:\Windows\provisioning
2013-06-19 16:17 - 2013-06-19 16:17 - 00000000 ____D C:\Windows\peernet
2013-06-19 16:17 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\mui
2013-06-19 16:17 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\Media
2013-06-19 16:17 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\ime
2013-06-19 16:17 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\Help
2013-06-19 16:15 - 2013-06-19 16:15 - 00000000 ____D C:\Windows\ServicePackFiles
2013-06-19 16:14 - 2013-06-19 13:47 - 00000000 ____D C:\Windows\srchasst
2013-06-19 16:14 - 2013-06-19 13:46 - 00000000 ____D C:\Windows\System32\Com
2013-06-19 16:14 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\usmt
2013-06-19 16:14 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\npp
2013-06-19 16:14 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\msagent
2013-06-19 16:12 - 2013-06-19 13:40 - 00000000 ___RD C:\Windows\Web
2013-06-19 16:12 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\1031
2013-06-19 16:12 - 1980-01-01 00:00 - 00251184 _RASH C:\ntldr
2013-06-19 16:12 - 1980-01-01 00:00 - 00047564 _RASH C:\NTDETECT.COM
2013-06-19 16:10 - 2013-06-19 16:08 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-06-19 16:10 - 2013-06-19 13:54 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2013-06-19 16:08 - 2013-06-19 16:08 - 00000565 ____A C:\Windows\medctroc.Log
2013-06-19 15:21 - 2013-06-19 15:11 - 00000010 ____A C:\Windows\WININIT.INI
2013-06-19 15:10 - 2013-06-19 15:10 - 00000000 ____D C:\ATI
2013-06-19 14:42 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\addins
2013-06-19 14:40 - 2013-06-19 14:40 - 00000000 ____D C:\Windows\pss
2013-06-19 14:10 - 2013-06-19 14:00 - 00064884 ____A C:\Windows\DirectX.log
2013-06-19 14:09 - 2013-06-19 13:42 - 00218269 ____A C:\Windows\setupact.log
2013-06-19 14:09 - 2013-06-19 13:42 - 00000427 ____A C:\Windows\setuperr.log
2013-06-19 14:08 - 1980-01-01 00:00 - 00002206 ____A C:\Windows\System32\wpa.dbl_old
2013-06-19 14:03 - 2013-06-19 14:03 - 00008192 ____A C:\Windows\REGLOCS.OLD
2013-06-19 14:01 - 2013-06-19 14:01 - 00000061 ____A C:\Windows\smscfg.ini
2013-06-19 13:59 - 2013-06-19 13:58 - 00003091 ____A C:\Windows\System32\jupdate-1.4.2_01-b06.log
2013-06-19 13:57 - 2013-06-19 13:57 - 00000000 ____D C:\Windows\Vbox
2013-06-19 13:57 - 2013-06-19 13:57 - 00000000 ____D C:\Windows\System32\Iosubsys
2013-06-19 13:57 - 2013-06-19 13:56 - 00000000 ____D C:\Program Files\NewTech Infosystems
2013-06-19 13:56 - 2013-06-19 13:56 - 00006912 ____A (NewTech Infosystems, Inc.) C:\Windows\System32\Drivers\NTIDrvr.sys
2013-06-19 13:56 - 2013-06-19 13:56 - 00001024 ___RH C:\Windows\System32\NTICDMK32.dll
2013-06-19 13:56 - 2013-06-19 13:56 - 00000000 ____D C:\Windows\RegisteredPackages
2013-06-19 13:55 - 2013-06-19 13:55 - 00724992 ____A (Indigo Rose Corporation) C:\Windows\iun6002.exe
2013-06-19 13:53 - 2013-06-19 13:53 - 00006922 ____A C:\Windows\KB824146.log
2013-06-19 13:53 - 2013-06-19 13:53 - 00000578 ____A C:\Windows\xpsp1hfm.log
2013-06-19 13:53 - 2013-06-19 13:53 - 00000011 ____A C:\Windows\System32\Drivers\Acer_Aspire T120.MRK
2013-06-19 13:53 - 2013-06-19 13:53 - 00000000 ___HD C:\Windows\$NtUninstallQ816509$
2013-06-19 13:53 - 2013-06-19 13:53 - 00000000 ___HD C:\Windows\$NtUninstallKB824146$
2013-06-19 13:53 - 2013-06-19 13:52 - 00005739 ____A C:\Windows\Q816509.log
2013-06-19 13:53 - 2013-06-19 13:48 - 00025065 ____A C:\Windows\System32\wmpscheme.xml
2013-06-19 13:52 - 2013-06-19 13:52 - 00005616 ____A C:\Windows\Q327979.log
2013-06-19 13:52 - 2013-06-19 13:52 - 00000000 ___HD C:\Windows\$NtUninstallQ327979$
2013-06-19 13:49 - 2013-06-19 13:49 - 00000000 ____D C:\Windows\System32\xircom
2013-06-19 13:49 - 2013-06-19 13:48 - 00002951 ____A C:\Windows\System32\CONFIG.NT
2013-06-19 13:49 - 2013-06-19 13:48 - 00000000 _RASH C:\MSDOS.SYS
2013-06-19 13:49 - 2013-06-19 13:48 - 00000000 _RASH C:\IO.SYS
2013-06-19 13:49 - 2013-06-19 13:48 - 00000000 ____A C:\Windows\control.ini
2013-06-19 13:49 - 2013-06-19 13:48 - 00000000 ____A C:\CONFIG.SYS
2013-06-19 13:49 - 2013-06-19 13:48 - 00000000 ____A C:\AUTOEXEC.BAT
2013-06-19 13:48 - 2013-06-19 13:48 - 00299552 ____A C:\Windows\WMSysPrx.prx
2013-06-19 13:48 - 2013-06-19 13:48 - 00023392 ____A C:\Windows\System32\nscompat.tlb
2013-06-19 13:48 - 2013-06-19 13:48 - 00016832 ____A C:\Windows\System32\amcompat.tlb
2013-06-19 13:48 - 2013-06-19 13:48 - 00000488 __RAH C:\Windows\System32\WindowsLogon.manifest
2013-06-19 13:48 - 2013-06-19 13:48 - 00000488 __RAH C:\Windows\System32\logonui.exe.manifest
2013-06-19 13:48 - 2013-06-19 13:48 - 00000280 ____A C:\Windows\Windows Update.log
2013-06-19 13:48 - 2013-06-19 13:48 - 00000000 ___RD C:\Windows\Offline Web Pages
2013-06-19 13:48 - 2013-06-19 13:47 - 00000749 __RAH C:\Windows\WindowsShell.Manifest
2013-06-19 13:48 - 2013-06-19 13:47 - 00000749 __RAH C:\Windows\System32\wuaucpl.cpl.manifest
2013-06-19 13:48 - 2013-06-19 13:47 - 00000749 __RAH C:\Windows\System32\sapi.cpl.manifest
2013-06-19 13:48 - 2013-06-19 13:47 - 00000749 __RAH C:\Windows\System32\nwc.cpl.manifest
2013-06-19 13:48 - 2013-06-19 13:47 - 00000749 __RAH C:\Windows\System32\ncpa.cpl.manifest
2013-06-19 13:48 - 2013-06-19 13:47 - 00000749 __RAH C:\Windows\System32\cdplayer.exe.manifest
2013-06-19 13:48 - 2013-06-19 13:42 - 00004161 ____A C:\Windows\ODBCINST.INI
2013-06-19 13:47 - 2013-06-19 13:47 - 00021740 ____A C:\Windows\System32\emptyregdb.dat
2013-06-19 13:47 - 2013-06-19 13:47 - 00000037 ____A C:\Windows\vbaddin.ini
2013-06-19 13:47 - 2013-06-19 13:47 - 00000036 ____A C:\Windows\vb.ini
2013-06-19 13:47 - 2013-06-19 13:47 - 00000000 ____D C:\Windows\System32\Macromed
2013-06-19 13:47 - 2013-06-19 13:47 - 00000000 ____D C:\Windows\System32\DirectX
2013-06-19 13:47 - 2013-06-19 13:47 - 00000000 ____D C:\Windows\Registration
2013-06-19 13:47 - 2013-06-19 13:47 - 00000000 ____D C:\Windows\PCHealth
2013-06-19 13:46 - 2013-06-19 13:46 - 00000000 ____D C:\Windows\System32\MsDtc
2013-06-19 13:45 - 2013-06-19 13:45 - 00000000 ____A C:\Windows\Sti_Trace.log
2013-06-19 13:41 - 2013-06-19 13:41 - 00606208 ____A C:\Windows\System32\config\software.sav
2013-06-19 13:41 - 2013-06-19 13:41 - 00401408 ____A C:\Windows\System32\config\system.sav
2013-06-19 13:41 - 2013-06-19 13:41 - 00262144 ____A C:\Windows\System32\config\userdiff
2013-06-19 13:41 - 2013-06-19 13:41 - 00094208 ____A C:\Windows\System32\config\default.sav
2013-06-19 13:41 - 2013-06-19 13:41 - 00001024 ___AH C:\Windows\System32\config\TempKey.LOG
2013-06-19 13:41 - 2013-06-19 13:41 - 00000000 ____D C:\DRV
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\wins
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\spool
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\ShellExt
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\ras
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\inetsrv
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\IME
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\icsxml
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\export
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\Drivers\disdn
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\dhcp
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\3com_dmi
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\3076
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\2052
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\1054
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\1042
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\1041
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\1037
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\1033
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\1028
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\System32\1025
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\Resources
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\repair
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\mui
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\Driver Cache
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\Cursors
2013-06-19 13:40 - 2013-06-19 13:40 - 00000000 ____D C:\Windows\Connection Wizard
2013-06-19 13:33 - 2013-06-19 13:33 - 00000512 __ASH C:\BOOTSECT.DOS
2013-06-18 17:16 - 2013-04-25 11:05 - 00099520 ____A (COMODO) C:\Windows\System32\Drivers\inspect.sys
2013-06-18 17:16 - 2013-04-15 18:39 - 00593408 ____A (COMODO) C:\Windows\System32\Drivers\cmdGuard.sys
2013-06-18 17:16 - 2013-04-15 18:39 - 00032816 ____A (COMODO) C:\Windows\System32\Drivers\cmdhlp.sys
2013-06-18 17:16 - 2013-04-15 18:39 - 00018528 ____A (COMODO) C:\Windows\System32\Drivers\cmderd.sys
2013-06-18 17:15 - 2013-04-23 15:04 - 00348584 ____A (COMODO) C:\Windows\System32\guard32.dll
2013-06-18 17:15 - 2013-04-15 18:38 - 00278232 ____A (COMODO) C:\Windows\System32\cmdvrt32.dll
2013-06-18 17:15 - 2013-04-15 18:38 - 00040664 ____A (COMODO) C:\Windows\System32\cmdkbd32.dll
2013-06-18 17:15 - 2013-04-15 18:38 - 00035488 ____A (COMODO) C:\Windows\System32\cmdcsr.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[1980-01-01 00:00] - [2004-08-04 00:57] - 1035264 ____A (Microsoft Corporation) 

C:\Windows\System32\winlogon.exe
[1980-01-01 00:00] - [2004-08-04 00:58] - 0507392 ____A (Microsoft Corporation) 

C:\Windows\System32\svchost.exe
[1980-01-01 00:00] - [2004-08-04 00:58] - 0014336 ____A (Microsoft Corporation) 

C:\Windows\System32\services.exe
[1980-01-01 00:00] - [2004-08-04 00:58] - 0108544 ____A (Microsoft Corporation) 

C:\Windows\System32\User32.dll
[1980-01-01 00:00] - [2004-08-04 00:57] - 0578560 ____A (Microsoft Corporation) 

C:\Windows\System32\userinit.exe
[1980-01-01 00:00] - [2004-08-04 00:58] - 0025088 ____A (Microsoft Corporation) 

C:\Windows\System32\Drivers\volsnap.sys
[1980-01-01 00:00] - [2004-08-04 00:44] - 0053760 ____A (Microsoft Corporation) 


==================== End Of Log ============================
--- --- ---

--- --- ---


PS. es heisst es wäre wieder zu lang... Addition-Log kommt gleich
__________________
Alt 08.07.2013, 13:25   #4
Loki51
 
Nach Formatierung noch Malware vorhanden? - Standard

Nach Formatierung noch Malware vorhanden?


so, hier nun der Rest

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-07-2013
Ran by Antonio at 2013-07-08 14:00:31
Running from C:\Dokumente und Einstellungen\Antonio\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

7-Zip 9.20
ATI Display Driver (Version: 7.92-030719a-010359C-AMI)
Canon CanoScan Toolbox 4.1
ClearProg 1.6.0 Final (Version: 1.6.0 Final)
COMODO Internet Security Premium (Version: 6.1.14723.2813)
ESET Online Scanner v3
GeekBuddy (Version: 4.7.55)
Generic USB Card Reader Driver v1.9e3
HD Tune 2.55
IrfanView (remove only) (Version: 4.35)
Kaspersky Security Scan (Version: 12.0.1.340)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
MyDefrag v4.3.1 (Version: 4.0.0.0)
NTI CD &  DVD-Maker (Version: 6.5)
NTI CD & DVD-Maker 6.5 Gold  (Version: 6.5)
Opera 12.15 (Version: 12.15.1748)
PDFCreator (Version: 1.7.0)
PDF-Viewer (Version: 2.5.211.0)
PowerDVD
Realtek AC'97 Audio
Secure Eraser (Version: 4.2.0.1)
VLC media player 2.0.7 (Version: 2.0.7)
WebFldrs XP (Version: 9.50.6513)
Windows XP Service Pack 2 (Version: 20040803.231317)

==================== Restore Points  =========================

Could not list Restore Points.


==================== Hosts content: ==========================

1980-01-01 00:00 - 2013-06-25 18:03 - 00000736 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
  

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job => E:\Programme\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job => E:\Programme\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job => E:\Programme\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job => E:\Programme\COMODO\COMODO Internet Security\cfpconfg.exe

==================== Faulty Device Manager Devices =============

Could not list Devices.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/26/2013 08:38:06 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung setup.exe, Version 11.0.1.36, fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000047.
Das medienspezifische Ereignis für [setup.exe!ws!] wird verarbeitet.

Error: (06/24/2013 04:08:06 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung setup.exe, Version 11.0.1.36, fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000047.
Das medienspezifische Ereignis für [setup.exe!ws!] wird verarbeitet.

Error: (06/24/2013 04:01:28 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung setup.exe, Version 11.0.1.36, fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000047.
Das medienspezifische Ereignis für [setup.exe!ws!] wird verarbeitet.

Error: (06/24/2013 03:34:58 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung setup.exe, Version 11.0.1.36, fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000047.
Das medienspezifische Ereignis für [setup.exe!ws!] wird verarbeitet.

Error: (06/19/2013 06:18:24 PM) (Source: Userenv) (User: TONYPC)
Description: Das Profil konnte nicht erfolgreich geladen werden, aber Sie wurden mit dem standardmäßigen Profil für das System angemeldet. 


Details - Das System kann die angegebene Datei nicht finden.

Error: (06/19/2013 03:45:37 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80040206.

Error: (06/19/2013 03:45:37 PM) (Source: EventSystem) (User: )
Description: Das COM+-Ereignissystem hat einen ungültigen Rückgabecode während der internen Verarbeitung erkannt. HRESULT war 8007043C von Zeile 44 von d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp. Wenden Sie sich an den Microsoft-Produktsupport.

Error: (06/19/2013 03:22:19 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80040206.

Error: (06/19/2013 03:22:19 PM) (Source: EventSystem) (User: )
Description: Das COM+-Ereignissystem hat einen ungültigen Rückgabecode während der internen Verarbeitung erkannt. HRESULT war 8007043C von Zeile 44 von d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp. Wenden Sie sich an den Microsoft-Produktsupport.

Error: (06/19/2013 03:20:20 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80040206.


System errors:
=============
Error: (07/08/2013 01:58:39 PM) (Source: 0) (User: )
Description: \Device\Harddisk2\D

Error: (07/08/2013 01:58:38 PM) (Source: 0) (User: )
Description: \Device\Harddisk2\D

Error: (07/08/2013 01:58:21 PM) (Source: 0) (User: )
Description: \Device\Harddisk2\D

Error: (07/08/2013 01:58:20 PM) (Source: 0) (User: )
Description: \Device\Harddisk2\D

Error: (07/08/2013 01:45:55 PM) (Source: Windows Update Agent) (User: )
Description: Verbindung kann nicht hergestellt werden: Die Verbindung mit dem Dienst für automatische Updates konnte nicht hergestellt werden, so dass keine Updates zum angegebenen Zeitplan übertragen und installiert werden können. Es wird weiterhin versucht, eine Verbindung herzustellen.

Error: (07/08/2013 01:44:56 PM) (Source: BITS) (User: )
Description: Die BITS-Auftragsliste hat ein unzulässiges Format. Möglicherweise wurde die Liste mit einer anderen BITS-Version erstellt. Die Auftragsliste wurde gelöscht.

Error: (07/04/2013 05:07:07 PM) (Source: BITS) (User: )
Description: Die BITS-Auftragsliste hat ein unzulässiges Format. Möglicherweise wurde die Liste mit einer anderen BITS-Version erstellt. Die Auftragsliste wurde gelöscht.

Error: (07/03/2013 08:41:24 PM) (Source: BITS) (User: )
Description: Die BITS-Auftragsliste hat ein unzulässiges Format. Möglicherweise wurde die Liste mit einer anderen BITS-Version erstellt. Die Auftragsliste wurde gelöscht.

Error: (07/02/2013 05:07:06 PM) (Source: BITS) (User: )
Description: Die BITS-Auftragsliste hat ein unzulässiges Format. Möglicherweise wurde die Liste mit einer anderen BITS-Version erstellt. Die Auftragsliste wurde gelöscht.

Error: (07/01/2013 05:03:53 PM) (Source: BITS) (User: )
Description: Die BITS-Auftragsliste hat ein unzulässiges Format. Möglicherweise wurde die Liste mit einer anderen BITS-Version erstellt. Die Auftragsliste wurde gelöscht.


Microsoft Office Sessions:
=========================
Error: (06/26/2013 08:38:06 PM) (Source: Application Error)(User: )
Description: setup.exe11.0.1.36unknown0.0.0.000000047

Error: (06/24/2013 04:08:06 PM) (Source: Application Error)(User: )
Description: setup.exe11.0.1.36unknown0.0.0.000000047

Error: (06/24/2013 04:01:28 PM) (Source: Application Error)(User: )
Description: setup.exe11.0.1.36unknown0.0.0.000000047

Error: (06/24/2013 03:34:58 PM) (Source: Application Error)(User: )
Description: setup.exe11.0.1.36unknown0.0.0.000000047

Error: (06/19/2013 06:18:24 PM) (Source: Userenv)(User: TONYPC)
Description: Das System kann die angegebene Datei nicht finden.

Error: (06/19/2013 03:45:37 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80040206

Error: (06/19/2013 03:45:37 PM) (Source: EventSystem)(User: )
Description: d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (06/19/2013 03:22:19 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80040206

Error: (06/19/2013 03:22:19 PM) (Source: EventSystem)(User: )
Description: d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (06/19/2013 03:20:20 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80040206


==================== Memory info =========================== 

Percentage of memory in use: 46%
Total physical RAM: 511.48 MB
Available physical RAM: 275.47 MB
Total Pagefile: 1634.17 MB
Available Pagefile: 1247.85 MB
Total Virtual: 2047.88 MB
Available Virtual: 1968.3 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:12.16 GB) (Free:7.68 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (Games) (Fixed) (Total:25.1 GB) (Free:2.93 GB) NTFS
Drive e: (Programme) (Fixed) (Total:6.55 GB) (Free:0.71 GB) NTFS
Drive f: (Auslagerungsdatei) (Fixed) (Total:1.32 GB) (Free:0.18 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 37 GB) (Disk ID: C031C031)
Partition 1: (Active) - (Size=12 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=25 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 8 GB) (Disk ID: FDD3FDD3)
Partition 1: (Not Active) - (Size=7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1 GB) - (Type=05)

==================== End Of Log ============================

Alt 08.07.2013, 18:09   #5
schrauber
/// the machine
/// TB-Ausbilder
 
Nach Formatierung noch Malware vorhanden? - Standard

Nach Formatierung noch Malware vorhanden?


Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.




Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool

Setze einen Haken bei folgenden Einträgen
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset IE Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
  • List Minidump Files
Klicke Go und poste den Inhalt der Result.txt.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.07.2013, 20:30   #6
Loki51
 
Nach Formatierung noch Malware vorhanden? - Standard

Nach Formatierung noch Malware vorhanden?


Farbar und MiniToolBox

Code:
ATTFilter
Farbar Service Scanner Version: 08-07-2013
Ran by Antonio (administrator) on 08-07-2013 at 20:38:47
Running from "C:\Dokumente und Einstellungen\Antonio\Desktop"
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy: 
========================


Security Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Demand. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[1980-01-01 00:00] - [2004-08-04 00:57] - 0111616 ____A (Microsoft Corporation) 69F986B2688BA95A0D9362B0E233D5FF

C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys
[1980-01-01 00:00] - [2004-08-03 23:14] - 0162816 ____A (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

C:\WINDOWS\system32\Drivers\tcpip.sys
[1980-01-01 00:00] - [2004-08-03 23:14] - 0359040 ____A (Microsoft Corporation) 9F4B36614A0FC234525BA224957DE55C

C:\WINDOWS\system32\Drivers\ipsec.sys
[1980-01-01 00:00] - [2004-08-03 23:14] - 0074752 ____A (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1

C:\WINDOWS\system32\dnsrslvr.dll
[1980-01-01 00:00] - [2004-08-04 00:57] - 0045568 ____A (Microsoft Corporation) D1F5B71BBAEEE07B78980DBD878C0BC7

C:\WINDOWS\system32\ipnathlp.dll
[1980-01-01 00:00] - [2004-08-04 00:57] - 0334336 ____A (Microsoft Corporation) 9245420422E409A25C1410ACB4244060

C:\WINDOWS\system32\netman.dll
[1980-01-01 00:00] - [2004-08-04 00:57] - 0198144 ____A (Microsoft Corporation) CDF4DA6B518105343FE9E8AFBBF8FBF4

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2013-06-19 13:46] - [2004-08-04 00:57] - 0145408 ____A (Microsoft Corporation) DA2DADB42916E59C6E4BBA593BCCDA73

C:\WINDOWS\system32\srsvc.dll
[2013-06-19 13:47] - [2004-08-04 00:57] - 0171008 ____A (Microsoft Corporation) 015F302C4CF961F20C3F98F3A7CA7917

C:\WINDOWS\system32\Drivers\sr.sys
[2013-06-19 13:47] - [2004-08-04 00:50] - 0073472 ____A (Microsoft Corporation) E4200CB2F418D8FC4ACDD7E38C419D6A

C:\WINDOWS\system32\wscsvc.dll
[2013-06-19 16:17] - [2004-08-04 00:57] - 0081408 ____N (Microsoft Corporation) BD3561AAE748150CF51C2CA876449EA7

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2013-06-19 13:46] - [2004-08-04 00:57] - 0145408 ____A (Microsoft Corporation) DA2DADB42916E59C6E4BBA593BCCDA73

C:\WINDOWS\system32\wuauserv.dll
[2013-06-19 13:46] - [2004-08-04 00:57] - 0006656 ____A (Microsoft Corporation) 1EDDD5C0ECF3FA6EDFD8A25B2B4E7DF6

C:\WINDOWS\system32\qmgr.dll
[2013-06-19 13:47] - [2004-08-04 00:57] - 0382464 ____A (Microsoft Corporation) 3A5E54A9AB96EF2D273B58136FB58EFE

C:\WINDOWS\system32\es.dll
[1980-01-01 00:00] - [2004-08-04 00:57] - 0243200 ____A (Microsoft Corporation) 4E1A8645EE77CB9454FFE53C59620A25

C:\WINDOWS\system32\cryptsvc.dll
[1980-01-01 00:00] - [2004-08-04 00:57] - 0060416 ____A (Microsoft Corporation) 1A5F9DB98DF7955B4C7CBDBF2C638238

C:\WINDOWS\system32\svchost.exe
[1980-01-01 00:00] - [2004-08-04 00:58] - 0014336 ____A (Microsoft Corporation) 65A819B121EB6FDAB4400EA42BDFFE64

C:\WINDOWS\system32\rpcss.dll
[2013-06-19 13:53] - [2004-08-04 00:57] - 0395776 ____A (Microsoft Corporation) 9F28FF58D6D67B123272869D89D14004

C:\WINDOWS\system32\services.exe
[1980-01-01 00:00] - [2004-08-04 00:58] - 0108544 ____A (Microsoft Corporation) EDB6B81761BD60F32F740BBC40AFB676


Extra List:
=======
cmdHlp(9) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3) 
0x080000000400000001000000020000000300000009000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****

Code:
ATTFilter
MiniToolBox by Farbar  Version: 16-06-2013
Ran by Antonio (administrator) on 08-07-2013 at 20:42:35
Running from "C:\Dokumente und Einstellungen\Antonio\Desktop"
Microsoft Windows XP Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows-IP-Konfiguration



Der DNS-Auflösungscache wurde geleert.


========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

  
127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek RTL8139/810x Family Fast Ethernet NIC = LAN-Verbindung (Connected)
1394-Netzwerkadapter = 1394-Verbindung (Connected)


# ---------------------------------- 
# Schnittstellen-IP-Konfiguration
# ---------------------------------- 
pushd interface ip


# Schnittstellen-IP-Konfiguration fr ""LAN-Verbindung""

set address name="LAN-Verbindung" source=dhcp 
set dns name="LAN-Verbindung" source=dhcp register=PRIMARY
set wins name="LAN-Verbindung" source=dhcp


popd
# Ende der Schnittstellen-IP-Konfiguration




Windows-IP-Konfiguration



        Hostname. . . . . . . . . . . . . : TONYPC

        Primäres DNS-Suffix . . . . . . . : 

        Knotentyp . . . . . . . . . . . . : Unbekannt

        IP-Routing aktiviert. . . . . . . : Nein

        WINS-Proxy aktiviert. . . . . . . : Nein



Ethernetadapter LAN-Verbindung:



        Verbindungsspezifisches DNS-Suffix: 

        Beschreibung. . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

        Physikalische Adresse . . . . . . : 00-0D-87-7D-82-C6

        DHCP aktiviert. . . . . . . . . . : Ja

        Autokonfiguration aktiviert . . . : Ja

        IP-Adresse. . . . . . . . . . . . : 192.168.0.14

        Subnetzmaske. . . . . . . . . . . : 255.255.255.0

        Standardgateway . . . . . . . . . : 192.168.0.1

        DHCP-Server . . . . . . . . . . . : 192.168.0.1

        DNS-Server. . . . . . . . . . . . : 62.2.17.60

                                            62.2.24.162

                                            62.2.17.61

                                            62.2.24.158

        Lease erhalten. . . . . . . . . . : Montag, 8. Juli 2013 20:40:36

        Lease läuft ab. . . . . . . . . . : Donnerstag, 11. Juli 2013 00:27:16

Server:  ns10.cablecom.net
Address:  62.2.17.60

Name:    google.com
Addresses:  173.194.35.37, 173.194.35.40, 173.194.35.41, 173.194.35.38
	  173.194.35.35, 173.194.35.46, 173.194.35.32, 173.194.35.39, 173.194.35.33
	  173.194.35.34, 173.194.35.36



Ping google.com [173.194.35.40] mit 32 Bytes Daten:



Antwort von 173.194.35.40: Bytes=32 Zeit=24ms TTL=53

Antwort von 173.194.35.40: Bytes=32 Zeit=24ms TTL=53



Ping-Statistik fr 173.194.35.40:

    Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0 (0% Verlust),

Ca. Zeitangaben in Millisek.:

    Minimum = 24ms, Maximum = 24ms, Mittelwert = 24ms

Server:  ns10.cablecom.net
Address:  62.2.17.60

Name:    yahoo.com
Addresses:  206.190.36.45, 98.138.253.109, 98.139.183.24



Ping yahoo.com [206.190.36.45] mit 32 Bytes Daten:



Antwort von 206.190.36.45: Bytes=32 Zeit=188ms TTL=47

Antwort von 206.190.36.45: Bytes=32 Zeit=189ms TTL=47



Ping-Statistik fr 206.190.36.45:

    Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0 (0% Verlust),

Ca. Zeitangaben in Millisek.:

    Minimum = 188ms, Maximum = 189ms, Mittelwert = 188ms



Ping wird ausgefhrt fr 127.0.0.1 mit 32 Bytes Daten:



Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128

Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128



Ping-Statistik fr 127.0.0.1:

    Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0 (0% Verlust),

Ca. Zeitangaben in Millisek.:

    Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms

===========================================================================
Schnittstellenliste
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0d 87 7d 82 c6 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Paketplaner-Miniport
===========================================================================
===========================================================================
Aktive Routen:
     Netzwerkziel    Netzwerkmaske          Gateway   Schnittstelle  Anzahl
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.14	  20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1	  1
      192.168.0.0    255.255.255.0     192.168.0.14    192.168.0.14	  20
     192.168.0.14  255.255.255.255        127.0.0.1       127.0.0.1	  20
    192.168.0.255  255.255.255.255     192.168.0.14    192.168.0.14	  20
        224.0.0.0        240.0.0.0     192.168.0.14    192.168.0.14	  20
  255.255.255.255  255.255.255.255     192.168.0.14    192.168.0.14	  1
Standardgateway:       192.168.0.1
===========================================================================
St„ndige Routen:
  Keine
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\system32\nwprovau.dll [148480] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\mswsock.dll [247296] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/26/2013 08:38:06 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung setup.exe, Version 11.0.1.36, fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000047.
Das medienspezifische Ereignis für [setup.exe!ws!] wird verarbeitet.

Error: (06/24/2013 04:08:06 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung setup.exe, Version 11.0.1.36, fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000047.
Das medienspezifische Ereignis für [setup.exe!ws!] wird verarbeitet.

Error: (06/24/2013 04:01:28 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung setup.exe, Version 11.0.1.36, fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000047.
Das medienspezifische Ereignis für [setup.exe!ws!] wird verarbeitet.

Error: (06/24/2013 03:34:58 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung setup.exe, Version 11.0.1.36, fehlgeschlagenes Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000047.
Das medienspezifische Ereignis für [setup.exe!ws!] wird verarbeitet.

Error: (06/19/2013 06:18:24 PM) (Source: Userenv) (User: TONYPC)
Description: Das Profil konnte nicht erfolgreich geladen werden, aber Sie wurden mit dem standardmäßigen Profil für das System angemeldet. 


Details - Das System kann die angegebene Datei nicht finden.

Error: (06/19/2013 03:45:37 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80040206.

Error: (06/19/2013 03:45:37 PM) (Source: EventSystem) (User: )
Description: Das COM+-Ereignissystem hat einen ungültigen Rückgabecode während der internen Verarbeitung erkannt. HRESULT war 8007043C von Zeile 44 von d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp. Wenden Sie sich an den Microsoft-Produktsupport.

Error: (06/19/2013 03:22:19 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80040206.

Error: (06/19/2013 03:22:19 PM) (Source: EventSystem) (User: )
Description: Das COM+-Ereignissystem hat einen ungültigen Rückgabecode während der internen Verarbeitung erkannt. HRESULT war 8007043C von Zeile 44 von d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp. Wenden Sie sich an den Microsoft-Produktsupport.

Error: (06/19/2013 03:20:20 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80040206.


System errors:
=============
Error: (07/08/2013 08:40:45 PM) (Source: BITS) (User: )
Description: Die BITS-Auftragsliste hat ein unzulässiges Format. Möglicherweise wurde die Liste mit einer anderen BITS-Version erstellt. Die Auftragsliste wurde gelöscht.

Error: (07/08/2013 08:37:09 PM) (Source: BITS) (User: )
Description: Die BITS-Auftragsliste hat ein unzulässiges Format. Möglicherweise wurde die Liste mit einer anderen BITS-Version erstellt. Die Auftragsliste wurde gelöscht.

Error: (07/08/2013 08:11:41 PM) (Source: BITS) (User: )
Description: Die BITS-Auftragsliste hat ein unzulässiges Format. Möglicherweise wurde die Liste mit einer anderen BITS-Version erstellt. Die Auftragsliste wurde gelöscht.

Error: (07/08/2013 08:08:01 PM) (Source: 0) (User: )
Description: \Device\Harddisk2\D

Error: (07/08/2013 08:08:00 PM) (Source: 0) (User: )
Description: \Device\Harddisk2\D

Error: (07/08/2013 08:05:08 PM) (Source: BITS) (User: )
Description: Die BITS-Auftragsliste hat ein unzulässiges Format. Möglicherweise wurde die Liste mit einer anderen BITS-Version erstellt. Die Auftragsliste wurde gelöscht.

Error: (07/08/2013 01:58:39 PM) (Source: 0) (User: )
Description: \Device\Harddisk2\D

Error: (07/08/2013 01:58:38 PM) (Source: 0) (User: )
Description: \Device\Harddisk2\D

Error: (07/08/2013 01:58:21 PM) (Source: 0) (User: )
Description: \Device\Harddisk2\D

Error: (07/08/2013 01:58:20 PM) (Source: 0) (User: )
Description: \Device\Harddisk2\D


Microsoft Office Sessions:
=========================
Error: (06/26/2013 08:38:06 PM) (Source: Application Error)(User: )
Description: setup.exe11.0.1.36unknown0.0.0.000000047

Error: (06/24/2013 04:08:06 PM) (Source: Application Error)(User: )
Description: setup.exe11.0.1.36unknown0.0.0.000000047

Error: (06/24/2013 04:01:28 PM) (Source: Application Error)(User: )
Description: setup.exe11.0.1.36unknown0.0.0.000000047

Error: (06/24/2013 03:34:58 PM) (Source: Application Error)(User: )
Description: setup.exe11.0.1.36unknown0.0.0.000000047

Error: (06/19/2013 06:18:24 PM) (Source: Userenv)(User: TONYPC)
Description: Das System kann die angegebene Datei nicht finden.

Error: (06/19/2013 03:45:37 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80040206

Error: (06/19/2013 03:45:37 PM) (Source: EventSystem)(User: )
Description: d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (06/19/2013 03:22:19 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80040206

Error: (06/19/2013 03:22:19 PM) (Source: EventSystem)(User: )
Description: d:\nt\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (06/19/2013 03:20:20 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x80040206


=========================== Installed Programs ============================

7-Zip 9.20
ATI Display Driver (Version: 7.92-030719a-010359C-AMI)
Canon CanoScan Toolbox 4.1
ClearProg 1.6.0 Final (Version: 1.6.0 Final)
COMODO Internet Security Premium (Version: 6.1.14723.2813)
ESET Online Scanner v3
GeekBuddy (Version: 4.7.55)
Generic USB Card Reader Driver v1.9e3
HD Tune 2.55
IrfanView (remove only) (Version: 4.35)
Kaspersky Security Scan (Version: 12.0.1.340)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
MyDefrag v4.3.1 (Version: 4.0.0.0)
NTI CD &  DVD-Maker (Version: 6.5)
NTI CD & DVD-Maker 6.5 Gold  (Version: 6.5)
Opera 12.15 (Version: 12.15.1748)
PDFCreator (Version: 1.7.0)
PDF-Viewer (Version: 2.5.211.0)
PowerDVD
Realtek AC'97 Audio
Secure Eraser (Version: 4.2.0.1)
VLC media player 2.0.7 (Version: 2.0.7)
WebFldrs XP (Version: 9.50.6513)
Windows XP Service Pack 2 (Version: 20040803.231317)

========================= Memory info: ===================================

Percentage of memory in use: 75%
Total physical RAM: 511.48 MB
Available physical RAM: 123.65 MB
Total Pagefile: 1634.17 MB
Available Pagefile: 1221.68 MB
Total Virtual: 2047.88 MB
Available Virtual: 1977.78 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:12.16 GB) (Free:7.67 GB) NTFS
3 Drive d: (Games) (Fixed) (Total:25.1 GB) (Free:2.93 GB) NTFS
4 Drive e: (Programme) (Fixed) (Total:6.55 GB) (Free:0.71 GB) NTFS
5 Drive f: (Auslagerungsdatei) (Fixed) (Total:1.32 GB) (Free:0.18 GB) NTFS

========================= Users: ========================================

Benutzerkonten fr \\TONYPC

Admin                    Administrator            Antonio                  
Gast                     Hilfeassistent           SUPPORT_388945a0         
Der Befehl wurde erfolgreich ausgefhrt.

========================= Minidump Files ==================================

No minidump file found


**** End of log ****

Alt 08.07.2013, 21:32   #7
schrauber
/// the machine
/// TB-Ausbilder
 
Nach Formatierung noch Malware vorhanden? - Standard

Nach Formatierung noch Malware vorhanden?


Windows Repair (All In One) - Download - Filepony

Laden und installieren, alle Schritte machen, am Schluss alle Boxen anhaken und laufen lassen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.07.2013, 20:35   #8
Loki51
 
Nach Formatierung noch Malware vorhanden? - Standard

Nach Formatierung noch Malware vorhanden?


Alle Schritte ausgeführt und dann alle Boxen angehakt und gestartet

Beim 10. Repair Job geht es aber nicht weiter bzw. der Status bleibt bei "working".

Soll ich es stoppen, den Haken beim MDAC/MS Jet entfernen und wieder starten?


vorläufiger Log:

Code:
ATTFilter
Log:
Starting Repairs...
   Start (09.07.2013 20:44:42)

Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (09.07.2013 20:44:42)
   Running Repair Under Current User Account
   Done (09.07.2013 20:44:50)

Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (09.07.2013 20:44:50)
   Running Repair Under System Account
   Done (09.07.2013 20:44:53)

Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (09.07.2013 20:44:53)
   Running Repair Under System Account
   Done (09.07.2013 20:44:56)

Reset File Permissions 01/13
   C:\ATI & Sub Folders
   Start (09.07.2013 20:44:56)
   Running Repair Under System Account
   Done (09.07.2013 20:44:58)

Reset File Permissions 02/13
   C:\CanoScan & Sub Folders
   Start (09.07.2013 20:44:58)
   Running Repair Under System Account
   Done (09.07.2013 20:45:01)

Reset File Permissions 03/13
   C:\Dokumente und Einstellungen & Sub Folders
   Start (09.07.2013 20:45:01)
   Running Repair Under System Account
   Done (09.07.2013 20:45:03)

Reset File Permissions 04/13
   C:\DRV & Sub Folders
   Start (09.07.2013 20:45:03)
   Running Repair Under System Account
   Done (09.07.2013 20:45:06)

Reset File Permissions 05/13
   C:\FRST & Sub Folders
   Start (09.07.2013 20:45:06)
   Running Repair Under System Account
   Done (09.07.2013 20:45:08)

Reset File Permissions 06/13
   C:\I386 & Sub Folders
   Start (09.07.2013 20:45:08)
   Running Repair Under System Account
   Done (09.07.2013 20:45:11)

Reset File Permissions 07/13
   C:\PCWELT & Sub Folders
   Start (09.07.2013 20:45:11)
   Running Repair Under System Account
   Done (09.07.2013 20:45:13)

Reset File Permissions 08/13
   C:\Program Files & Sub Folders
   Start (09.07.2013 20:45:13)
   Running Repair Under System Account
   Done (09.07.2013 20:45:16)

Reset File Permissions 09/13
   C:\Programme & Sub Folders
   Start (09.07.2013 20:45:16)
   Running Repair Under System Account
   Done (09.07.2013 20:45:18)

Reset File Permissions 10/13
   C:\RegBackup & Sub Folders
   Start (09.07.2013 20:45:18)
   Running Repair Under System Account
   Done (09.07.2013 20:45:21)

Reset File Permissions 11/13
   C:\SYSINFO & Sub Folders
   Start (09.07.2013 20:45:21)
   Running Repair Under System Account
   Done (09.07.2013 20:45:23)

Reset File Permissions 12/13
   C:\VTRoot & Sub Folders
   Start (09.07.2013 20:45:23)
   Running Repair Under System Account
   Done (09.07.2013 20:45:26)

Reset File Permissions 13/13
   C:\WINDOWS & Sub Folders
   Start (09.07.2013 20:45:26)
   Running Repair Under System Account
   Done (09.07.2013 20:45:28)

Reset File Permissions 01/10
   D:\658 Riley Reid & Sub Folders
   Start (09.07.2013 20:45:55)
   Running Repair Under System Account
   Done (09.07.2013 20:45:58)

Reset File Permissions 02/10
   D:\amateur-blogx.com_20100923_01 & Sub Folders
   Start (09.07.2013 20:45:58)
   Running Repair Under System Account
   Done (09.07.2013 20:46:00)

Reset File Permissions 03/10
   D:\awesome Selfpics of a real hot Amateur Chick & Sub Folders
   Start (09.07.2013 20:46:00)
   Running Repair Under System Account
   Done (09.07.2013 20:46:03)

Reset File Permissions 04/10
   D:\beatifull-girlfriend-pose-for-you-3677 & Sub Folders
   Start (09.07.2013 20:46:03)
   Running Repair Under System Account
   Done (09.07.2013 20:46:05)

Reset File Permissions 05/10
   D:\cs100321 & Sub Folders
   Start (09.07.2013 20:46:05)
   Running Repair Under System Account
   Done (09.07.2013 20:46:08)

Reset File Permissions 06/10
   D:\cs100322 & Sub Folders
   Start (09.07.2013 20:46:08)
   Running Repair Under System Account
   Done (09.07.2013 20:46:10)

Reset File Permissions 07/10
   D:\Eigene Dateien & Sub Folders
   Start (09.07.2013 20:46:10)
   Running Repair Under System Account
   Done (09.07.2013 20:46:13)

Reset File Permissions 08/10
   D:\Emule Temp & Sub Folders
   Start (09.07.2013 20:46:13)
   Running Repair Under System Account
   Done (09.07.2013 20:46:15)

Reset File Permissions 09/10
   D:\HarmonyHexgreenset & Sub Folders
   Start (09.07.2013 20:46:15)
   Running Repair Under System Account
   Done (09.07.2013 20:46:18)

Reset File Permissions 10/10
   D:\heather morris & Sub Folders
   Start (09.07.2013 20:46:18)
   Running Repair Under System Account
   Done (09.07.2013 20:46:20)

Reset File Permissions 01/10
   E:\Audible & Sub Folders
   Start (09.07.2013 20:46:22)
   Running Repair Under System Account
   Done (09.07.2013 20:46:24)

Reset File Permissions 02/10
   E:\Backup All Drivers & Sub Folders
   Start (09.07.2013 20:46:24)
   Running Repair Under System Account
   Done (09.07.2013 20:46:27)

Reset File Permissions 03/10
   E:\Config.Msi & Sub Folders
   Start (09.07.2013 20:46:28)
   Running Repair Under System Account
   Done (09.07.2013 20:46:30)

Reset File Permissions 04/10
   E:\DeusEx & Sub Folders
   Start (09.07.2013 20:46:30)
   Running Repair Under System Account
   Done (09.07.2013 20:46:33)

Reset File Permissions 05/10
   E:\Download & Sub Folders
   Start (09.07.2013 20:46:33)
   Running Repair Under System Account
   Done (09.07.2013 20:46:35)

Reset File Permissions 06/10
   E:\Mobile Phone C905 & Sub Folders
   Start (09.07.2013 20:46:35)
   Running Repair Under System Account
   Done (09.07.2013 20:46:38)

Reset File Permissions 07/10
   E:\Mobile Phone Xperia Arc S & Sub Folders
   Start (09.07.2013 20:46:38)
   Running Repair Under System Account
   Done (09.07.2013 20:46:40)

Reset File Permissions 08/10
   E:\Programme & Sub Folders
   Start (09.07.2013 20:46:40)
   Running Repair Under System Account
   Done (09.07.2013 20:46:43)

Reset File Permissions 09/10
   E:\Systemfiles & Sub Folders
   Start (09.07.2013 20:46:43)
   Running Repair Under System Account
   Done (09.07.2013 20:46:46)

Reset File Permissions 10/10
   E:\Tools & Sub Folders
   Start (09.07.2013 20:46:46)
   Running Repair Under System Account
   Done (09.07.2013 20:46:49)

Register System Files
   Start (09.07.2013 20:46:49)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (09.07.2013 20:52:41)

Repair WMI
   Start (09.07.2013 20:52:41)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (09.07.2013 20:53:57)

Repair Windows Firewall
   Start (09.07.2013 20:53:57)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (09.07.2013 20:54:06)

Repair Internet Explorer
   Start (09.07.2013 20:54:06)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (09.07.2013 20:55:47)

Repair MDAC/MS Jet
   Start (09.07.2013 20:55:47)
   Running Repair Under Current User Account

Alt 10.07.2013, 08:25   #9
schrauber
/// the machine
/// TB-Ausbilder
 
Nach Formatierung noch Malware vorhanden? - Standard

Nach Formatierung noch Malware vorhanden?


Genau mach das
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.07.2013, 17:07   #10
Loki51
 
Nach Formatierung noch Malware vorhanden? - Standard

Nach Formatierung noch Malware vorhanden?


Beim zweiten Durchlauf ohne "MDAC/MS Jet" gings eigentlich gut, einzig beim Repair MSI (Windows Installer) kam 2 mal die Fehlermeldung Zugriff verweigert.
Beide Male auf ok geklickt und es ging weiter....



Code:
ATTFilter
Log:
Starting Repairs...
   Start (10.07.2013 17:41:56)

Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (10.07.2013 17:41:56)
   Running Repair Under Current User Account
   Done (10.07.2013 17:42:03)

Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (10.07.2013 17:42:03)
   Running Repair Under System Account
   Done (10.07.2013 17:42:07)

Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (10.07.2013 17:42:07)
   Running Repair Under System Account
   Done (10.07.2013 17:42:09)

Reset File Permissions 01/13
   C:\ATI & Sub Folders
   Start (10.07.2013 17:42:09)
   Running Repair Under System Account
   Done (10.07.2013 17:42:12)

Reset File Permissions 02/13
   C:\CanoScan & Sub Folders
   Start (10.07.2013 17:42:12)
   Running Repair Under System Account
   Done (10.07.2013 17:42:14)

Reset File Permissions 03/13
   C:\Dokumente und Einstellungen & Sub Folders
   Start (10.07.2013 17:42:14)
   Running Repair Under System Account
   Done (10.07.2013 17:42:17)

Reset File Permissions 04/13
   C:\DRV & Sub Folders
   Start (10.07.2013 17:42:17)
   Running Repair Under System Account
   Done (10.07.2013 17:42:19)

Reset File Permissions 05/13
   C:\FRST & Sub Folders
   Start (10.07.2013 17:42:19)
   Running Repair Under System Account
   Done (10.07.2013 17:42:22)

Reset File Permissions 06/13
   C:\I386 & Sub Folders
   Start (10.07.2013 17:42:22)
   Running Repair Under System Account
   Done (10.07.2013 17:42:24)

Reset File Permissions 07/13
   C:\PCWELT & Sub Folders
   Start (10.07.2013 17:42:24)
   Running Repair Under System Account
   Done (10.07.2013 17:42:27)

Reset File Permissions 08/13
   C:\Program Files & Sub Folders
   Start (10.07.2013 17:42:27)
   Running Repair Under System Account
   Done (10.07.2013 17:42:29)

Reset File Permissions 09/13
   C:\Programme & Sub Folders
   Start (10.07.2013 17:42:29)
   Running Repair Under System Account
   Done (10.07.2013 17:42:32)

Reset File Permissions 10/13
   C:\RegBackup & Sub Folders
   Start (10.07.2013 17:42:32)
   Running Repair Under System Account
   Done (10.07.2013 17:42:34)

Reset File Permissions 11/13
   C:\SYSINFO & Sub Folders
   Start (10.07.2013 17:42:34)
   Running Repair Under System Account
   Done (10.07.2013 17:42:37)

Reset File Permissions 12/13
   C:\VTRoot & Sub Folders
   Start (10.07.2013 17:42:37)
   Running Repair Under System Account
   Done (10.07.2013 17:42:39)

Reset File Permissions 13/13
   C:\WINDOWS & Sub Folders
   Start (10.07.2013 17:42:39)
   Running Repair Under System Account
   Done (10.07.2013 17:42:42)

Reset File Permissions 01/10
   D:\658 Riley Reid & Sub Folders
   Start (10.07.2013 17:43:08)
   Running Repair Under System Account
   Done (10.07.2013 17:43:10)

Reset File Permissions 02/10
   D:\amateur-blogx.com_20100923_01 & Sub Folders
   Start (10.07.2013 17:43:10)
   Running Repair Under System Account
   Done (10.07.2013 17:43:13)

Reset File Permissions 03/10
   D:\awesome Selfpics of a real hot Amateur Chick & Sub Folders
   Start (10.07.2013 17:43:13)
   Running Repair Under System Account
   Done (10.07.2013 17:43:15)

Reset File Permissions 04/10
   D:\beatifull-girlfriend-pose-for-you-3677 & Sub Folders
   Start (10.07.2013 17:43:15)
   Running Repair Under System Account
   Done (10.07.2013 17:43:18)

Reset File Permissions 05/10
   D:\cs100321 & Sub Folders
   Start (10.07.2013 17:43:18)
   Running Repair Under System Account
   Done (10.07.2013 17:43:20)

Reset File Permissions 06/10
   D:\cs100322 & Sub Folders
   Start (10.07.2013 17:43:20)
   Running Repair Under System Account
   Done (10.07.2013 17:43:23)

Reset File Permissions 07/10
   D:\Eigene Dateien & Sub Folders
   Start (10.07.2013 17:43:23)
   Running Repair Under System Account
   Done (10.07.2013 17:43:25)

Reset File Permissions 08/10
   D:\Emule Temp & Sub Folders
   Start (10.07.2013 17:43:25)
   Running Repair Under System Account
   Done (10.07.2013 17:43:28)

Reset File Permissions 09/10
   D:\HarmonyHexgreenset & Sub Folders
   Start (10.07.2013 17:43:28)
   Running Repair Under System Account
   Done (10.07.2013 17:43:30)

Reset File Permissions 10/10
   D:\heather morris & Sub Folders
   Start (10.07.2013 17:43:30)
   Running Repair Under System Account
   Done (10.07.2013 17:43:33)

Reset File Permissions 01/10
   E:\Audible & Sub Folders
   Start (10.07.2013 17:43:33)
   Running Repair Under System Account
   Done (10.07.2013 17:43:35)

Reset File Permissions 02/10
   E:\Backup All Drivers & Sub Folders
   Start (10.07.2013 17:43:35)
   Running Repair Under System Account
   Done (10.07.2013 17:43:38)

Reset File Permissions 03/10
   E:\Config.Msi & Sub Folders
   Start (10.07.2013 17:43:38)
   Running Repair Under System Account
   Done (10.07.2013 17:43:40)

Reset File Permissions 04/10
   E:\DeusEx & Sub Folders
   Start (10.07.2013 17:43:40)
   Running Repair Under System Account
   Done (10.07.2013 17:43:43)

Reset File Permissions 05/10
   E:\Download & Sub Folders
   Start (10.07.2013 17:43:43)
   Running Repair Under System Account
   Done (10.07.2013 17:43:45)

Reset File Permissions 06/10
   E:\Mobile Phone C905 & Sub Folders
   Start (10.07.2013 17:43:45)
   Running Repair Under System Account
   Done (10.07.2013 17:43:48)

Reset File Permissions 07/10
   E:\Mobile Phone Xperia Arc S & Sub Folders
   Start (10.07.2013 17:43:48)
   Running Repair Under System Account
   Done (10.07.2013 17:43:51)

Reset File Permissions 08/10
   E:\Programme & Sub Folders
   Start (10.07.2013 17:43:51)
   Running Repair Under System Account
   Done (10.07.2013 17:43:53)

Reset File Permissions 09/10
   E:\Systemfiles & Sub Folders
   Start (10.07.2013 17:43:53)
   Running Repair Under System Account
   Done (10.07.2013 17:43:56)

Reset File Permissions 10/10
   E:\Tools & Sub Folders
   Start (10.07.2013 17:43:56)
   Running Repair Under System Account
   Done (10.07.2013 17:43:58)

Register System Files
   Start (10.07.2013 17:43:58)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:47:01)

Repair WMI
   Start (10.07.2013 17:47:01)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:48:32)

Repair Windows Firewall
   Start (10.07.2013 17:48:33)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:48:43)

Repair Internet Explorer
   Start (10.07.2013 17:48:43)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:50:33)

Repair Hosts File
   Start (10.07.2013 17:50:33)
   Running Repair Under System Account
   Done (10.07.2013 17:50:36)

Remove Policies Set By Infections
   Start (10.07.2013 17:50:37)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:50:42)

Repair Missing Start Menu Icons Removed By Infections
   Start (10.07.2013 17:50:43)
   Running Repair Under System Account
   Done (10.07.2013 17:50:46)

Repair Icons
   Start (10.07.2013 17:50:46)
   Running Repair Under System Account
   Done (10.07.2013 17:50:49)

Repair Winsock & DNS Cache
   Start (10.07.2013 17:50:49)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:50:59)

Remove Temp Files
   Start (10.07.2013 17:50:59)
   Running Repair Under System Account
   Done (10.07.2013 17:51:02)

Repair Proxy Settings
   Start (10.07.2013 17:51:02)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:51:08)

Unhide Non System Files
   Start (10.07.2013 17:51:08)
   C:\ - Total Files Unhidden: 250
   D:\ - Total Files Unhidden: 24
   E:\ - Total Files Unhidden: 135
   F:\ - Total Files Unhidden: 2
   Done (10.07.2013 17:53:45)

Repair Windows Updates
   Start (10.07.2013 17:53:45)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:54:58)

Repair CD/DVD Missing/Not Working
   Start (10.07.2013 17:54:59)
   Done (10.07.2013 17:54:59)

Repair Volume Shadow Copy Service
   Start (10.07.2013 17:54:59)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:55:36)

Repair Windows Sidebar/Gadgets
   Start (10.07.2013 17:55:37)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:55:44)

Repair MSI (Windows Installer)
   Start (10.07.2013 17:55:45)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:56:48)

Repair Windows Snipping Tool
   Start (10.07.2013 17:56:48)
   Done (10.07.2013 17:56:48)

Repair bat Association
   Start (10.07.2013 17:56:48)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:56:53)

Repair cmd Association
   Start (10.07.2013 17:56:53)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:56:58)

Repair com Association
   Start (10.07.2013 17:56:58)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:57:04)

Repair Directory Association
   Start (10.07.2013 17:57:04)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:57:11)

Repair Drive Association
   Start (10.07.2013 17:57:11)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:57:16)

Repair exe Association
   Start (10.07.2013 17:57:16)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:57:21)

Repair Folder Association
   Start (10.07.2013 17:57:21)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:57:26)

Repair inf Association
   Start (10.07.2013 17:57:26)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:57:31)

Repair lnk (Shortcuts) Association
   Start (10.07.2013 17:57:31)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:57:36)

Repair msc Association
   Start (10.07.2013 17:57:36)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:57:41)

Repair reg Association
   Start (10.07.2013 17:57:41)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:57:46)

Repair scr Association
   Start (10.07.2013 17:57:46)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:57:51)

Repair Windows Safe Mode
   Start (10.07.2013 17:57:51)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:57:55)

Repair Print Spooler
   Start (10.07.2013 17:57:56)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:58:00)

Restore Important Windows Services
   Start (10.07.2013 17:58:00)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:58:05)

Set Windows Services To Default Startup
   Start (10.07.2013 17:58:05)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (10.07.2013 17:58:33)

Cleaning up empty logs...

All Selected Repairs Done.
   Done (10.07.2013 17:58:33)
   Total Repair Time: 00:16:37


...YOU MUST RESTART YOUR SYSTEM...

Alt 10.07.2013, 20:31   #11
schrauber
/// the machine
/// TB-Ausbilder
 
Nach Formatierung noch Malware vorhanden? - Standard

Nach Formatierung noch Malware vorhanden?


Noch Probleme mit der Kiste?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.07.2013, 18:53   #12
Loki51
 
Nach Formatierung noch Malware vorhanden? - Standard

Nach Formatierung noch Malware vorhanden?


Leider ja...

Repair MSI (Windows Installer) bringt bei weiteren Durchläufen keine Fehlermeldungen mehr.

Beim MDAC/MS Jet besteht immer noch dasselbe Problem, dass es einfach kein Ende nimmt.

Ich habe immer noch keinen Zugriff auf die "System Volume Information" der anderen Partitionen

Chechdisk meldet immer noch Fehler im MFT und Dateisystem.

Und die Reparaturfunktion geht immer noch nicht bei der Internetverbindung. Alle Schritte sind ok bis auf den letzten - Die Registrierung beim DNS

Aber...
Malwarebytes Anti-Malware meldet keine Funde

Und Windows Update funktioniert. Soll ich Windows updaten lassen oder wäre das noch zu früh?

Alt 11.07.2013, 19:32   #13
schrauber
/// the machine
/// TB-Ausbilder
 
Nach Formatierung noch Malware vorhanden? - Standard

Nach Formatierung noch Malware vorhanden?


Reparaturinstallation würde ich versuchen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.07.2013, 11:04   #14
Loki51
 
Nach Formatierung noch Malware vorhanden? - Standard

Nach Formatierung noch Malware vorhanden?


tja schwierig, damals beim Kauf lag keine Windows XP-CD bei, weil das Betriebssystem bereits vorinstalliert war.

Ich schätze ich muss sowieso bald upgraden und mir einen neuen PC kaufen.

Aber ist mein jetztiges Betriebssystem denn gefährdet oder einfach "nur" nicht im Besitz aller Rechte. Sollte ich aufs Onlinebanking verzichten aber ansonsten kann ich den PC noch eine Weile gebrauchen?

Alt 13.07.2013, 12:25   #15
schrauber
/// the machine
/// TB-Ausbilder
 
Nach Formatierung noch Malware vorhanden? - Standard

Nach Formatierung noch Malware vorhanden?


Mach mal die Windows Updates, benutzen kannste ihn, ausser Onlinebanking
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort
Seite 1 von 2 1 2

Themen zu Nach Formatierung noch Malware vorhanden?
aufgegeben, browser, einstellungen, explorer, fehler, firefox, home, homepage, internet, internet browser, kaspersky, log-file, logfile, malware, nvidia, realtek, registry, scan, security, software, taskleiste, udp, usb, virus, warnung, windows, wlan


« wssetup.exe eingefangen | Virenfund EXP/JAVA.Ternub.Gen, entfernt nach Deinstallation von Java? »


Ähnliche Themen: Nach Formatierung noch Malware vorhanden?


  1. Malware trotz Neuinstallation vermutlich noch vorhanden
    Log-Analyse und Auswertung - 18.08.2015 (5)
  2. Malware nach Formatierung weg?
    Log-Analyse und Auswertung - 03.12.2012 (1)
  3. Nach Formatierung kommt immer noch Avira Meldung> Virenmeldung Malware
    Plagegeister aller Art und deren Bekämpfung - 02.11.2012 (1)
  4. Malware noch vorhanden?
    Log-Analyse und Auswertung - 13.05.2011 (4)
  5. Nach Formatierung immer noch Viren
    Log-Analyse und Auswertung - 27.01.2011 (8)
  6. nach formatierung immer noch probleme mit pc
    Plagegeister aller Art und deren Bekämpfung - 25.08.2010 (13)
  7. Trojaner nach Formatierung immer noch vorhanden- Trojaner auf externer HD?
    Plagegeister aller Art und deren Bekämpfung - 30.12.2009 (11)
  8. TR/ATRAPS.Gen auch nach Formatierung noch da
    Plagegeister aller Art und deren Bekämpfung - 04.10.2009 (4)
  9. MSN Virus nach Formatierung noch aktiv
    Plagegeister aller Art und deren Bekämpfung - 17.05.2009 (3)
  10. TR/Crypt.XPACK.Gen nach Formatierung vorhanden
    Plagegeister aller Art und deren Bekämpfung - 03.05.2009 (0)
  11. Trojaner auch nach Formatierung und Neuinstallation des Computers vorhanden! Was nun?
    Plagegeister aller Art und deren Bekämpfung - 11.02.2009 (2)
  12. TR Crypt FKM Gen nach Formatierung noch vorhanden?
    Plagegeister aller Art und deren Bekämpfung - 12.09.2008 (2)
  13. AdobeRd9.0 (Trojaner) - Auch nach Formatierung noch da...
    Plagegeister aller Art und deren Bekämpfung - 30.06.2008 (3)
  14. WinSpywareProtect entfernt - andere Malware noch vorhanden
    Log-Analyse und Auswertung - 21.05.2008 (11)
  15. Backdoor Trojaner nach Formatierung von C noch vorhanden?!
    Log-Analyse und Auswertung - 31.01.2008 (3)
  16. Nach "Formatierung" Dateien immer noch vorhanden
    Alles rund um Windows - 17.01.2008 (14)
  17. Virus nach Formatierung immer noch da
    Log-Analyse und Auswertung - 07.10.2007 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Nach Formatierung noch Malware vorhanden? - Hallo Community Ich habe seit einer Weile PC-Probleme, und es begann damit, dass auf einmal das Internet nicht mehr funktionierte, obwohl in der Taskleiste eine hergestellte Verbindung angezigt wurde. Pakete - Nach Formatierung noch Malware vorhanden?...
Archiv
Du betrachtest: Nach Formatierung noch Malware vorhanden? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19