| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Ordner vom USB Stick und SpeicherkartenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.08.2013, 09:09
| #61 |
 |  Ordner vom USB Stick und SpeicherkartenCode:
ATTFilter Datentr„ger in Laufwerk C: ist OS
Volumeseriennummer: 3671-4090
Verzeichnis von C:\FRST\Quarantine
02.08.2013 04:48 14.267 knjgffmqtl..vbs
1 Datei(en), 14.267 Bytes
Verzeichnis von C:\Program Files\Online Services\eBay
11.02.2011 07:18 1.712 ebay.vbs
1 Datei(en), 1.712 Bytes
Verzeichnis von C:\Program Files (x86)\HP\Digital Imaging\{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}
08.10.2009 03:28 478.052 autorun.inf
1 Datei(en), 478.052 Bytes
|
|
17.08.2013, 23:40
| #62 |
| /// the machine /// TB-Ausbilder    | Ordner vom USB Stick und Speicherkarten Komisch, poste mal bitte ein frisches FRST log.
__________________
__________________ |
|
18.08.2013, 13:40
| #63 |
| | Ordner vom USB Stick und SpeicherkartenFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2013
Ran by Samsunlu55 (administrator) on 18-08-2013 14:39:31
Running from C:\Users\Samsunlu55\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Andre Weinert) C:\Program Files (x86)\Terraniser\TerraService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(ScreenCapturer.com) C:\Program Files (x86)\Screen Capturer\ScreenCapturer.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\bin\HPNetworkCommunicator.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\sysWow64\SearchProtocolHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10355200 2011-01-24] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-05-23] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59280 2012-11-28] (Apple Inc.)
HKCU\...\Run: [TerraniserService] - C:\Program Files (x86)\Terraniser\TerraService.exe [1347584 2011-03-09] (Andre Weinert)
HKCU\...\Run: [HP Officejet 6700 (NET)] - C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2676584 2011-09-09] (Hewlett-Packard Co.)
HKCU\...\Run: [knjgffmqtl] - C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs [14267 2013-08-01] ()
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2013-05-23] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-02-15] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [TrayServer] - C:\PROGRA~2\MAGIX\VIDEO_~1\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2013-06-13] (cyberlink)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\knjgffmqtl..vbs ()
Startup: C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Screen Capturer.lnk
ShortcutTarget: Screen Capturer.lnk -> C:\Program Files (x86)\Screen Capturer\ScreenCapturer.exe (ScreenCapturer.com)
Startup: C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {1BFA2E7D-697D-4755-AAB0-D63F34301B3E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Samsunlu55\AppData\Roaming\Mozilla\Firefox\Profiles\nwx8oe3y.default
FF NewTab: about:blank
FF SelectedSearchEngine: Google
FF Homepage: www.reptilien-grotte.de
FF Keyword.URL: hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Samsunlu55\AppData\Roaming\Mozilla\Firefox\Profiles\nwx8oe3y.default\Extensions\de_DE@dicts.j3e.de
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dfaldikcoaplhepekpbngkepfcoiihef] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-01-25] ()
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [244720 2012-02-08] (CyberLink)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
S2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [x]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [x]
S2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [x]
S2 ZeroConfigService; "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe" [x]
==================== Drivers (Whitelisted) ====================
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-07-15] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-07-15] (Symantec Corporation)
R3 BYPUSB; C:\Windows\System32\Drivers\BYPUSB.sys [50688 2010-10-08] (SNBC)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-09] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-09] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\IPSDefs\20130813.001\IDSvia64.sys [513184 2013-08-01] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\IPSDefs\20130813.001\IDSvia64.sys [513184 2013-08-01] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20130817.006\ENG64.SYS [126040 2013-08-02] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20130817.006\ENG64.SYS [126040 2013-08-02] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20130817.006\EX64.SYS [2098776 2013-08-02] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20130817.006\EX64.SYS [2098776 2013-08-02] (Symantec Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw00.sys [11471872 2012-02-20] (Intel Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2012-03-29] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-05-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-17 10:54 - 2013-08-17 10:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-17 10:07 - 2013-08-17 10:09 - 00000570 _____ C:\Users\Samsunlu55\Desktop\files.txt
2013-08-17 10:07 - 2013-08-17 10:07 - 00000343 _____ C:\Users\Samsunlu55\Desktop\findfile.bat
2013-08-16 13:11 - 2013-08-01 18:48 - 00014267 ___SH C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs
2013-08-16 12:50 - 2013-08-16 12:50 - 00003128 _____ C:\Windows\System32\Tasks\PandaUSBVaccine
2013-08-16 12:50 - 2013-08-16 12:50 - 00000000 ____D C:\ProgramData\Panda Security
2013-08-16 12:50 - 2013-08-16 12:50 - 00000000 ____D C:\Program Files (x86)\Panda USB Vaccine
2013-08-16 12:48 - 2013-08-16 12:48 - 00848856 _____ (Panda Security ) C:\Users\Samsunlu55\Desktop\USBVaccine1014Setup.exe
2013-08-15 20:11 - 2013-07-25 05:54 - 17830400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 20:11 - 2013-07-25 05:37 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 20:11 - 2013-07-25 05:35 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 20:11 - 2013-07-25 05:31 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 20:11 - 2013-07-25 05:30 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 20:11 - 2013-07-25 05:29 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-15 20:11 - 2013-07-25 05:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-15 20:11 - 2013-07-25 05:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-15 20:11 - 2013-07-25 05:27 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 20:11 - 2013-07-25 05:27 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-15 20:11 - 2013-07-25 05:26 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 20:11 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 20:11 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 20:11 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 20:11 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 20:11 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 20:11 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-08-15 20:11 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-08-15 20:11 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-08-15 20:11 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 20:11 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 20:11 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-08-15 13:58 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 13:58 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 13:58 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 13:58 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 13:58 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 13:58 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 13:58 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 13:58 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 13:58 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 13:58 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 13:58 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 13:58 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 13:58 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 13:58 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 13:58 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 13:58 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 13:58 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 13:58 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 13:58 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 13:58 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 13:58 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 13:58 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 13:58 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 13:58 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 13:58 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 13:58 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 13:58 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-10 12:12 - 2013-08-10 12:12 - 00033741 _____ C:\ComboFix.txt
2013-08-10 12:01 - 2013-08-10 12:01 - 05102523 ____R (Swearware) C:\Users\Samsunlu55\Desktop\ComboFix.exe
2013-08-10 11:59 - 2013-08-10 11:59 - 00003164 _____ C:\Windows\System32\Tasks\{D773B974-A8A2-4F43-8030-A089F124875E}
2013-08-10 11:53 - 2013-08-10 11:53 - 00132597 _____ C:\Users\Samsunlu55\Desktop\Flash_Disinfector.exe
2013-08-08 14:28 - 2013-08-08 14:28 - 00000342 _____ C:\Users\Samsunlu55\Desktop\anlei.txt
2013-08-08 14:25 - 2013-08-08 14:25 - 00448512 _____ (OldTimer Tools) C:\Users\Samsunlu55\Desktop\TFC.exe
2013-08-07 17:48 - 2013-08-07 17:48 - 00891098 _____ C:\Users\Samsunlu55\Desktop\SecurityCheck.exe
2013-08-07 13:50 - 2013-08-07 13:50 - 00016247 _____ C:\Users\Samsunlu55\Desktop\2R9cFSwF.htm
2013-08-07 13:46 - 2013-08-07 13:46 - 02347384 _____ (ESET) C:\Users\Samsunlu55\Desktop\esetsmartinstaller_enu.exe
2013-08-07 10:15 - 2013-08-07 10:15 - 01527912 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-07 10:04 - 2013-08-07 10:04 - 00002593 _____ C:\Users\Samsunlu55\Desktop\JRT.txt
2013-08-07 09:58 - 2013-08-07 09:58 - 00000000 ____D C:\Windows\ERUNT
2013-08-07 09:57 - 2013-08-07 09:57 - 00563461 _____ (Oleg N. Scherbakov) C:\Users\Samsunlu55\Desktop\JRT.exe
2013-08-07 09:50 - 2013-08-07 09:51 - 00019887 _____ C:\AdwCleaner[S1].txt
2013-08-07 09:50 - 2013-08-07 09:46 - 00666633 _____ C:\Users\Samsunlu55\Desktop\adwcleaner.exe
2013-08-07 09:34 - 2013-08-07 09:34 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-07 09:34 - 2013-08-07 09:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-07 09:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-06 19:10 - 2013-08-06 18:39 - 02044928 _____ C:\Users\Samsunlu55\Desktop\sicherung20130806.crm
2013-08-06 19:09 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-06 19:09 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-06 19:09 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-06 19:07 - 2013-08-10 12:12 - 00000000 ____D C:\Qoobox
2013-08-06 19:07 - 2013-08-06 19:18 - 00000000 ____D C:\Windows\erdnt
2013-08-06 10:49 - 2013-08-06 10:49 - 00398513 _____ C:\Users\Samsunlu55\Desktop\1038538_162794453916994_1345702492_n.mp4
2013-08-05 18:30 - 2013-08-09 14:30 - 00000000 ____D C:\FRST
2013-08-05 16:31 - 2013-08-04 15:36 - 02036736 _____ C:\Users\Samsunlu55\Desktop\sicherung20130805.crm
2013-08-03 15:14 - 2012-07-26 06:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-08-03 15:14 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-08-03 15:14 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-08-03 15:14 - 2012-06-02 16:35 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-08-03 15:13 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-08-03 15:13 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-08-03 15:13 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-08-03 15:13 - 2012-08-23 16:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-08-03 15:13 - 2012-08-23 15:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-08-03 15:13 - 2012-08-23 15:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-08-03 15:13 - 2012-08-23 15:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-08-03 15:13 - 2012-08-23 15:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-08-03 15:13 - 2012-08-23 15:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-08-03 15:13 - 2012-08-23 15:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-08-03 15:13 - 2012-08-23 15:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-08-03 15:13 - 2012-08-23 15:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-08-03 15:13 - 2012-08-23 15:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-08-03 15:13 - 2012-08-23 14:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-08-03 15:13 - 2012-08-23 13:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-08-03 15:13 - 2012-08-23 13:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-08-03 15:13 - 2012-08-23 13:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-08-03 15:13 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-08-03 15:13 - 2012-08-23 12:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-08-03 15:13 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-08-03 15:13 - 2012-08-23 12:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-08-03 15:13 - 2012-08-23 12:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-08-03 15:13 - 2012-08-23 11:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-08-03 15:13 - 2012-08-23 10:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-08-03 15:13 - 2012-08-23 10:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-08-03 15:09 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-08-03 15:09 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-08-03 15:09 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-08-03 15:09 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-08-03 15:09 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-08-03 15:09 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-08-03 15:09 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-08-03 15:09 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-08-03 15:04 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-08-03 15:04 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-08-03 15:04 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2013-08-03 15:04 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2013-08-03 15:04 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-08-03 15:04 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-08-03 15:04 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-08-03 15:04 - 2012-11-30 07:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-08-03 15:04 - 2012-11-30 07:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-08-03 15:04 - 2012-11-30 07:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-08-03 15:04 - 2012-11-30 07:41 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-08-03 15:04 - 2012-11-30 07:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-08-03 15:04 - 2012-11-30 06:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 05:23 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-08-03 15:04 - 2012-11-30 04:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 04:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 04:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 04:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 01:17 - 00420064 _____ C:\Windows\SysWOW64\locale.nls
2013-08-03 15:04 - 2012-11-30 01:15 - 00420064 _____ C:\Windows\system32\locale.nls
2013-08-03 15:04 - 2012-08-24 20:13 - 00154480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-08-03 15:04 - 2012-08-24 20:09 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-08-03 15:04 - 2012-08-24 20:05 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-08-03 15:04 - 2012-08-24 20:03 - 01448448 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-08-03 15:04 - 2012-08-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-08-03 15:04 - 2012-08-24 18:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-08-03 15:04 - 2012-08-24 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-08-03 15:03 - 2013-03-19 07:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-08-03 15:03 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-08-03 15:03 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-08-03 15:03 - 2012-11-22 07:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2013-08-03 15:03 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-08-03 15:03 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2013-08-03 15:03 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2013-08-03 15:03 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-08-03 15:03 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2013-08-03 15:03 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-08-03 15:03 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2013-08-03 15:03 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2013-08-03 15:03 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2013-08-03 15:03 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2013-08-03 15:03 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-08-03 14:49 - 2013-08-15 20:14 - 00000000 ____D C:\Windows\system32\MRT
2013-08-02 19:15 - 2013-08-18 14:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-02 19:09 - 2013-08-02 19:09 - 00084966 _____ C:\Users\Samsunlu55\Desktop\bookmarks-2013-08-02.json
2013-08-02 16:09 - 2013-08-02 16:09 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\Malwarebytes
2013-08-02 16:09 - 2013-08-02 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-31 18:08 - 2013-07-31 18:07 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-31 18:04 - 2013-07-31 18:03 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-31 18:04 - 2013-07-31 18:03 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-31 18:04 - 2013-07-31 18:03 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-31 18:04 - 2013-07-31 18:03 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-31 15:34 - 2013-07-31 15:34 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\CrashRpt
2013-07-31 15:32 - 2013-07-31 15:32 - 00000000 ____D C:\ProgramData\RapidSolution
2013-07-31 15:32 - 2013-07-31 15:32 - 00000000 ____D C:\Program Files (x86)\Audials
2013-07-31 15:31 - 2013-07-31 15:31 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\RapidSolution
2013-07-25 16:06 - 2013-07-25 16:06 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\msgr
2013-07-23 14:35 - 2013-07-23 14:42 - 00000000 ____D C:\Program Files (x86)\WinZipper
==================== One Month Modified Files and Folders =======
2013-08-18 14:38 - 2013-08-02 19:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-18 13:59 - 2012-01-14 11:44 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\Adobe
2013-08-18 13:56 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-18 13:56 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-18 13:53 - 2011-10-21 02:57 - 01921803 _____ C:\Windows\WindowsUpdate.log
2013-08-18 13:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-18 13:48 - 2013-03-12 16:57 - 00017377 _____ C:\Windows\setupact.log
2013-08-17 16:39 - 2012-01-13 16:46 - 00000000 ____D C:\HDS-FAKTURA
2013-08-17 15:19 - 2012-01-11 15:12 - 00003950 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{DF247F0A-98DD-4A49-A3D7-19DA5F27453D}
2013-08-17 12:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-17 10:54 - 2013-08-17 10:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-17 10:09 - 2013-08-17 10:07 - 00000570 _____ C:\Users\Samsunlu55\Desktop\files.txt
2013-08-17 10:07 - 2013-08-17 10:07 - 00000343 _____ C:\Users\Samsunlu55\Desktop\findfile.bat
2013-08-16 17:48 - 2012-12-13 16:02 - 01261568 ___SH C:\Users\Samsunlu55\Desktop\Thumbs.db
2013-08-16 13:56 - 2012-02-04 11:40 - 00000000 ____D C:\Users\Samsunlu55\Desktop\Anzeigen Bilder
2013-08-16 13:54 - 2013-06-27 15:02 - 00001456 _____ C:\Users\SAMSUN~1\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-08-16 13:11 - 2012-01-11 15:12 - 00000000 ___RD C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-16 12:50 - 2013-08-16 12:50 - 00003128 _____ C:\Windows\System32\Tasks\PandaUSBVaccine
2013-08-16 12:50 - 2013-08-16 12:50 - 00000000 ____D C:\ProgramData\Panda Security
2013-08-16 12:50 - 2013-08-16 12:50 - 00000000 ____D C:\Program Files (x86)\Panda USB Vaccine
2013-08-16 12:48 - 2013-08-16 12:48 - 00848856 _____ (Panda Security ) C:\Users\Samsunlu55\Desktop\USBVaccine1014Setup.exe
2013-08-15 20:19 - 2012-01-11 18:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-15 20:17 - 2011-09-03 10:22 - 00657948 _____ C:\Windows\system32\perfh007.dat
2013-08-15 20:17 - 2011-09-03 10:22 - 00131288 _____ C:\Windows\system32\perfc007.dat
2013-08-15 20:17 - 2009-07-14 07:13 - 01529494 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-15 20:14 - 2013-08-03 14:49 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 20:13 - 2012-01-16 12:19 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-15 19:50 - 2012-10-25 18:41 - 00000352 _____ C:\Windows\Tasks\HPCeeScheduleForSamsunlu55.job
2013-08-15 18:24 - 2012-10-25 18:41 - 00003216 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSamsunlu55
2013-08-15 18:24 - 2012-01-12 17:51 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-08-15 18:23 - 2012-02-02 19:07 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-08-10 15:31 - 2012-12-07 16:10 - 00000342 _____ C:\Windows\Tasks\HPCeeScheduleForSAMSUNLU$.job
2013-08-10 15:31 - 2012-11-20 15:10 - 00003218 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSAMSUNLU$
2013-08-10 12:23 - 2010-11-21 05:47 - 00076036 _____ C:\Windows\PFRO.log
2013-08-10 12:12 - 2013-08-10 12:12 - 00033741 _____ C:\ComboFix.txt
2013-08-10 12:12 - 2013-08-06 19:07 - 00000000 ____D C:\Qoobox
2013-08-10 12:10 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-08-10 12:01 - 2013-08-10 12:01 - 05102523 ____R (Swearware) C:\Users\Samsunlu55\Desktop\ComboFix.exe
2013-08-10 11:59 - 2013-08-10 11:59 - 00003164 _____ C:\Windows\System32\Tasks\{D773B974-A8A2-4F43-8030-A089F124875E}
2013-08-10 11:53 - 2013-08-10 11:53 - 00132597 _____ C:\Users\Samsunlu55\Desktop\Flash_Disinfector.exe
2013-08-10 10:43 - 2012-01-11 15:13 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\Adobe
2013-08-10 10:43 - 2011-09-03 00:56 - 00000000 ____D C:\ProgramData\Adobe
2013-08-09 14:30 - 2013-08-05 18:30 - 00000000 ____D C:\FRST
2013-08-08 14:28 - 2013-08-08 14:28 - 00000342 _____ C:\Users\Samsunlu55\Desktop\anlei.txt
2013-08-08 14:25 - 2013-08-08 14:25 - 00448512 _____ (OldTimer Tools) C:\Users\Samsunlu55\Desktop\TFC.exe
2013-08-07 17:48 - 2013-08-07 17:48 - 00891098 _____ C:\Users\Samsunlu55\Desktop\SecurityCheck.exe
2013-08-07 13:50 - 2013-08-07 13:50 - 00016247 _____ C:\Users\Samsunlu55\Desktop\2R9cFSwF.htm
2013-08-07 13:46 - 2013-08-07 13:46 - 02347384 _____ (ESET) C:\Users\Samsunlu55\Desktop\esetsmartinstaller_enu.exe
2013-08-07 10:15 - 2013-08-07 10:15 - 01527912 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-07 10:04 - 2013-08-07 10:04 - 00002593 _____ C:\Users\Samsunlu55\Desktop\JRT.txt
2013-08-07 09:58 - 2013-08-07 09:58 - 00000000 ____D C:\Windows\ERUNT
2013-08-07 09:57 - 2013-08-07 09:57 - 00563461 _____ (Oleg N. Scherbakov) C:\Users\Samsunlu55\Desktop\JRT.exe
2013-08-07 09:51 - 2013-08-07 09:50 - 00019887 _____ C:\AdwCleaner[S1].txt
2013-08-07 09:50 - 2012-01-11 15:12 - 00001178 _____ C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-07 09:50 - 2012-01-11 15:12 - 00000995 _____ C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-08-07 09:46 - 2013-08-07 09:50 - 00666633 _____ C:\Users\Samsunlu55\Desktop\adwcleaner.exe
2013-08-07 09:34 - 2013-08-07 09:34 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-07 09:34 - 2013-08-07 09:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-06 19:18 - 2013-08-06 19:07 - 00000000 ____D C:\Windows\erdnt
2013-08-06 19:17 - 2012-01-11 15:03 - 00000000 ____D C:\Users\Samsunlu55
2013-08-06 18:39 - 2013-08-06 19:10 - 02044928 _____ C:\Users\Samsunlu55\Desktop\sicherung20130806.crm
2013-08-06 10:49 - 2013-08-06 10:49 - 00398513 _____ C:\Users\Samsunlu55\Desktop\1038538_162794453916994_1345702492_n.mp4
2013-08-06 09:52 - 2012-01-13 19:12 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-06 09:51 - 2012-01-11 19:31 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\CrashDumps
2013-08-04 15:36 - 2013-08-05 16:31 - 02036736 _____ C:\Users\Samsunlu55\Desktop\sicherung20130805.crm
2013-08-04 15:35 - 2012-01-13 18:09 - 00000000 ____D C:\Users\Samsunlu55\Documents\Reptidokus
2013-08-03 15:33 - 2012-01-11 15:10 - 00159464 _____ C:\Users\SAMSUN~1\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-03 15:31 - 2009-07-14 06:45 - 05199072 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-03 15:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-08-03 14:56 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-02 19:09 - 2013-08-02 19:09 - 00084966 _____ C:\Users\Samsunlu55\Desktop\bookmarks-2013-08-02.json
2013-08-02 16:09 - 2013-08-02 16:09 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\Malwarebytes
2013-08-02 16:09 - 2013-08-02 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-01 18:48 - 2013-08-16 13:11 - 00014267 ___SH C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs
2013-07-31 18:07 - 2013-07-31 18:08 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-31 18:07 - 2012-05-12 10:15 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-31 18:07 - 2011-09-03 00:59 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-31 18:03 - 2013-07-31 18:04 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-31 18:03 - 2013-07-31 18:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-31 18:03 - 2013-07-31 18:04 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-31 18:03 - 2013-07-31 18:04 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-31 18:03 - 2012-09-03 13:00 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-31 18:03 - 2011-09-03 00:59 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-31 18:03 - 2011-09-03 00:59 - 00000000 ____D C:\Program Files\Java
2013-07-31 15:34 - 2013-07-31 15:34 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\CrashRpt
2013-07-31 15:32 - 2013-07-31 15:32 - 00000000 ____D C:\ProgramData\RapidSolution
2013-07-31 15:32 - 2013-07-31 15:32 - 00000000 ____D C:\Program Files (x86)\Audials
2013-07-31 15:31 - 2013-07-31 15:31 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\RapidSolution
2013-07-25 18:35 - 2011-09-03 00:51 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-07-25 16:06 - 2013-07-25 16:06 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\msgr
2013-07-25 11:25 - 2013-08-15 13:58 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-15 13:58 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-25 05:54 - 2013-08-15 20:11 - 17830400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-25 05:37 - 2013-08-15 20:11 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-25 05:35 - 2013-08-15 20:11 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-25 05:31 - 2013-08-15 20:11 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-25 05:30 - 2013-08-15 20:11 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-25 05:29 - 2013-08-15 20:11 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-25 05:29 - 2013-08-15 20:11 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-25 05:29 - 2013-08-15 20:11 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-25 05:27 - 2013-08-15 20:11 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-25 05:27 - 2013-08-15 20:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-25 05:26 - 2013-08-15 20:11 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-25 04:40 - 2013-08-15 20:11 - 12334080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-25 04:32 - 2013-08-15 20:11 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-25 04:30 - 2013-08-15 20:11 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-25 04:26 - 2013-08-15 20:11 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-25 04:26 - 2013-08-15 20:11 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-25 04:25 - 2013-08-15 20:11 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-25 04:24 - 2013-08-15 20:11 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-25 04:24 - 2013-08-15 20:11 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-25 04:22 - 2013-08-15 20:11 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-25 04:22 - 2013-08-15 20:11 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-25 04:22 - 2013-08-15 20:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-24 19:15 - 2012-01-13 16:19 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\HpUpdate
2013-07-24 15:20 - 2012-01-14 12:22 - 00000000 ____D C:\Users\Samsunlu55\Desktop\shopbild
2013-07-23 14:42 - 2013-07-23 14:35 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-07-19 03:58 - 2013-08-15 13:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-07-19 03:41 - 2013-08-15 13:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-14 10:58
==================== End Of Log ============================
|
|
18.08.2013, 13:43
| #64 |
| | Ordner vom USB Stick und Speicherkarten Mit externer Festplatte FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2013
Ran by Samsunlu55 (administrator) on 18-08-2013 14:42:36
Running from C:\Users\Samsunlu55\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Andre Weinert) C:\Program Files (x86)\Terraniser\TerraService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(ScreenCapturer.com) C:\Program Files (x86)\Screen Capturer\ScreenCapturer.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\bin\HPNetworkCommunicator.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10355200 2011-01-24] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-05-23] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59280 2012-11-28] (Apple Inc.)
HKCU\...\Run: [TerraniserService] - C:\Program Files (x86)\Terraniser\TerraService.exe [1347584 2011-03-09] (Andre Weinert)
HKCU\...\Run: [HP Officejet 6700 (NET)] - C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2676584 2011-09-09] (Hewlett-Packard Co.)
HKCU\...\Run: [knjgffmqtl] - C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs [14267 2013-08-01] ()
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2013-05-23] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-02-15] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [TrayServer] - C:\PROGRA~2\MAGIX\VIDEO_~1\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2013-06-13] (cyberlink)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\knjgffmqtl..vbs ()
Startup: C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Screen Capturer.lnk
ShortcutTarget: Screen Capturer.lnk -> C:\Program Files (x86)\Screen Capturer\ScreenCapturer.exe (ScreenCapturer.com)
Startup: C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {1BFA2E7D-697D-4755-AAB0-D63F34301B3E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Samsunlu55\AppData\Roaming\Mozilla\Firefox\Profiles\nwx8oe3y.default
FF NewTab: about:blank
FF SelectedSearchEngine: Google
FF Homepage: www.reptilien-grotte.de
FF Keyword.URL: hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Samsunlu55\AppData\Roaming\Mozilla\Firefox\Profiles\nwx8oe3y.default\Extensions\de_DE@dicts.j3e.de
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dfaldikcoaplhepekpbngkepfcoiihef] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-01-25] ()
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [244720 2012-02-08] (CyberLink)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
S2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [x]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [x]
S2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [x]
S2 ZeroConfigService; "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe" [x]
==================== Drivers (Whitelisted) ====================
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-07-15] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-07-15] (Symantec Corporation)
R3 BYPUSB; C:\Windows\System32\Drivers\BYPUSB.sys [50688 2010-10-08] (SNBC)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-09] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-09] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\IPSDefs\20130813.001\IDSvia64.sys [513184 2013-08-01] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\IPSDefs\20130813.001\IDSvia64.sys [513184 2013-08-01] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20130817.006\ENG64.SYS [126040 2013-08-02] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20130817.006\ENG64.SYS [126040 2013-08-02] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20130817.006\EX64.SYS [2098776 2013-08-02] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20130817.006\EX64.SYS [2098776 2013-08-02] (Symantec Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw00.sys [11471872 2012-02-20] (Intel Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2012-03-29] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-05-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-17 10:54 - 2013-08-17 10:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-17 10:07 - 2013-08-17 10:09 - 00000570 _____ C:\Users\Samsunlu55\Desktop\files.txt
2013-08-17 10:07 - 2013-08-17 10:07 - 00000343 _____ C:\Users\Samsunlu55\Desktop\findfile.bat
2013-08-16 13:11 - 2013-08-01 18:48 - 00014267 ___SH C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs
2013-08-16 12:50 - 2013-08-16 12:50 - 00003128 _____ C:\Windows\System32\Tasks\PandaUSBVaccine
2013-08-16 12:50 - 2013-08-16 12:50 - 00000000 ____D C:\ProgramData\Panda Security
2013-08-16 12:50 - 2013-08-16 12:50 - 00000000 ____D C:\Program Files (x86)\Panda USB Vaccine
2013-08-16 12:48 - 2013-08-16 12:48 - 00848856 _____ (Panda Security ) C:\Users\Samsunlu55\Desktop\USBVaccine1014Setup.exe
2013-08-15 20:11 - 2013-07-25 05:54 - 17830400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 20:11 - 2013-07-25 05:37 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 20:11 - 2013-07-25 05:35 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 20:11 - 2013-07-25 05:31 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 20:11 - 2013-07-25 05:30 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 20:11 - 2013-07-25 05:29 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-15 20:11 - 2013-07-25 05:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-15 20:11 - 2013-07-25 05:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-15 20:11 - 2013-07-25 05:27 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 20:11 - 2013-07-25 05:27 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-15 20:11 - 2013-07-25 05:26 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 20:11 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 20:11 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 20:11 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 20:11 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 20:11 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 20:11 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-08-15 20:11 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-08-15 20:11 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-08-15 20:11 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 20:11 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 20:11 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-08-15 13:58 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 13:58 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 13:58 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 13:58 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 13:58 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 13:58 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 13:58 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 13:58 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 13:58 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 13:58 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 13:58 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 13:58 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 13:58 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 13:58 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 13:58 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 13:58 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 13:58 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 13:58 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 13:58 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 13:58 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 13:58 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 13:58 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 13:58 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 13:58 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 13:58 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 13:58 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 13:58 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-10 12:12 - 2013-08-10 12:12 - 00033741 _____ C:\ComboFix.txt
2013-08-10 12:01 - 2013-08-10 12:01 - 05102523 ____R (Swearware) C:\Users\Samsunlu55\Desktop\ComboFix.exe
2013-08-10 11:59 - 2013-08-10 11:59 - 00003164 _____ C:\Windows\System32\Tasks\{D773B974-A8A2-4F43-8030-A089F124875E}
2013-08-10 11:53 - 2013-08-10 11:53 - 00132597 _____ C:\Users\Samsunlu55\Desktop\Flash_Disinfector.exe
2013-08-08 14:28 - 2013-08-08 14:28 - 00000342 _____ C:\Users\Samsunlu55\Desktop\anlei.txt
2013-08-08 14:25 - 2013-08-08 14:25 - 00448512 _____ (OldTimer Tools) C:\Users\Samsunlu55\Desktop\TFC.exe
2013-08-07 17:48 - 2013-08-07 17:48 - 00891098 _____ C:\Users\Samsunlu55\Desktop\SecurityCheck.exe
2013-08-07 13:50 - 2013-08-07 13:50 - 00016247 _____ C:\Users\Samsunlu55\Desktop\2R9cFSwF.htm
2013-08-07 13:46 - 2013-08-07 13:46 - 02347384 _____ (ESET) C:\Users\Samsunlu55\Desktop\esetsmartinstaller_enu.exe
2013-08-07 10:15 - 2013-08-07 10:15 - 01527912 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-07 10:04 - 2013-08-07 10:04 - 00002593 _____ C:\Users\Samsunlu55\Desktop\JRT.txt
2013-08-07 09:58 - 2013-08-07 09:58 - 00000000 ____D C:\Windows\ERUNT
2013-08-07 09:57 - 2013-08-07 09:57 - 00563461 _____ (Oleg N. Scherbakov) C:\Users\Samsunlu55\Desktop\JRT.exe
2013-08-07 09:50 - 2013-08-07 09:51 - 00019887 _____ C:\AdwCleaner[S1].txt
2013-08-07 09:50 - 2013-08-07 09:46 - 00666633 _____ C:\Users\Samsunlu55\Desktop\adwcleaner.exe
2013-08-07 09:34 - 2013-08-07 09:34 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-07 09:34 - 2013-08-07 09:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-07 09:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-06 19:10 - 2013-08-06 18:39 - 02044928 _____ C:\Users\Samsunlu55\Desktop\sicherung20130806.crm
2013-08-06 19:09 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-06 19:09 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-06 19:09 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-06 19:07 - 2013-08-10 12:12 - 00000000 ____D C:\Qoobox
2013-08-06 19:07 - 2013-08-06 19:18 - 00000000 ____D C:\Windows\erdnt
2013-08-06 10:49 - 2013-08-06 10:49 - 00398513 _____ C:\Users\Samsunlu55\Desktop\1038538_162794453916994_1345702492_n.mp4
2013-08-05 18:30 - 2013-08-09 14:30 - 00000000 ____D C:\FRST
2013-08-05 16:31 - 2013-08-04 15:36 - 02036736 _____ C:\Users\Samsunlu55\Desktop\sicherung20130805.crm
2013-08-03 15:14 - 2012-07-26 06:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-08-03 15:14 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-08-03 15:14 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-08-03 15:14 - 2012-06-02 16:35 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-08-03 15:13 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-08-03 15:13 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-08-03 15:13 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-08-03 15:13 - 2012-08-23 16:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-08-03 15:13 - 2012-08-23 15:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-08-03 15:13 - 2012-08-23 15:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-08-03 15:13 - 2012-08-23 15:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-08-03 15:13 - 2012-08-23 15:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-08-03 15:13 - 2012-08-23 15:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-08-03 15:13 - 2012-08-23 15:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-08-03 15:13 - 2012-08-23 15:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-08-03 15:13 - 2012-08-23 15:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-08-03 15:13 - 2012-08-23 15:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-08-03 15:13 - 2012-08-23 14:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-08-03 15:13 - 2012-08-23 13:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-08-03 15:13 - 2012-08-23 13:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-08-03 15:13 - 2012-08-23 13:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-08-03 15:13 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-08-03 15:13 - 2012-08-23 12:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-08-03 15:13 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-08-03 15:13 - 2012-08-23 12:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-08-03 15:13 - 2012-08-23 12:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-08-03 15:13 - 2012-08-23 11:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-08-03 15:13 - 2012-08-23 10:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-08-03 15:13 - 2012-08-23 10:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-08-03 15:09 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-08-03 15:09 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-08-03 15:09 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-08-03 15:09 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-08-03 15:09 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-08-03 15:09 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-08-03 15:09 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-08-03 15:09 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-08-03 15:04 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-08-03 15:04 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-08-03 15:04 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2013-08-03 15:04 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2013-08-03 15:04 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-08-03 15:04 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-08-03 15:04 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-08-03 15:04 - 2012-11-30 07:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-08-03 15:04 - 2012-11-30 07:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-08-03 15:04 - 2012-11-30 07:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-08-03 15:04 - 2012-11-30 07:41 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-08-03 15:04 - 2012-11-30 07:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-08-03 15:04 - 2012-11-30 06:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 05:23 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-08-03 15:04 - 2012-11-30 04:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 04:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 04:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 04:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 01:17 - 00420064 _____ C:\Windows\SysWOW64\locale.nls
2013-08-03 15:04 - 2012-11-30 01:15 - 00420064 _____ C:\Windows\system32\locale.nls
2013-08-03 15:04 - 2012-08-24 20:13 - 00154480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-08-03 15:04 - 2012-08-24 20:09 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-08-03 15:04 - 2012-08-24 20:05 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-08-03 15:04 - 2012-08-24 20:03 - 01448448 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-08-03 15:04 - 2012-08-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-08-03 15:04 - 2012-08-24 18:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-08-03 15:04 - 2012-08-24 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-08-03 15:03 - 2013-03-19 07:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-08-03 15:03 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-08-03 15:03 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-08-03 15:03 - 2012-11-22 07:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2013-08-03 15:03 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-08-03 15:03 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2013-08-03 15:03 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2013-08-03 15:03 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-08-03 15:03 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2013-08-03 15:03 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-08-03 15:03 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2013-08-03 15:03 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2013-08-03 15:03 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2013-08-03 15:03 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2013-08-03 15:03 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-08-03 14:49 - 2013-08-15 20:14 - 00000000 ____D C:\Windows\system32\MRT
2013-08-02 19:15 - 2013-08-18 14:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-02 19:09 - 2013-08-02 19:09 - 00084966 _____ C:\Users\Samsunlu55\Desktop\bookmarks-2013-08-02.json
2013-08-02 16:09 - 2013-08-02 16:09 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\Malwarebytes
2013-08-02 16:09 - 2013-08-02 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-31 18:08 - 2013-07-31 18:07 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-31 18:04 - 2013-07-31 18:03 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-31 18:04 - 2013-07-31 18:03 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-31 18:04 - 2013-07-31 18:03 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-31 18:04 - 2013-07-31 18:03 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-31 15:34 - 2013-07-31 15:34 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\CrashRpt
2013-07-31 15:32 - 2013-07-31 15:32 - 00000000 ____D C:\ProgramData\RapidSolution
2013-07-31 15:32 - 2013-07-31 15:32 - 00000000 ____D C:\Program Files (x86)\Audials
2013-07-31 15:31 - 2013-07-31 15:31 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\RapidSolution
2013-07-25 16:06 - 2013-07-25 16:06 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\msgr
2013-07-23 14:35 - 2013-07-23 14:42 - 00000000 ____D C:\Program Files (x86)\WinZipper
==================== One Month Modified Files and Folders =======
2013-08-18 14:39 - 2013-08-18 14:39 - 01575580 _____ (Farbar) C:\Users\Samsunlu55\Desktop\FRST64.exe
2013-08-18 14:38 - 2013-08-02 19:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-18 13:59 - 2012-01-14 11:44 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\Adobe
2013-08-18 13:56 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-18 13:56 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-18 13:53 - 2011-10-21 02:57 - 01921803 _____ C:\Windows\WindowsUpdate.log
2013-08-18 13:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-18 13:48 - 2013-03-12 16:57 - 00017377 _____ C:\Windows\setupact.log
2013-08-17 16:39 - 2012-01-13 16:46 - 00000000 ____D C:\HDS-FAKTURA
2013-08-17 15:19 - 2012-01-11 15:12 - 00003950 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{DF247F0A-98DD-4A49-A3D7-19DA5F27453D}
2013-08-17 12:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-17 10:54 - 2013-08-17 10:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-17 10:09 - 2013-08-17 10:07 - 00000570 _____ C:\Users\Samsunlu55\Desktop\files.txt
2013-08-17 10:07 - 2013-08-17 10:07 - 00000343 _____ C:\Users\Samsunlu55\Desktop\findfile.bat
2013-08-16 17:48 - 2012-12-13 16:02 - 01261568 ___SH C:\Users\Samsunlu55\Desktop\Thumbs.db
2013-08-16 13:56 - 2012-02-04 11:40 - 00000000 ____D C:\Users\Samsunlu55\Desktop\Anzeigen Bilder
2013-08-16 13:54 - 2013-06-27 15:02 - 00001456 _____ C:\Users\SAMSUN~1\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-08-16 13:11 - 2012-01-11 15:12 - 00000000 ___RD C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-16 12:50 - 2013-08-16 12:50 - 00003128 _____ C:\Windows\System32\Tasks\PandaUSBVaccine
2013-08-16 12:50 - 2013-08-16 12:50 - 00000000 ____D C:\ProgramData\Panda Security
2013-08-16 12:50 - 2013-08-16 12:50 - 00000000 ____D C:\Program Files (x86)\Panda USB Vaccine
2013-08-16 12:48 - 2013-08-16 12:48 - 00848856 _____ (Panda Security ) C:\Users\Samsunlu55\Desktop\USBVaccine1014Setup.exe
2013-08-15 20:19 - 2012-01-11 18:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-15 20:17 - 2011-09-03 10:22 - 00657948 _____ C:\Windows\system32\perfh007.dat
2013-08-15 20:17 - 2011-09-03 10:22 - 00131288 _____ C:\Windows\system32\perfc007.dat
2013-08-15 20:17 - 2009-07-14 07:13 - 01529494 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-15 20:14 - 2013-08-03 14:49 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 20:13 - 2012-01-16 12:19 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-15 19:50 - 2012-10-25 18:41 - 00000352 _____ C:\Windows\Tasks\HPCeeScheduleForSamsunlu55.job
2013-08-15 18:24 - 2012-10-25 18:41 - 00003216 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSamsunlu55
2013-08-15 18:24 - 2012-01-12 17:51 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-08-15 18:23 - 2012-02-02 19:07 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-08-10 15:31 - 2012-12-07 16:10 - 00000342 _____ C:\Windows\Tasks\HPCeeScheduleForSAMSUNLU$.job
2013-08-10 15:31 - 2012-11-20 15:10 - 00003218 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSAMSUNLU$
2013-08-10 12:23 - 2010-11-21 05:47 - 00076036 _____ C:\Windows\PFRO.log
2013-08-10 12:12 - 2013-08-10 12:12 - 00033741 _____ C:\ComboFix.txt
2013-08-10 12:12 - 2013-08-06 19:07 - 00000000 ____D C:\Qoobox
2013-08-10 12:10 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-08-10 12:01 - 2013-08-10 12:01 - 05102523 ____R (Swearware) C:\Users\Samsunlu55\Desktop\ComboFix.exe
2013-08-10 11:59 - 2013-08-10 11:59 - 00003164 _____ C:\Windows\System32\Tasks\{D773B974-A8A2-4F43-8030-A089F124875E}
2013-08-10 11:53 - 2013-08-10 11:53 - 00132597 _____ C:\Users\Samsunlu55\Desktop\Flash_Disinfector.exe
2013-08-10 10:43 - 2012-01-11 15:13 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\Adobe
2013-08-10 10:43 - 2011-09-03 00:56 - 00000000 ____D C:\ProgramData\Adobe
2013-08-09 14:30 - 2013-08-05 18:30 - 00000000 ____D C:\FRST
2013-08-08 14:28 - 2013-08-08 14:28 - 00000342 _____ C:\Users\Samsunlu55\Desktop\anlei.txt
2013-08-08 14:25 - 2013-08-08 14:25 - 00448512 _____ (OldTimer Tools) C:\Users\Samsunlu55\Desktop\TFC.exe
2013-08-07 17:48 - 2013-08-07 17:48 - 00891098 _____ C:\Users\Samsunlu55\Desktop\SecurityCheck.exe
2013-08-07 13:50 - 2013-08-07 13:50 - 00016247 _____ C:\Users\Samsunlu55\Desktop\2R9cFSwF.htm
2013-08-07 13:46 - 2013-08-07 13:46 - 02347384 _____ (ESET) C:\Users\Samsunlu55\Desktop\esetsmartinstaller_enu.exe
2013-08-07 10:15 - 2013-08-07 10:15 - 01527912 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-07 10:04 - 2013-08-07 10:04 - 00002593 _____ C:\Users\Samsunlu55\Desktop\JRT.txt
2013-08-07 09:58 - 2013-08-07 09:58 - 00000000 ____D C:\Windows\ERUNT
2013-08-07 09:57 - 2013-08-07 09:57 - 00563461 _____ (Oleg N. Scherbakov) C:\Users\Samsunlu55\Desktop\JRT.exe
2013-08-07 09:51 - 2013-08-07 09:50 - 00019887 _____ C:\AdwCleaner[S1].txt
2013-08-07 09:50 - 2012-01-11 15:12 - 00001178 _____ C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-07 09:50 - 2012-01-11 15:12 - 00000995 _____ C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-08-07 09:46 - 2013-08-07 09:50 - 00666633 _____ C:\Users\Samsunlu55\Desktop\adwcleaner.exe
2013-08-07 09:34 - 2013-08-07 09:34 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-07 09:34 - 2013-08-07 09:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-06 19:18 - 2013-08-06 19:07 - 00000000 ____D C:\Windows\erdnt
2013-08-06 19:17 - 2012-01-11 15:03 - 00000000 ____D C:\Users\Samsunlu55
2013-08-06 18:39 - 2013-08-06 19:10 - 02044928 _____ C:\Users\Samsunlu55\Desktop\sicherung20130806.crm
2013-08-06 10:49 - 2013-08-06 10:49 - 00398513 _____ C:\Users\Samsunlu55\Desktop\1038538_162794453916994_1345702492_n.mp4
2013-08-06 09:52 - 2012-01-13 19:12 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-06 09:51 - 2012-01-11 19:31 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\CrashDumps
2013-08-04 15:36 - 2013-08-05 16:31 - 02036736 _____ C:\Users\Samsunlu55\Desktop\sicherung20130805.crm
2013-08-04 15:35 - 2012-01-13 18:09 - 00000000 ____D C:\Users\Samsunlu55\Documents\Reptidokus
2013-08-03 15:33 - 2012-01-11 15:10 - 00159464 _____ C:\Users\SAMSUN~1\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-03 15:31 - 2009-07-14 06:45 - 05199072 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-03 15:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-08-03 14:56 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-02 19:09 - 2013-08-02 19:09 - 00084966 _____ C:\Users\Samsunlu55\Desktop\bookmarks-2013-08-02.json
2013-08-02 16:09 - 2013-08-02 16:09 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\Malwarebytes
2013-08-02 16:09 - 2013-08-02 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-01 18:48 - 2013-08-16 13:11 - 00014267 ___SH C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs
2013-07-31 18:07 - 2013-07-31 18:08 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-31 18:07 - 2012-05-12 10:15 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-31 18:07 - 2011-09-03 00:59 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-31 18:03 - 2013-07-31 18:04 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-31 18:03 - 2013-07-31 18:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-31 18:03 - 2013-07-31 18:04 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-31 18:03 - 2013-07-31 18:04 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-31 18:03 - 2012-09-03 13:00 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-31 18:03 - 2011-09-03 00:59 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-31 18:03 - 2011-09-03 00:59 - 00000000 ____D C:\Program Files\Java
2013-07-31 15:34 - 2013-07-31 15:34 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\CrashRpt
2013-07-31 15:32 - 2013-07-31 15:32 - 00000000 ____D C:\ProgramData\RapidSolution
2013-07-31 15:32 - 2013-07-31 15:32 - 00000000 ____D C:\Program Files (x86)\Audials
2013-07-31 15:31 - 2013-07-31 15:31 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\RapidSolution
2013-07-25 18:35 - 2011-09-03 00:51 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-07-25 16:06 - 2013-07-25 16:06 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\msgr
2013-07-25 11:25 - 2013-08-15 13:58 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-15 13:58 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-25 05:54 - 2013-08-15 20:11 - 17830400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-25 05:37 - 2013-08-15 20:11 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-25 05:35 - 2013-08-15 20:11 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-25 05:31 - 2013-08-15 20:11 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-25 05:30 - 2013-08-15 20:11 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-25 05:29 - 2013-08-15 20:11 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-25 05:29 - 2013-08-15 20:11 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-25 05:29 - 2013-08-15 20:11 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-25 05:27 - 2013-08-15 20:11 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-25 05:27 - 2013-08-15 20:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-25 05:26 - 2013-08-15 20:11 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-25 04:40 - 2013-08-15 20:11 - 12334080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-25 04:32 - 2013-08-15 20:11 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-25 04:30 - 2013-08-15 20:11 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-25 04:26 - 2013-08-15 20:11 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-25 04:26 - 2013-08-15 20:11 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-25 04:25 - 2013-08-15 20:11 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-25 04:24 - 2013-08-15 20:11 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-25 04:24 - 2013-08-15 20:11 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-25 04:22 - 2013-08-15 20:11 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-25 04:22 - 2013-08-15 20:11 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-25 04:22 - 2013-08-15 20:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-24 19:15 - 2012-01-13 16:19 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\HpUpdate
2013-07-24 15:20 - 2012-01-14 12:22 - 00000000 ____D C:\Users\Samsunlu55\Desktop\shopbild
2013-07-23 14:42 - 2013-07-23 14:35 - 00000000 ____D C:\Program Files (x86)\WinZipper
2013-07-19 03:58 - 2013-08-15 13:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-07-19 03:41 - 2013-08-15 13:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-14 10:58
==================== End Of Log ============================
|
|
18.08.2013, 16:43
| #65 |
| /// the machine /// TB-Ausbilder | Ordner vom USB Stick und Speicherkarten Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKCU\...\Run: [knjgffmqtl] - C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs [14267 2013-08-01] ()
2013-08-16 13:11 - 2013-08-01 18:48 - 00014267 ___SH C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs
2013-08-01 18:48 - 2013-08-16 13:11 - 00014267 ___SH C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.08.2013, 10:02
| #66 |
| | Ordner vom USB Stick und Speicherkarten verknüpfungen leider noch da Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-08-2013
Ran by Samsunlu55 at 2013-08-19 10:58:45 Run:7
Running from C:\Users\Samsunlu55\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKCU\...\Run: [knjgffmqtl] - C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs [14267 2013-08-01] ()
2013-08-16 13:11 - 2013-08-01 18:48 - 00014267 ___SH C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs
2013-08-01 18:48 - 2013-08-16 13:11 - 00014267 ___SH C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs
*****************
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\knjgffmqtl => Value deleted successfully.
Could not move "C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs" => Scheduled to move on reboot.
Could not move "C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs" => Scheduled to move on reboot.
=========== Result of Scheduled Files to move ===========
C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs => Moved successfully.
C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs => Is moved successfully.
==== End of Fixlog ====
|
|
19.08.2013, 16:27
| #67 |
| /// the machine /// TB-Ausbilder | Ordner vom USB Stick und Speicherkarten so langsam denke ich du kannst Dich von den Sticks verabschieden. Bitte nochmal ein frisches FRST Logfile.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.08.2013, 17:12
| #68 |
| | Ordner vom USB Stick und Speicherkarten Ja aber das Problem ist ja das auch speicherkarten betrifft und auch der neue USB Stick wird verknüpft sobald ich was einfüge FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-08-2013
Ran by Samsunlu55 (administrator) on 19-08-2013 18:11:49
Running from C:\Users\Samsunlu55\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Andre Weinert) C:\Program Files (x86)\Terraniser\TerraService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(ScreenCapturer.com) C:\Program Files (x86)\Screen Capturer\ScreenCapturer.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\bin\HPNetworkCommunicator.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\HDS-FAKTURA\faktura.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10355200 2011-01-24] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-05-23] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59280 2012-11-28] (Apple Inc.)
HKCU\...\Run: [TerraniserService] - C:\Program Files (x86)\Terraniser\TerraService.exe [1347584 2011-03-09] (Andre Weinert)
HKCU\...\Run: [HP Officejet 6700 (NET)] - C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2676584 2011-09-09] (Hewlett-Packard Co.)
HKCU\...\Run: [knjgffmqtl] - C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs [14267 2013-08-01] ()
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2013-05-23] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-02-15] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [TrayServer] - C:\PROGRA~2\MAGIX\VIDEO_~1\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2013-06-13] (cyberlink)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\knjgffmqtl..vbs ()
Startup: C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Screen Capturer.lnk
ShortcutTarget: Screen Capturer.lnk -> C:\Program Files (x86)\Screen Capturer\ScreenCapturer.exe (ScreenCapturer.com)
Startup: C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {1BFA2E7D-697D-4755-AAB0-D63F34301B3E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Samsunlu55\AppData\Roaming\Mozilla\Firefox\Profiles\nwx8oe3y.default
FF NewTab: about:blank
FF SelectedSearchEngine: Google
FF Homepage: www.reptilien-grotte.de
FF Keyword.URL: hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Samsunlu55\AppData\Roaming\Mozilla\Firefox\Profiles\nwx8oe3y.default\Extensions\de_DE@dicts.j3e.de
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dfaldikcoaplhepekpbngkepfcoiihef] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-01-25] ()
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [244720 2012-02-08] (CyberLink)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
S2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [x]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [x]
S2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [x]
S2 ZeroConfigService; "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe" [x]
==================== Drivers (Whitelisted) ====================
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-07-15] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-07-15] (Symantec Corporation)
R3 BYPUSB; C:\Windows\System32\Drivers\BYPUSB.sys [50688 2010-10-08] (SNBC)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-09] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-09] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\IPSDefs\20130813.001\IDSvia64.sys [513184 2013-08-01] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\IPSDefs\20130813.001\IDSvia64.sys [513184 2013-08-01] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20130819.001\ENG64.SYS [126040 2013-08-02] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20130819.001\ENG64.SYS [126040 2013-08-02] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20130819.001\EX64.SYS [2098776 2013-08-02] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20130819.001\EX64.SYS [2098776 2013-08-02] (Symantec Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2012-03-29] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-05-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-19 10:58 - 2013-08-19 10:58 - 01575812 _____ (Farbar) C:\Users\Samsunlu55\Desktop\FRST64.exe
2013-08-17 10:54 - 2013-08-17 10:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-17 10:07 - 2013-08-17 10:09 - 00000570 _____ C:\Users\Samsunlu55\Desktop\files.txt
2013-08-17 10:07 - 2013-08-17 10:07 - 00000343 _____ C:\Users\Samsunlu55\Desktop\findfile.bat
2013-08-16 12:50 - 2013-08-16 12:50 - 00003128 _____ C:\Windows\System32\Tasks\PandaUSBVaccine
2013-08-16 12:50 - 2013-08-16 12:50 - 00000000 ____D C:\ProgramData\Panda Security
2013-08-16 12:50 - 2013-08-16 12:50 - 00000000 ____D C:\Program Files (x86)\Panda USB Vaccine
2013-08-16 12:48 - 2013-08-16 12:48 - 00848856 _____ (Panda Security ) C:\Users\Samsunlu55\Desktop\USBVaccine1014Setup.exe
2013-08-15 20:11 - 2013-07-25 05:54 - 17830400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 20:11 - 2013-07-25 05:37 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 20:11 - 2013-07-25 05:35 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 20:11 - 2013-07-25 05:31 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 20:11 - 2013-07-25 05:30 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 20:11 - 2013-07-25 05:29 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-15 20:11 - 2013-07-25 05:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-15 20:11 - 2013-07-25 05:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-15 20:11 - 2013-07-25 05:27 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 20:11 - 2013-07-25 05:27 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-15 20:11 - 2013-07-25 05:26 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 20:11 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 20:11 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 20:11 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 20:11 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 20:11 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 20:11 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-08-15 20:11 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-08-15 20:11 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-08-15 20:11 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 20:11 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 20:11 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-08-15 13:58 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 13:58 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 13:58 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 13:58 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 13:58 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 13:58 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 13:58 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 13:58 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 13:58 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 13:58 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 13:58 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 13:58 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 13:58 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 13:58 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 13:58 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 13:58 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 13:58 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 13:58 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 13:58 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 13:58 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 13:58 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 13:58 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 13:58 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 13:58 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 13:58 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 13:58 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 13:58 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-10 12:12 - 2013-08-10 12:12 - 00033741 _____ C:\ComboFix.txt
2013-08-10 12:01 - 2013-08-10 12:01 - 05102523 ____R (Swearware) C:\Users\Samsunlu55\Desktop\ComboFix.exe
2013-08-10 11:59 - 2013-08-10 11:59 - 00003164 _____ C:\Windows\System32\Tasks\{D773B974-A8A2-4F43-8030-A089F124875E}
2013-08-10 11:53 - 2013-08-10 11:53 - 00132597 _____ C:\Users\Samsunlu55\Desktop\Flash_Disinfector.exe
2013-08-08 14:28 - 2013-08-08 14:28 - 00000342 _____ C:\Users\Samsunlu55\Desktop\anlei.txt
2013-08-08 14:25 - 2013-08-08 14:25 - 00448512 _____ (OldTimer Tools) C:\Users\Samsunlu55\Desktop\TFC.exe
2013-08-07 17:48 - 2013-08-07 17:48 - 00891098 _____ C:\Users\Samsunlu55\Desktop\SecurityCheck.exe
2013-08-07 13:50 - 2013-08-07 13:50 - 00016247 _____ C:\Users\Samsunlu55\Desktop\2R9cFSwF.htm
2013-08-07 13:46 - 2013-08-07 13:46 - 02347384 _____ (ESET) C:\Users\Samsunlu55\Desktop\esetsmartinstaller_enu.exe
2013-08-07 10:15 - 2013-08-07 10:15 - 01527912 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-07 10:04 - 2013-08-07 10:04 - 00002593 _____ C:\Users\Samsunlu55\Desktop\JRT.txt
2013-08-07 09:58 - 2013-08-07 09:58 - 00000000 ____D C:\Windows\ERUNT
2013-08-07 09:57 - 2013-08-07 09:57 - 00563461 _____ (Oleg N. Scherbakov) C:\Users\Samsunlu55\Desktop\JRT.exe
2013-08-07 09:50 - 2013-08-07 09:51 - 00019887 _____ C:\AdwCleaner[S1].txt
2013-08-07 09:50 - 2013-08-07 09:46 - 00666633 _____ C:\Users\Samsunlu55\Desktop\adwcleaner.exe
2013-08-07 09:34 - 2013-08-07 09:34 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-07 09:34 - 2013-08-07 09:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-07 09:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-06 19:10 - 2013-08-06 18:39 - 02044928 _____ C:\Users\Samsunlu55\Desktop\sicherung20130806.crm
2013-08-06 19:09 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-06 19:09 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-06 19:09 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-06 19:07 - 2013-08-10 12:12 - 00000000 ____D C:\Qoobox
2013-08-06 19:07 - 2013-08-06 19:18 - 00000000 ____D C:\Windows\erdnt
2013-08-06 10:49 - 2013-08-06 10:49 - 00398513 _____ C:\Users\Samsunlu55\Desktop\1038538_162794453916994_1345702492_n.mp4
2013-08-05 18:30 - 2013-08-19 11:01 - 00000000 ____D C:\FRST
2013-08-05 16:31 - 2013-08-04 15:36 - 02036736 _____ C:\Users\Samsunlu55\Desktop\sicherung20130805.crm
2013-08-03 15:14 - 2012-07-26 06:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-08-03 15:14 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-08-03 15:14 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-08-03 15:14 - 2012-06-02 16:35 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-08-03 15:13 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-08-03 15:13 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-08-03 15:13 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-08-03 15:13 - 2012-08-23 16:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-08-03 15:13 - 2012-08-23 15:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-08-03 15:13 - 2012-08-23 15:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-08-03 15:13 - 2012-08-23 15:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-08-03 15:13 - 2012-08-23 15:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-08-03 15:13 - 2012-08-23 15:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-08-03 15:13 - 2012-08-23 15:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-08-03 15:13 - 2012-08-23 15:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-08-03 15:13 - 2012-08-23 15:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-08-03 15:13 - 2012-08-23 15:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-08-03 15:13 - 2012-08-23 14:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-08-03 15:13 - 2012-08-23 13:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-08-03 15:13 - 2012-08-23 13:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-08-03 15:13 - 2012-08-23 13:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-08-03 15:13 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-08-03 15:13 - 2012-08-23 12:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-08-03 15:13 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-08-03 15:13 - 2012-08-23 12:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-08-03 15:13 - 2012-08-23 12:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-08-03 15:13 - 2012-08-23 11:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-08-03 15:13 - 2012-08-23 10:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-08-03 15:13 - 2012-08-23 10:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-08-03 15:09 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-08-03 15:09 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-08-03 15:09 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-08-03 15:09 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-08-03 15:09 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-08-03 15:09 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-08-03 15:09 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-08-03 15:09 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-08-03 15:04 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-08-03 15:04 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-08-03 15:04 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2013-08-03 15:04 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2013-08-03 15:04 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-08-03 15:04 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-08-03 15:04 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-08-03 15:04 - 2012-11-30 07:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-08-03 15:04 - 2012-11-30 07:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-08-03 15:04 - 2012-11-30 07:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-08-03 15:04 - 2012-11-30 07:41 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-08-03 15:04 - 2012-11-30 07:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-08-03 15:04 - 2012-11-30 06:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 05:23 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-08-03 15:04 - 2012-11-30 04:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 04:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 04:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 04:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 01:17 - 00420064 _____ C:\Windows\SysWOW64\locale.nls
2013-08-03 15:04 - 2012-11-30 01:15 - 00420064 _____ C:\Windows\system32\locale.nls
2013-08-03 15:04 - 2012-08-24 20:13 - 00154480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-08-03 15:04 - 2012-08-24 20:09 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-08-03 15:04 - 2012-08-24 20:05 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-08-03 15:04 - 2012-08-24 20:03 - 01448448 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-08-03 15:04 - 2012-08-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-08-03 15:04 - 2012-08-24 18:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-08-03 15:04 - 2012-08-24 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-08-03 15:03 - 2013-03-19 07:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-08-03 15:03 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-08-03 15:03 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-08-03 15:03 - 2012-11-22 07:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2013-08-03 15:03 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-08-03 15:03 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2013-08-03 15:03 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2013-08-03 15:03 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-08-03 15:03 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2013-08-03 15:03 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-08-03 15:03 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2013-08-03 15:03 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2013-08-03 15:03 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2013-08-03 15:03 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2013-08-03 15:03 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-08-03 14:49 - 2013-08-15 20:14 - 00000000 ____D C:\Windows\system32\MRT
2013-08-02 19:15 - 2013-08-19 10:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-02 19:09 - 2013-08-02 19:09 - 00084966 _____ C:\Users\Samsunlu55\Desktop\bookmarks-2013-08-02.json
2013-08-02 16:09 - 2013-08-02 16:09 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\Malwarebytes
2013-08-02 16:09 - 2013-08-02 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-31 18:08 - 2013-07-31 18:07 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-31 18:04 - 2013-07-31 18:03 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-31 18:04 - 2013-07-31 18:03 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-31 18:04 - 2013-07-31 18:03 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-31 18:04 - 2013-07-31 18:03 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-31 15:34 - 2013-07-31 15:34 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\CrashRpt
2013-07-31 15:32 - 2013-07-31 15:32 - 00000000 ____D C:\ProgramData\RapidSolution
2013-07-31 15:32 - 2013-07-31 15:32 - 00000000 ____D C:\Program Files (x86)\Audials
2013-07-31 15:31 - 2013-07-31 15:31 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\RapidSolution
2013-07-25 16:06 - 2013-07-25 16:06 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\msgr
2013-07-23 14:35 - 2013-07-23 14:42 - 00000000 ____D C:\Program Files (x86)\WinZipper
==================== One Month Modified Files and Folders =======
2013-08-19 16:42 - 2012-01-11 15:12 - 00003950 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{DF247F0A-98DD-4A49-A3D7-19DA5F27453D}
2013-08-19 14:36 - 2012-01-13 18:09 - 00000000 ____D C:\Users\Samsunlu55\Documents\Reptidokus
2013-08-19 13:52 - 2011-10-21 02:57 - 01944402 _____ C:\Windows\WindowsUpdate.log
2013-08-19 13:47 - 2012-01-13 16:46 - 00000000 ____D C:\HDS-FAKTURA
2013-08-19 12:21 - 2012-01-14 11:44 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\Adobe
2013-08-19 11:07 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-19 11:07 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-19 11:01 - 2013-08-05 18:30 - 00000000 ____D C:\FRST
2013-08-19 11:00 - 2013-03-12 16:57 - 00017489 _____ C:\Windows\setupact.log
2013-08-19 11:00 - 2010-11-21 05:47 - 00076634 _____ C:\Windows\PFRO.log
2013-08-19 11:00 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-19 10:58 - 2013-08-19 10:58 - 01575812 _____ (Farbar) C:\Users\Samsunlu55\Desktop\FRST64.exe
2013-08-19 10:52 - 2013-08-02 19:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-17 12:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-17 10:54 - 2013-08-17 10:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-17 10:09 - 2013-08-17 10:07 - 00000570 _____ C:\Users\Samsunlu55\Desktop\files.txt
2013-08-17 10:07 - 2013-08-17 10:07 - 00000343 _____ C:\Users\Samsunlu55\Desktop\findfile.bat
2013-08-16 17:48 - 2012-12-13 16:02 - 01261568 ___SH C:\Users\Samsunlu55\Desktop\Thumbs.db
2013-08-16 13:56 - 2012-02-04 11:40 - 00000000 ____D C:\Users\Samsunlu55\Desktop\Anzeigen Bilder
2013-08-16 13:54 - 2013-06-27 15:02 - 00001456 _____ C:\Users\SAMSUN~1\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-08-16 13:11 - 2012-01-11 15:12 - 00000000 ___RD C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-16 12:50 - 2013-08-16 12:50 - 00003128 _____ C:\Windows\System32\Tasks\PandaUSBVaccine
2013-08-16 12:50 - 2013-08-16 12:50 - 00000000 ____D C:\ProgramData\Panda Security
2013-08-16 12:50 - 2013-08-16 12:50 - 00000000 ____D C:\Program Files (x86)\Panda USB Vaccine
2013-08-16 12:48 - 2013-08-16 12:48 - 00848856 _____ (Panda Security ) C:\Users\Samsunlu55\Desktop\USBVaccine1014Setup.exe
2013-08-15 20:19 - 2012-01-11 18:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-15 20:17 - 2011-09-03 10:22 - 00657948 _____ C:\Windows\system32\perfh007.dat
2013-08-15 20:17 - 2011-09-03 10:22 - 00131288 _____ C:\Windows\system32\perfc007.dat
2013-08-15 20:17 - 2009-07-14 07:13 - 01529494 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-15 20:14 - 2013-08-03 14:49 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 20:13 - 2012-01-16 12:19 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-15 19:50 - 2012-10-25 18:41 - 00000352 _____ C:\Windows\Tasks\HPCeeScheduleForSamsunlu55.job
2013-08-15 18:24 - 2012-10-25 18:41 - 00003216 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSamsunlu55
2013-08-15 18:24 - 2012-01-12 17:51 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-08-15 18:23 - 2012-02-02 19:07 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-08-10 15:31 - 2012-12-07 16:10 - 00000342 _____ C:\Windows\Tasks\HPCeeScheduleForSAMSUNLU$.job
2013-08-10 15:31 - 2012-11-20 15:10 - 00003218 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSAMSUNLU$
2013-08-10 12:12 - 2013-08-10 12:12 - 00033741 _____ C:\ComboFix.txt
2013-08-10 12:12 - 2013-08-06 19:07 - 00000000 ____D C:\Qoobox
2013-08-10 12:10 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-08-10 12:01 - 2013-08-10 12:01 - 05102523 ____R (Swearware) C:\Users\Samsunlu55\Desktop\ComboFix.exe
2013-08-10 11:59 - 2013-08-10 11:59 - 00003164 _____ C:\Windows\System32\Tasks\{D773B974-A8A2-4F43-8030-A089F124875E}
2013-08-10 11:53 - 2013-08-10 11:53 - 00132597 _____ C:\Users\Samsunlu55\Desktop\Flash_Disinfector.exe
2013-08-10 10:43 - 2012-01-11 15:13 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\Adobe
2013-08-10 10:43 - 2011-09-03 00:56 - 00000000 ____D C:\ProgramData\Adobe
2013-08-08 14:28 - 2013-08-08 14:28 - 00000342 _____ C:\Users\Samsunlu55\Desktop\anlei.txt
2013-08-08 14:25 - 2013-08-08 14:25 - 00448512 _____ (OldTimer Tools) C:\Users\Samsunlu55\Desktop\TFC.exe
2013-08-07 17:48 - 2013-08-07 17:48 - 00891098 _____ C:\Users\Samsunlu55\Desktop\SecurityCheck.exe
2013-08-07 13:50 - 2013-08-07 13:50 - 00016247 _____ C:\Users\Samsunlu55\Desktop\2R9cFSwF.htm
2013-08-07 13:46 - 2013-08-07 13:46 - 02347384 _____ (ESET) C:\Users\Samsunlu55\Desktop\esetsmartinstaller_enu.exe
2013-08-07 10:15 - 2013-08-07 10:15 - 01527912 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-07 10:04 - 2013-08-07 10:04 - 00002593 _____ C:\Users\Samsunlu55\Desktop\JRT.txt
2013-08-07 09:58 - 2013-08-07 09:58 - 00000000 ____D C:\Windows\ERUNT
2013-08-07 09:57 - 2013-08-07 09:57 - 00563461 _____ (Oleg N. Scherbakov) C:\Users\Samsunlu55\Desktop\JRT.exe
2013-08-07 09:51 - 2013-08-07 09:50 - 00019887 _____ C:\AdwCleaner[S1].txt
2013-08-07 09:50 - 2012-01-11 15:12 - 00001178 _____ C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-07 09:50 - 2012-01-11 15:12 - 00000995 _____ C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-08-07 09:46 - 2013-08-07 09:50 - 00666633 _____ C:\Users\Samsunlu55\Desktop\adwcleaner.exe
2013-08-07 09:34 - 2013-08-07 09:34 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-07 09:34 - 2013-08-07 09:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-06 19:18 - 2013-08-06 19:07 - 00000000 ____D C:\Windows\erdnt
2013-08-06 19:17 - 2012-01-11 15:03 - 00000000 ____D C:\Users\Samsunlu55
2013-08-06 18:39 - 2013-08-06 19:10 - 02044928 _____ C:\Users\Samsunlu55\Desktop\sicherung20130806.crm
2013-08-06 10:49 - 2013-08-06 10:49 - 00398513 _____ C:\Users\Samsunlu55\Desktop\1038538_162794453916994_1345702492_n.mp4
2013-08-06 09:52 - 2012-01-13 19:12 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-06 09:51 - 2012-01-11 19:31 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\CrashDumps
2013-08-04 15:36 - 2013-08-05 16:31 - 02036736 _____ C:\Users\Samsunlu55\Desktop\sicherung20130805.crm
2013-08-03 15:33 - 2012-01-11 15:10 - 00159464 _____ C:\Users\SAMSUN~1\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-03 15:31 - 2009-07-14 06:45 - 05199072 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-03 15:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-08-03 14:56 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-02 19:09 - 2013-08-02 19:09 - 00084966 _____ C:\Users\Samsunlu55\Desktop\bookmarks-2013-08-02.json
2013-08-02 16:09 - 2013-08-02 16:09 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\Malwarebytes
2013-08-02 16:09 - 2013-08-02 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-01 18:48 - 2013-08-19 11:04 - 00014267 ___SH C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs
2013-07-31 18:07 - 2013-07-31 18:08 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-31 18:07 - 2012-05-12 10:15 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-31 18:07 - 2011-09-03 00:59 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-31 18:03 - 2013-07-31 18:04 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-31 18:03 - 2013-07-31 18:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-31 18:03 - 2013-07-31 18:04 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-31 18:03 - 2013-07-31 18:04 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-31 18:03 - 2012-09-03 13:00 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-31 18:03 - 2011-09-03 00:59 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-31 18:03 - 2011-09-03 00:59 - 00000000 ____D C:\Program Files\Java
2013-07-31 15:34 - 2013-07-31 15:34 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\CrashRpt
2013-07-31 15:32 - 2013-07-31 15:32 - 00000000 ____D C:\ProgramData\RapidSolution
2013-07-31 15:32 - 2013-07-31 15:32 - 00000000 ____D C:\Program Files (x86)\Audials
2013-07-31 15:31 - 2013-07-31 15:31 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\RapidSolution
2013-07-25 18:35 - 2011-09-03 00:51 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-07-25 16:06 - 2013-07-25 16:06 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\msgr
2013-07-25 11:25 - 2013-08-15 13:58 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-15 13:58 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-25 05:54 - 2013-08-15 20:11 - 17830400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-25 05:37 - 2013-08-15 20:11 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-25 05:35 - 2013-08-15 20:11 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-25 05:31 - 2013-08-15 20:11 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-25 05:30 - 2013-08-15 20:11 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-25 05:29 - 2013-08-15 20:11 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-25 05:29 - 2013-08-15 20:11 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-25 05:29 - 2013-08-15 20:11 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-25 05:27 - 2013-08-15 20:11 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-25 05:27 - 2013-08-15 20:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-25 05:26 - 2013-08-15 20:11 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-25 04:40 - 2013-08-15 20:11 - 12334080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-25 04:32 - 2013-08-15 20:11 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-25 04:30 - 2013-08-15 20:11 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-25 04:26 - 2013-08-15 20:11 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-25 04:26 - 2013-08-15 20:11 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-25 04:25 - 2013-08-15 20:11 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-25 04:24 - 2013-08-15 20:11 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-25 04:24 - 2013-08-15 20:11 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-25 04:22 - 2013-08-15 20:11 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-25 04:22 - 2013-08-15 20:11 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-25 04:22 - 2013-08-15 20:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-24 19:15 - 2012-01-13 16:19 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\HpUpdate
2013-07-24 15:20 - 2012-01-14 12:22 - 00000000 ____D C:\Users\Samsunlu55\Desktop\shopbild
2013-07-23 14:42 - 2013-07-23 14:35 - 00000000 ____D C:\Program Files (x86)\WinZipper
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-14 10:58
==================== End Of Log ============================
--- --- --- |
|
20.08.2013, 11:25
| #69 |
| /// the machine /// TB-Ausbilder | Ordner vom USB Stick und Speicherkarten Klemm alles an was Du hast, wir müssen versuchen alles auf einmal zu reinigen. dann wenn alles dran ist nochmal Panda USB Vaccine laufen lassen. Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.08.2013, 13:05
| #70 |
| | Ordner vom USB Stick und SpeicherkartenCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.06.1.1005
www.malwarebytes.org
Database version: v2013.08.07.08
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Samsunlu55 :: SAMSUNLU [administrator]
20.08.2013 13:39:02
mbar-log-2013-08-20 (13-39-02).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 275457
Time elapsed: 18 minute(s), 29 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
20.08.2013, 13:19
| #71 |
| /// the machine /// TB-Ausbilder | Ordner vom USB Stick und Speicherkarten Unter Options auch alles anhaken dass er bei Reboot scant. Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.08.2013, 13:27
| #72 |
| | Ordner vom USB Stick und SpeicherkartenCode:
ATTFilter 14:25:29.0390 7184 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:25:29.0705 7184 ============================================================
14:25:29.0705 7184 Current date / time: 2013/08/20 14:25:29.0705
14:25:29.0705 7184 SystemInfo:
14:25:29.0705 7184
14:25:29.0705 7184 OS Version: 6.1.7601 ServicePack: 1.0
14:25:29.0705 7184 Product type: Workstation
14:25:29.0706 7184 ComputerName: SAMSUNLU
14:25:29.0706 7184 UserName: Samsunlu55
14:25:29.0706 7184 Windows directory: C:\Windows
14:25:29.0706 7184 System windows directory: C:\Windows
14:25:29.0706 7184 Running under WOW64
14:25:29.0706 7184 Processor architecture: Intel x64
14:25:29.0706 7184 Number of processors: 8
14:25:29.0706 7184 Page size: 0x1000
14:25:29.0706 7184 Boot type: Normal boot
14:25:29.0706 7184 ============================================================
14:25:30.0192 7184 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:25:30.0229 7184 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:25:30.0243 7184 Drive \Device\Harddisk2\DR2 - Size: 0x76E480000 (29.72 Gb), SectorSize: 0x200, Cylinders: 0xF28, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:25:30.0246 7184 Drive \Device\Harddisk3\DR3 - Size: 0x1D1A00000 (7.28 Gb), SectorSize: 0x200, Cylinders: 0x3B5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:25:30.0249 7184 Drive \Device\Harddisk4\DR4 - Size: 0x1E150DE00 (7.52 Gb), SectorSize: 0x200, Cylinders: 0x3D5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:25:30.0250 7184 Drive \Device\Harddisk5\DR5 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:25:30.0493 7184 ============================================================
14:25:30.0493 7184 \Device\Harddisk0\DR0:
14:25:30.0554 7184 MBR partitions:
14:25:30.0555 7184 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
14:25:30.0555 7184 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x55047000
14:25:30.0555 7184 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x550AB000, BlocksNum 0x2467800
14:25:30.0555 7184 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x57512800, BlocksNum 0x336F0
14:25:30.0555 7184 \Device\Harddisk1\DR1:
14:25:30.0556 7184 MBR partitions:
14:25:30.0556 7184 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57545000
14:25:30.0556 7184 \Device\Harddisk2\DR2:
14:25:30.0556 7184 MBR partitions:
14:25:30.0557 7184 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x3B70400
14:25:30.0557 7184 \Device\Harddisk3\DR3:
14:25:30.0557 7184 MBR partitions:
14:25:30.0557 7184 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xB, StartLBA 0xB88, BlocksNum 0xE8C478
14:25:30.0557 7184 \Device\Harddisk4\DR4:
14:25:30.0558 7184 MBR partitions:
14:25:30.0558 7184 \Device\Harddisk4\DR4\Partition1: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0xF07956
14:25:30.0558 7184 \Device\Harddisk5\DR5:
14:25:30.0559 7184 MBR partitions:
14:25:30.0559 7184 \Device\Harddisk5\DR5\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0xE8E06CC1
14:25:30.0559 7184 ============================================================
14:25:30.0610 7184 C: <-> \Device\Harddisk0\DR0\Partition2
14:25:30.0661 7184 D: <-> \Device\Harddisk1\DR1\Partition1
14:25:30.0706 7184 E: <-> \Device\Harddisk0\DR0\Partition3
14:25:30.0719 7184 H: <-> \Device\Harddisk5\DR5\Partition1
14:25:30.0719 7184 ============================================================
14:25:30.0719 7184 Initialize success
14:25:30.0719 7184 ============================================================
14:25:58.0132 8648 ============================================================
14:25:58.0133 8648 Scan started
14:25:58.0133 8648 Mode: Manual; SigCheck; TDLFS;
14:25:58.0133 8648 ============================================================
14:25:58.0771 8648 ================ Scan system memory ========================
14:25:58.0771 8648 System memory - ok
14:25:58.0772 8648 ================ Scan services =============================
14:25:59.0019 8648 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:25:59.0157 8648 1394ohci - ok
14:25:59.0179 8648 [ 733CA4DF8BE48A1009B86FA442551CA4 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
14:25:59.0192 8648 Accelerometer - ok
14:25:59.0232 8648 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:25:59.0262 8648 ACPI - ok
14:25:59.0297 8648 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:25:59.0386 8648 AcpiPmi - ok
14:25:59.0490 8648 [ F84C9DEE4698DF3C1D76801B7B1B55D7 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
14:25:59.0535 8648 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
14:25:59.0535 8648 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
14:25:59.0600 8648 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:25:59.0628 8648 AdobeARMservice - ok
14:25:59.0687 8648 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:25:59.0710 8648 adp94xx - ok
14:25:59.0741 8648 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:25:59.0767 8648 adpahci - ok
14:25:59.0801 8648 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:25:59.0829 8648 adpu320 - ok
14:25:59.0854 8648 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:25:59.0999 8648 AeLookupSvc - ok
14:26:00.0100 8648 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
14:26:00.0180 8648 AESTFilters - ok
14:26:00.0228 8648 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:26:00.0290 8648 AFD - ok
14:26:00.0322 8648 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:26:00.0332 8648 agp440 - ok
14:26:00.0372 8648 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:26:00.0422 8648 ALG - ok
14:26:00.0460 8648 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:26:00.0486 8648 aliide - ok
14:26:00.0532 8648 [ 46052887A640397A834CFA61D607BFC5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:26:00.0636 8648 AMD External Events Utility - ok
14:26:00.0667 8648 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:26:00.0691 8648 amdide - ok
14:26:00.0723 8648 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:26:00.0762 8648 AmdK8 - ok
14:26:00.0951 8648 [ F419E5CC07DECDAB85E4E6ADAB1DBB49 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:26:01.0158 8648 amdkmdag - ok
14:26:01.0211 8648 [ A2F3F99349169D53E91A953A6F539635 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:26:01.0255 8648 amdkmdap - ok
14:26:01.0284 8648 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:26:01.0322 8648 AmdPPM - ok
14:26:01.0357 8648 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:26:01.0387 8648 amdsata - ok
14:26:01.0418 8648 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:26:01.0449 8648 amdsbs - ok
14:26:01.0467 8648 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:26:01.0478 8648 amdxata - ok
14:26:01.0522 8648 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
14:26:01.0558 8648 AMPPAL - ok
14:26:01.0564 8648 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
14:26:01.0578 8648 AMPPALP - ok
14:26:01.0671 8648 [ 576134E43169810B560F0BB6FDEE13F5 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
14:26:01.0707 8648 AMPPALR3 - ok
14:26:01.0752 8648 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:26:01.0887 8648 AppID - ok
14:26:01.0914 8648 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:26:01.0970 8648 AppIDSvc - ok
14:26:02.0023 8648 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
14:26:02.0077 8648 Appinfo - ok
14:26:02.0164 8648 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:26:02.0190 8648 Apple Mobile Device - ok
14:26:02.0255 8648 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
14:26:02.0285 8648 arc - ok
14:26:02.0304 8648 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:26:02.0317 8648 arcsas - ok
14:26:02.0336 8648 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:26:02.0381 8648 AsyncMac - ok
14:26:02.0414 8648 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:26:02.0436 8648 atapi - ok
14:26:02.0491 8648 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:26:02.0539 8648 AudioEndpointBuilder - ok
14:26:02.0547 8648 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:26:02.0579 8648 AudioSrv - ok
14:26:02.0613 8648 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:26:02.0713 8648 AxInstSV - ok
14:26:02.0771 8648 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:26:02.0812 8648 b06bdrv - ok
14:26:02.0864 8648 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:26:02.0914 8648 b57nd60a - ok
14:26:02.0977 8648 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
14:26:03.0009 8648 BBSvc - ok
14:26:03.0061 8648 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
14:26:03.0101 8648 BCM43XX - ok
14:26:03.0142 8648 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:26:03.0183 8648 BDESVC - ok
14:26:03.0220 8648 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:26:03.0296 8648 Beep - ok
14:26:03.0346 8648 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:26:03.0413 8648 BFE - ok
14:26:03.0601 8648 [ 6E10DB69DB1AA96207F4B14B18FF12F8 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\BASHDefs\20130715.001\BHDrvx64.sys
14:26:03.0646 8648 BHDrvx64 - ok
14:26:03.0683 8648 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
14:26:03.0741 8648 BITS - ok
14:26:03.0775 8648 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
14:26:03.0814 8648 blbdrive - ok
14:26:03.0903 8648 [ C440483A5CE0E0AB03A79A33ACE35D91 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
14:26:03.0954 8648 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning
14:26:03.0954 8648 Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1)
14:26:04.0000 8648 [ C8AB8CA3557CCE041AC4C88E76AFBAD0 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
14:26:04.0045 8648 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning
14:26:04.0045 8648 Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1)
14:26:04.0103 8648 [ DF83FB0EB35C91339F1C84C6CF426100 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
14:26:04.0154 8648 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - warning
14:26:04.0154 8648 Bluetooth OBEX Service - detected UnsignedFile.Multi.Generic (1)
14:26:04.0186 8648 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:26:04.0209 8648 Bonjour Service - ok
14:26:04.0239 8648 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:26:04.0300 8648 bowser - ok
14:26:04.0335 8648 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:26:04.0380 8648 BrFiltLo - ok
14:26:04.0400 8648 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:26:04.0418 8648 BrFiltUp - ok
14:26:04.0470 8648 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:26:04.0535 8648 BridgeMP - ok
14:26:04.0576 8648 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:26:04.0618 8648 Browser - ok
14:26:04.0651 8648 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:26:04.0705 8648 Brserid - ok
14:26:04.0735 8648 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:26:04.0774 8648 BrSerWdm - ok
14:26:04.0800 8648 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:26:04.0847 8648 BrUsbMdm - ok
14:26:04.0858 8648 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:26:04.0885 8648 BrUsbSer - ok
14:26:04.0923 8648 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:26:04.0988 8648 BthEnum - ok
14:26:05.0026 8648 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:26:05.0086 8648 BTHMODEM - ok
14:26:05.0130 8648 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:26:05.0168 8648 BthPan - ok
14:26:05.0214 8648 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:26:05.0271 8648 BTHPORT - ok
14:26:05.0315 8648 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:26:05.0373 8648 bthserv - ok
14:26:05.0421 8648 [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
14:26:05.0446 8648 BTHSSecurityMgr - ok
14:26:05.0470 8648 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:26:05.0507 8648 BTHUSB - ok
14:26:05.0549 8648 [ 8652C1572157BFA7E86EE41CB729EB46 ] btmaudio C:\Windows\system32\drivers\btmaud.sys
14:26:05.0567 8648 btmaudio - ok
14:26:05.0599 8648 [ BA554BFCBF21201D310738A42C9C19E1 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
14:26:05.0616 8648 btmaux - ok
14:26:05.0658 8648 [ 40C6FEC49D1CC4D112368A2BCD2BCBB7 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
14:26:05.0724 8648 btmhsf - ok
14:26:05.0762 8648 [ BA9B165F0B0F91C09542BCE06463EB2C ] BYPUSB C:\Windows\system32\Drivers\BYPUSB.sys
14:26:05.0805 8648 BYPUSB - ok
14:26:05.0851 8648 catchme - ok
14:26:05.0940 8648 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys
14:26:05.0966 8648 ccSet_NIS - ok
14:26:05.0998 8648 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:26:06.0046 8648 cdfs - ok
14:26:06.0072 8648 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:26:06.0090 8648 cdrom - ok
14:26:06.0125 8648 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:26:06.0193 8648 CertPropSvc - ok
14:26:06.0217 8648 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:26:06.0244 8648 circlass - ok
14:26:06.0299 8648 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:26:06.0339 8648 CLFS - ok
14:26:06.0439 8648 [ 0CAE9EE567832A37AC397AA0E285327F ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
14:26:06.0474 8648 CLKMSVC10_38F51D56 - ok
14:26:06.0544 8648 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:26:06.0565 8648 clr_optimization_v2.0.50727_32 - ok
14:26:06.0612 8648 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:26:06.0638 8648 clr_optimization_v2.0.50727_64 - ok
14:26:06.0699 8648 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:26:06.0721 8648 clr_optimization_v4.0.30319_32 - ok
14:26:06.0777 8648 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:26:06.0787 8648 clr_optimization_v4.0.30319_64 - ok
14:26:06.0832 8648 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
14:26:06.0842 8648 clwvd - ok
14:26:06.0878 8648 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:26:06.0901 8648 CmBatt - ok
14:26:06.0921 8648 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:26:06.0931 8648 cmdide - ok
14:26:06.0970 8648 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
14:26:07.0020 8648 CNG - ok
14:26:07.0063 8648 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:26:07.0072 8648 Compbatt - ok
14:26:07.0100 8648 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:26:07.0147 8648 CompositeBus - ok
14:26:07.0160 8648 COMSysApp - ok
14:26:07.0191 8648 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:26:07.0200 8648 crcdisk - ok
14:26:07.0232 8648 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:26:07.0268 8648 CryptSvc - ok
14:26:07.0327 8648 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:26:07.0394 8648 DcomLaunch - ok
14:26:07.0434 8648 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:26:07.0482 8648 defragsvc - ok
14:26:07.0515 8648 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:26:07.0562 8648 DfsC - ok
14:26:07.0595 8648 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:26:07.0625 8648 Dhcp - ok
14:26:07.0647 8648 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:26:07.0694 8648 discache - ok
14:26:07.0733 8648 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
14:26:07.0742 8648 Disk - ok
14:26:07.0767 8648 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:26:07.0804 8648 Dnscache - ok
14:26:07.0845 8648 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:26:07.0928 8648 dot3svc - ok
14:26:07.0961 8648 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
14:26:08.0013 8648 Dot4 - ok
14:26:08.0057 8648 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:26:08.0093 8648 Dot4Print - ok
14:26:08.0108 8648 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
14:26:08.0143 8648 dot4usb - ok
14:26:08.0175 8648 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:26:08.0227 8648 DPS - ok
14:26:08.0267 8648 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:26:08.0285 8648 drmkaud - ok
14:26:08.0315 8648 [ 1A986E433B8EB2375F55961D993746B3 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:26:08.0340 8648 DXGKrnl - ok
14:26:08.0381 8648 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:26:08.0422 8648 EapHost - ok
14:26:08.0497 8648 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:26:08.0548 8648 ebdrv - ok
14:26:08.0617 8648 [ 42CD593270E9E92400FCBC0C5F1FA3BA ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:26:08.0639 8648 eeCtrl - ok
14:26:08.0679 8648 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:26:08.0699 8648 EFS - ok
14:26:08.0771 8648 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:26:08.0809 8648 ehRecvr - ok
14:26:08.0838 8648 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:26:08.0862 8648 ehSched - ok
14:26:08.0914 8648 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:26:08.0931 8648 elxstor - ok
14:26:09.0011 8648 [ 0E736E4C9C4F48453D8137CA641354F7 ] EraserUtilDrv11310 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys
14:26:09.0021 8648 EraserUtilDrv11310 - ok
14:26:09.0065 8648 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:26:09.0076 8648 EraserUtilRebootDrv - ok
14:26:09.0100 8648 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:26:09.0126 8648 ErrDev - ok
14:26:09.0160 8648 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:26:09.0205 8648 EventSystem - ok
14:26:09.0285 8648 EvtEng - ok
14:26:09.0323 8648 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:26:09.0377 8648 exfat - ok
14:26:09.0402 8648 ezSharedSvc - ok
14:26:09.0431 8648 Fabs - ok
14:26:09.0441 8648 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:26:09.0489 8648 fastfat - ok
14:26:09.0539 8648 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:26:09.0576 8648 Fax - ok
14:26:09.0627 8648 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
14:26:09.0650 8648 fdc - ok
14:26:09.0680 8648 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:26:09.0710 8648 fdPHost - ok
14:26:09.0738 8648 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:26:09.0781 8648 FDResPub - ok
14:26:09.0831 8648 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:26:09.0842 8648 FileInfo - ok
14:26:09.0852 8648 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:26:09.0881 8648 Filetrace - ok
14:26:09.0975 8648 [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
14:26:10.0028 8648 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
14:26:10.0028 8648 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
14:26:10.0067 8648 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:26:10.0078 8648 flpydisk - ok
14:26:10.0099 8648 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:26:10.0113 8648 FltMgr - ok
14:26:10.0144 8648 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:26:10.0182 8648 FontCache - ok
14:26:10.0231 8648 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:26:10.0239 8648 FontCache3.0.0.0 - ok
14:26:10.0304 8648 [ 6AA4E6B4EA50620AB622A048394C4AA2 ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
14:26:10.0315 8648 FPLService - ok
14:26:10.0343 8648 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:26:10.0352 8648 FsDepends - ok
14:26:10.0395 8648 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:26:10.0419 8648 Fs_Rec - ok
14:26:10.0466 8648 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:26:10.0485 8648 fvevol - ok
14:26:10.0527 8648 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:26:10.0539 8648 gagp30kx - ok
14:26:10.0596 8648 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
14:26:10.0615 8648 GamesAppService - ok
14:26:10.0647 8648 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:26:10.0655 8648 GEARAspiWDM - ok
14:26:10.0724 8648 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:26:10.0767 8648 gpsvc - ok
14:26:10.0792 8648 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:26:10.0814 8648 hcw85cir - ok
14:26:10.0843 8648 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:26:10.0860 8648 HdAudAddService - ok
14:26:10.0893 8648 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:26:10.0914 8648 HDAudBus - ok
14:26:10.0925 8648 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:26:10.0946 8648 HidBatt - ok
14:26:10.0972 8648 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:26:11.0016 8648 HidBth - ok
14:26:11.0048 8648 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:26:11.0061 8648 HidIr - ok
14:26:11.0086 8648 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
14:26:11.0124 8648 hidserv - ok
14:26:11.0149 8648 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:26:11.0160 8648 HidUsb - ok
14:26:11.0184 8648 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:26:11.0231 8648 hkmsvc - ok
14:26:11.0259 8648 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:26:11.0280 8648 HomeGroupListener - ok
14:26:11.0310 8648 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:26:11.0335 8648 HomeGroupProvider - ok
14:26:11.0438 8648 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:26:11.0464 8648 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
14:26:11.0464 8648 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
14:26:11.0535 8648 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
14:26:11.0563 8648 HPClientSvc - ok
14:26:11.0625 8648 [ E040F0064D39F73BB4995D494F3DCBB8 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
14:26:11.0660 8648 hpCMSrv - ok
14:26:11.0681 8648 [ BDFE112FA2F3422842E83DA631065B37 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
14:26:11.0689 8648 hpdskflt - ok
14:26:11.0815 8648 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
14:26:11.0842 8648 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
14:26:11.0843 8648 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
14:26:11.0902 8648 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
14:26:11.0928 8648 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
14:26:11.0928 8648 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
14:26:11.0993 8648 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
14:26:12.0025 8648 hpqwmiex - ok
14:26:12.0050 8648 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:26:12.0059 8648 HpSAMD - ok
14:26:12.0081 8648 [ A92D6DE158BC0671D9336580F6414044 ] hpsrv C:\Windows\system32\Hpservice.exe
14:26:12.0090 8648 hpsrv - ok
14:26:12.0154 8648 [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
14:26:12.0177 8648 HPWMISVC - ok
14:26:12.0232 8648 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:26:12.0294 8648 HTTP - ok
14:26:12.0303 8648 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:26:12.0312 8648 hwpolicy - ok
14:26:12.0359 8648 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:26:12.0370 8648 i8042prt - ok
14:26:12.0412 8648 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:26:12.0428 8648 iaStor - ok
14:26:12.0492 8648 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:26:12.0511 8648 IAStorDataMgrSvc - ok
14:26:12.0551 8648 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:26:12.0571 8648 iaStorV - ok
14:26:12.0602 8648 [ FC47F5CF561BF0FD897EFD1A9604DCCF ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
14:26:12.0629 8648 iBtFltCoex - ok
14:26:12.0730 8648 [ D72BF0AE484F88399E8343E821C10D6A ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
14:26:12.0779 8648 IconMan_R ( UnsignedFile.Multi.Generic ) - warning
14:26:12.0779 8648 IconMan_R - detected UnsignedFile.Multi.Generic (1)
14:26:12.0845 8648 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:26:12.0875 8648 idsvc - ok
14:26:12.0938 8648 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\IPSDefs\20130813.001\IDSvia64.sys
14:26:12.0965 8648 IDSVia64 - ok
14:26:12.0994 8648 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:26:13.0015 8648 iirsp - ok
14:26:13.0048 8648 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:26:13.0113 8648 IKEEXT - ok
14:26:13.0138 8648 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
14:26:13.0148 8648 intaud_WaveExtensible - ok
14:26:13.0176 8648 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:26:13.0198 8648 IntcDAud - ok
14:26:13.0233 8648 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:26:13.0243 8648 intelide - ok
14:26:13.0492 8648 [ 6383899C5F964D71B0F96B81FBE59BB8 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
14:26:13.0780 8648 intelkmd - ok
14:26:13.0813 8648 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:26:13.0833 8648 intelppm - ok
14:26:13.0865 8648 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:26:13.0927 8648 IPBusEnum - ok
14:26:13.0952 8648 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:26:13.0979 8648 IpFilterDriver - ok
14:26:14.0031 8648 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:26:14.0089 8648 iphlpsvc - ok
14:26:14.0115 8648 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:26:14.0142 8648 IPMIDRV - ok
14:26:14.0168 8648 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:26:14.0229 8648 IPNAT - ok
14:26:14.0293 8648 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:26:14.0328 8648 iPod Service - ok
14:26:14.0362 8648 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:26:14.0381 8648 IRENUM - ok
14:26:14.0419 8648 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:26:14.0432 8648 isapnp - ok
14:26:14.0461 8648 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:26:14.0496 8648 iScsiPrt - ok
14:26:14.0531 8648 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
14:26:14.0557 8648 iwdbus - ok
14:26:14.0577 8648 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:26:14.0592 8648 kbdclass - ok
14:26:14.0634 8648 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:26:14.0680 8648 kbdhid - ok
14:26:14.0712 8648 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:26:14.0730 8648 KeyIso - ok
14:26:14.0755 8648 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:26:14.0765 8648 KSecDD - ok
14:26:14.0787 8648 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:26:14.0798 8648 KSecPkg - ok
14:26:14.0816 8648 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:26:14.0861 8648 ksthunk - ok
14:26:14.0903 8648 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:26:14.0966 8648 KtmRm - ok
14:26:15.0001 8648 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:26:15.0071 8648 LanmanServer - ok
14:26:15.0095 8648 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:26:15.0135 8648 LanmanWorkstation - ok
14:26:15.0171 8648 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:26:15.0231 8648 lltdio - ok
14:26:15.0262 8648 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:26:15.0306 8648 lltdsvc - ok
14:26:15.0328 8648 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:26:15.0366 8648 lmhosts - ok
14:26:15.0426 8648 [ 519D66259DF1672AABCE9D2E0ACC5552 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:26:15.0451 8648 LMS - ok
14:26:15.0491 8648 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:26:15.0518 8648 LSI_FC - ok
14:26:15.0554 8648 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:26:15.0580 8648 LSI_SAS - ok
14:26:15.0607 8648 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:26:15.0633 8648 LSI_SAS2 - ok
14:26:15.0646 8648 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:26:15.0656 8648 LSI_SCSI - ok
14:26:15.0693 8648 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:26:15.0760 8648 luafv - ok
14:26:15.0813 8648 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:26:15.0834 8648 MBAMProtector - ok
14:26:15.0900 8648 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:26:15.0936 8648 MBAMScheduler - ok
14:26:16.0005 8648 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:26:16.0039 8648 MBAMService - ok
14:26:16.0063 8648 mbamswissarmy - ok
14:26:16.0148 8648 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
14:26:16.0172 8648 McComponentHostService - ok
14:26:16.0243 8648 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:26:16.0287 8648 Mcx2Svc - ok
14:26:16.0312 8648 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
14:26:16.0328 8648 megasas - ok
14:26:16.0356 8648 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:26:16.0375 8648 MegaSR - ok
14:26:16.0431 8648 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:26:16.0444 8648 MEIx64 - ok
14:26:16.0500 8648 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:26:16.0512 8648 Microsoft Office Groove Audit Service - ok
14:26:16.0529 8648 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:26:16.0584 8648 MMCSS - ok
14:26:16.0609 8648 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:26:16.0654 8648 Modem - ok
14:26:16.0682 8648 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:26:16.0722 8648 monitor - ok
14:26:16.0764 8648 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:26:16.0780 8648 mouclass - ok
14:26:16.0789 8648 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:26:16.0807 8648 mouhid - ok
14:26:16.0828 8648 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:26:16.0837 8648 mountmgr - ok
14:26:16.0911 8648 [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:26:16.0936 8648 MozillaMaintenance - ok
14:26:16.0973 8648 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:26:16.0997 8648 mpio - ok
14:26:17.0019 8648 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:26:17.0061 8648 mpsdrv - ok
14:26:17.0097 8648 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:26:17.0142 8648 MpsSvc - ok
14:26:17.0153 8648 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:26:17.0176 8648 MRxDAV - ok
14:26:17.0209 8648 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:26:17.0264 8648 mrxsmb - ok
14:26:17.0286 8648 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:26:17.0319 8648 mrxsmb10 - ok
14:26:17.0350 8648 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:26:17.0360 8648 mrxsmb20 - ok
14:26:17.0384 8648 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:26:17.0393 8648 msahci - ok
14:26:17.0409 8648 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:26:17.0419 8648 msdsm - ok
14:26:17.0452 8648 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:26:17.0471 8648 MSDTC - ok
14:26:17.0511 8648 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:26:17.0538 8648 Msfs - ok
14:26:17.0561 8648 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:26:17.0602 8648 mshidkmdf - ok
14:26:17.0621 8648 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:26:17.0630 8648 msisadrv - ok
14:26:17.0652 8648 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:26:17.0740 8648 MSiSCSI - ok
14:26:17.0742 8648 msiserver - ok
14:26:17.0775 8648 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:26:17.0811 8648 MSKSSRV - ok
14:26:17.0827 8648 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:26:17.0869 8648 MSPCLOCK - ok
14:26:17.0881 8648 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:26:17.0917 8648 MSPQM - ok
14:26:17.0955 8648 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:26:17.0981 8648 MsRPC - ok
14:26:18.0000 8648 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:26:18.0009 8648 mssmbios - ok
14:26:18.0030 8648 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:26:18.0069 8648 MSTEE - ok
14:26:18.0103 8648 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:26:18.0113 8648 MTConfig - ok
14:26:18.0131 8648 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:26:18.0140 8648 Mup - ok
14:26:18.0142 8648 MyWiFiDHCPDNS - ok
14:26:18.0164 8648 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:26:18.0210 8648 napagent - ok
14:26:18.0269 8648 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:26:18.0308 8648 NativeWifiP - ok
14:26:18.0385 8648 [ 56540E526B46E379A476FB5BC381B290 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20130819.023\ENG64.SYS
14:26:18.0409 8648 NAVENG - ok
14:26:18.0460 8648 [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20130819.023\EX64.SYS
14:26:18.0503 8648 NAVEX15 - ok
14:26:18.0563 8648 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:26:18.0601 8648 NDIS - ok
14:26:18.0629 8648 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:26:18.0694 8648 NdisCap - ok
14:26:18.0734 8648 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:26:18.0795 8648 NdisTapi - ok
14:26:18.0802 8648 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:26:18.0838 8648 Ndisuio - ok
14:26:18.0851 8648 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:26:18.0888 8648 NdisWan - ok
14:26:18.0900 8648 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:26:18.0934 8648 NDProxy - ok
14:26:18.0985 8648 [ 0FF3C6AA3E0FE0EB316DF5449B569463 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
14:26:19.0008 8648 Nero BackItUp Scheduler 4.0 - ok
14:26:19.0050 8648 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:26:19.0072 8648 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:26:19.0072 8648 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:26:19.0107 8648 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
14:26:19.0140 8648 Netaapl - ok
14:26:19.0166 8648 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:26:19.0211 8648 NetBIOS - ok
14:26:19.0230 8648 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:26:19.0262 8648 NetBT - ok
14:26:19.0280 8648 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:26:19.0291 8648 Netlogon - ok
14:26:19.0334 8648 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:26:19.0420 8648 Netman - ok
14:26:19.0440 8648 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:26:19.0484 8648 netprofm - ok
14:26:19.0513 8648 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:26:19.0522 8648 NetTcpPortSharing - ok
14:26:19.0759 8648 [ FAD6C5610D020534401966CD72A1C306 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
14:26:20.0016 8648 NETwNs64 - ok
14:26:20.0053 8648 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:26:20.0063 8648 nfrd960 - ok
14:26:20.0140 8648 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
14:26:20.0165 8648 NIS - ok
14:26:20.0200 8648 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:26:20.0235 8648 NlaSvc - ok
14:26:20.0251 8648 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:26:20.0297 8648 Npfs - ok
14:26:20.0325 8648 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:26:20.0355 8648 nsi - ok
14:26:20.0359 8648 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:26:20.0399 8648 nsiproxy - ok
14:26:20.0473 8648 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:26:20.0524 8648 Ntfs - ok
14:26:20.0546 8648 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:26:20.0574 8648 Null - ok
14:26:20.0600 8648 [ 9A33100AC62A0463C49E47EE8E77083A ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
14:26:20.0646 8648 nusb3hub - ok
14:26:20.0686 8648 [ 87C321F7BEE646B7EC6EEDD6EB725741 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
14:26:20.0731 8648 nusb3xhc - ok
14:26:20.0774 8648 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
14:26:20.0819 8648 NVENETFD - ok
14:26:20.0842 8648 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:26:20.0860 8648 nvraid - ok
14:26:20.0874 8648 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:26:20.0892 8648 nvstor - ok
14:26:20.0928 8648 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:26:20.0940 8648 nv_agp - ok
14:26:21.0022 8648 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:26:21.0058 8648 odserv - ok
14:26:21.0086 8648 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:26:21.0100 8648 ohci1394 - ok
14:26:21.0125 8648 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:26:21.0149 8648 ose - ok
14:26:21.0195 8648 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:26:21.0241 8648 p2pimsvc - ok
14:26:21.0263 8648 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:26:21.0289 8648 p2psvc - ok
14:26:21.0322 8648 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
14:26:21.0353 8648 Parport - ok
14:26:21.0370 8648 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:26:21.0387 8648 partmgr - ok
14:26:21.0419 8648 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:26:21.0458 8648 PcaSvc - ok
14:26:21.0470 8648 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:26:21.0480 8648 pci - ok
14:26:21.0497 8648 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:26:21.0505 8648 pciide - ok
14:26:21.0535 8648 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:26:21.0546 8648 pcmcia - ok
14:26:21.0558 8648 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:26:21.0566 8648 pcw - ok
14:26:21.0584 8648 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:26:21.0634 8648 PEAUTH - ok
14:26:21.0717 8648 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:26:21.0776 8648 PerfHost - ok
14:26:21.0838 8648 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:26:21.0914 8648 pla - ok
14:26:21.0971 8648 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:26:22.0015 8648 PlugPlay - ok
14:26:22.0058 8648 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:26:22.0072 8648 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:26:22.0072 8648 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:26:22.0091 8648 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:26:22.0110 8648 PNRPAutoReg - ok
14:26:22.0125 8648 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:26:22.0138 8648 PNRPsvc - ok
14:26:22.0172 8648 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:26:22.0235 8648 PolicyAgent - ok
14:26:22.0257 8648 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:26:22.0299 8648 Power - ok
14:26:22.0338 8648 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:26:22.0402 8648 PptpMiniport - ok
14:26:22.0435 8648 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
14:26:22.0464 8648 Processor - ok
14:26:22.0495 8648 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:26:22.0507 8648 ProfSvc - ok
14:26:22.0525 8648 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:26:22.0535 8648 ProtectedStorage - ok
14:26:22.0564 8648 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:26:22.0608 8648 Psched - ok
14:26:22.0678 8648 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:26:22.0717 8648 ql2300 - ok
14:26:22.0729 8648 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:26:22.0739 8648 ql40xx - ok
14:26:22.0767 8648 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:26:22.0784 8648 QWAVE - ok
14:26:22.0813 8648 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:26:22.0842 8648 QWAVEdrv - ok
14:26:22.0861 8648 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:26:22.0933 8648 RasAcd - ok
14:26:22.0956 8648 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:26:22.0985 8648 RasAgileVpn - ok
14:26:23.0006 8648 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:26:23.0062 8648 RasAuto - ok
14:26:23.0082 8648 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:26:23.0118 8648 Rasl2tp - ok
14:26:23.0143 8648 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:26:23.0174 8648 RasMan - ok
14:26:23.0208 8648 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:26:23.0246 8648 RasPppoe - ok
14:26:23.0271 8648 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:26:23.0332 8648 RasSstp - ok
14:26:23.0353 8648 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:26:23.0396 8648 rdbss - ok
14:26:23.0405 8648 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
14:26:23.0425 8648 rdpbus - ok
14:26:23.0470 8648 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:26:23.0535 8648 RDPCDD - ok
14:26:23.0558 8648 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:26:23.0599 8648 RDPENCDD - ok
14:26:23.0616 8648 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:26:23.0644 8648 RDPREFMP - ok
14:26:23.0715 8648 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:26:23.0748 8648 RdpVideoMiniport - ok
14:26:23.0772 8648 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:26:23.0785 8648 RDPWD - ok
14:26:23.0827 8648 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:26:23.0841 8648 rdyboost - ok
14:26:23.0896 8648 RegSrvc - ok
14:26:23.0913 8648 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:26:23.0954 8648 RemoteAccess - ok
14:26:23.0976 8648 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:26:24.0021 8648 RemoteRegistry - ok
14:26:24.0074 8648 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:26:24.0130 8648 RFCOMM - ok
14:26:24.0155 8648 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:26:24.0212 8648 RpcEptMapper - ok
14:26:24.0236 8648 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:26:24.0247 8648 RpcLocator - ok
14:26:24.0269 8648 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:26:24.0301 8648 RpcSs - ok
14:26:24.0351 8648 [ 1F5E7AF59B390261A85F5BEDB1BB88B3 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
14:26:24.0375 8648 RSPCIESTOR - ok
14:26:24.0402 8648 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:26:24.0445 8648 rspndr - ok
14:26:24.0472 8648 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:26:24.0486 8648 RTL8167 - ok
14:26:24.0492 8648 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:26:24.0501 8648 SamSs - ok
14:26:24.0523 8648 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:26:24.0533 8648 sbp2port - ok
14:26:24.0556 8648 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:26:24.0586 8648 SCardSvr - ok
14:26:24.0598 8648 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:26:24.0639 8648 scfilter - ok
14:26:24.0680 8648 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:26:24.0725 8648 Schedule - ok
14:26:24.0750 8648 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:26:24.0777 8648 SCPolicySvc - ok
14:26:24.0799 8648 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
14:26:24.0823 8648 sdbus - ok
14:26:24.0843 8648 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:26:24.0867 8648 SDRSVC - ok
14:26:24.0924 8648 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
14:26:24.0962 8648 SeaPort - ok
14:26:25.0002 8648 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:26:25.0068 8648 secdrv - ok
14:26:25.0084 8648 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:26:25.0127 8648 seclogon - ok
14:26:25.0144 8648 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
14:26:25.0179 8648 SENS - ok
14:26:25.0199 8648 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:26:25.0218 8648 SensrSvc - ok
14:26:25.0246 8648 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
14:26:25.0265 8648 Serenum - ok
14:26:25.0277 8648 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
14:26:25.0294 8648 Serial - ok
14:26:25.0310 8648 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:26:25.0325 8648 sermouse - ok
14:26:25.0356 8648 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:26:25.0421 8648 SessionEnv - ok
14:26:25.0450 8648 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:26:25.0470 8648 sffdisk - ok
14:26:25.0480 8648 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:26:25.0500 8648 sffp_mmc - ok
14:26:25.0511 8648 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:26:25.0538 8648 sffp_sd - ok
14:26:25.0562 8648 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:26:25.0573 8648 sfloppy - ok
14:26:25.0598 8648 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:26:25.0637 8648 SharedAccess - ok
14:26:25.0669 8648 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:26:25.0717 8648 ShellHWDetection - ok
14:26:25.0760 8648 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:26:25.0784 8648 SiSRaid2 - ok
14:26:25.0809 8648 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:26:25.0829 8648 SiSRaid4 - ok
14:26:25.0876 8648 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:26:25.0895 8648 SkypeUpdate - ok
14:26:25.0925 8648 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:26:25.0959 8648 Smb - ok
14:26:25.0988 8648 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:26:26.0010 8648 SNMPTRAP - ok
14:26:26.0023 8648 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:26:26.0032 8648 spldr - ok
14:26:26.0056 8648 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:26:26.0070 8648 Spooler - ok
14:26:26.0132 8648 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:26:26.0205 8648 sppsvc - ok
14:26:26.0232 8648 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:26:26.0260 8648 sppuinotify - ok
14:26:26.0336 8648 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS
14:26:26.0370 8648 SRTSP - ok
14:26:26.0386 8648 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS
14:26:26.0394 8648 SRTSPX - ok
14:26:26.0427 8648 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:26:26.0454 8648 srv - ok
14:26:26.0515 8648 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:26:26.0558 8648 srv2 - ok
14:26:26.0607 8648 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:26:26.0641 8648 SrvHsfHDA - ok
14:26:26.0697 8648 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:26:26.0749 8648 SrvHsfV92 - ok
14:26:26.0776 8648 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:26:26.0794 8648 SrvHsfWinac - ok
14:26:26.0808 8648 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:26:26.0819 8648 srvnet - ok
14:26:26.0843 8648 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:26:26.0885 8648 SSDPSRV - ok
14:26:26.0905 8648 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:26:26.0934 8648 SstpSvc - ok
14:26:27.0014 8648 [ D30FE3ECF1D6D521365FAE307B500BC0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
14:26:27.0077 8648 STacSV - ok
14:26:27.0100 8648 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:26:27.0122 8648 stexstor - ok
14:26:27.0172 8648 [ 6F69D75F50E8FAF1003AA6CFB18B91EC ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
14:26:27.0218 8648 STHDA - ok
14:26:27.0253 8648 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
14:26:27.0284 8648 StillCam - ok
14:26:27.0334 8648 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:26:27.0371 8648 stisvc - ok
14:26:27.0392 8648 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:26:27.0401 8648 swenum - ok
14:26:27.0426 8648 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:26:27.0471 8648 swprv - ok
14:26:27.0498 8648 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS
14:26:27.0513 8648 SymDS - ok
14:26:27.0576 8648 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS
14:26:27.0619 8648 SymEFA - ok
14:26:27.0649 8648 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
14:26:27.0661 8648 SymEvent - ok
14:26:27.0692 8648 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS
14:26:27.0720 8648 SymIRON - ok
14:26:27.0746 8648 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS
14:26:27.0766 8648 SymNetS - ok
14:26:27.0808 8648 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:26:27.0827 8648 SynTP - ok
14:26:27.0900 8648 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:26:27.0954 8648 SysMain - ok
14:26:27.0964 8648 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:26:27.0992 8648 TabletInputService - ok
14:26:28.0013 8648 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:26:28.0044 8648 TapiSrv - ok
14:26:28.0083 8648 [ 048CFE7569D6ADCAB9349BB1A566A79E ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
14:26:28.0100 8648 tbhsd - ok
14:26:28.0120 8648 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:26:28.0186 8648 TBS - ok
14:26:28.0266 8648 [ DB74544B75566C974815E79A62433F29 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:26:28.0313 8648 Tcpip - ok
14:26:28.0345 8648 [ DB74544B75566C974815E79A62433F29 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:26:28.0374 8648 TCPIP6 - ok
14:26:28.0405 8648 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:26:28.0415 8648 tcpipreg - ok
14:26:28.0439 8648 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:26:28.0477 8648 TDPIPE - ok
14:26:28.0503 8648 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:26:28.0519 8648 TDTCP - ok
14:26:28.0537 8648 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:26:28.0576 8648 tdx - ok
14:26:28.0684 8648 [ 0F0FEDEB1BEF118CF676B1E5BBB0FE9A ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
14:26:28.0733 8648 TeamViewer6 - ok
14:26:28.0750 8648 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:26:28.0759 8648 TermDD - ok
14:26:28.0790 8648 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:26:28.0821 8648 TermService - ok
14:26:28.0837 8648 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:26:28.0851 8648 Themes - ok
14:26:28.0875 8648 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:26:28.0903 8648 THREADORDER - ok
14:26:28.0924 8648 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:26:28.0964 8648 TrkWks - ok
14:26:29.0004 8648 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:26:29.0033 8648 TrustedInstaller - ok
14:26:29.0056 8648 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:26:29.0066 8648 tssecsrv - ok
14:26:29.0112 8648 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:26:29.0159 8648 TsUsbFlt - ok
14:26:29.0197 8648 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:26:29.0227 8648 TsUsbGD - ok
14:26:29.0276 8648 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:26:29.0328 8648 tunnel - ok
14:26:29.0357 8648 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:26:29.0367 8648 uagp35 - ok
14:26:29.0386 8648 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:26:29.0427 8648 udfs - ok
14:26:29.0452 8648 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:26:29.0463 8648 UI0Detect - ok
14:26:29.0485 8648 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:26:29.0494 8648 uliagpkx - ok
14:26:29.0520 8648 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:26:29.0554 8648 umbus - ok
14:26:29.0582 8648 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
14:26:29.0612 8648 UmPass - ok
14:26:29.0730 8648 [ 1B71370AEC1115F80D9A4A209317C968 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:26:29.0781 8648 UNS - ok
14:26:29.0807 8648 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:26:29.0854 8648 upnphost - ok
14:26:29.0896 8648 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:26:29.0919 8648 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
14:26:29.0919 8648 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
14:26:29.0955 8648 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:26:29.0979 8648 usbccgp - ok
14:26:30.0013 8648 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:26:30.0040 8648 usbcir - ok
14:26:30.0064 8648 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:26:30.0084 8648 usbehci - ok
14:26:30.0133 8648 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:26:30.0172 8648 usbhub - ok
14:26:30.0203 8648 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:26:30.0246 8648 usbohci - ok
14:26:30.0273 8648 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:26:30.0322 8648 usbprint - ok
14:26:30.0361 8648 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:26:30.0392 8648 usbscan - ok
14:26:30.0428 8648 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:26:30.0476 8648 USBSTOR - ok
14:26:30.0512 8648 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:26:30.0541 8648 usbuhci - ok
14:26:30.0562 8648 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:26:30.0587 8648 usbvideo - ok
14:26:30.0614 8648 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:26:30.0683 8648 UxSms - ok
14:26:30.0703 8648 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:26:30.0713 8648 VaultSvc - ok
14:26:30.0738 8648 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:26:30.0751 8648 vdrvroot - ok
14:26:30.0773 8648 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:26:30.0826 8648 vds - ok
14:26:30.0857 8648 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:26:30.0869 8648 vga - ok
14:26:30.0878 8648 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:26:30.0905 8648 VgaSave - ok
14:26:30.0938 8648 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:26:30.0969 8648 vhdmp - ok
14:26:30.0983 8648 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:26:30.0994 8648 viaide - ok
14:26:31.0024 8648 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:26:31.0051 8648 volmgr - ok
14:26:31.0075 8648 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:26:31.0094 8648 volmgrx - ok
14:26:31.0130 8648 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:26:31.0147 8648 volsnap - ok
14:26:31.0175 8648 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:26:31.0189 8648 vsmraid - ok
14:26:31.0238 8648 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:26:31.0290 8648 VSS - ok
14:26:31.0306 8648 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:26:31.0355 8648 vwifibus - ok
14:26:31.0385 8648 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:26:31.0436 8648 vwififlt - ok
14:26:31.0461 8648 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:26:31.0478 8648 vwifimp - ok
14:26:31.0513 8648 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:26:31.0566 8648 W32Time - ok
14:26:31.0576 8648 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:26:31.0613 8648 WacomPen - ok
14:26:31.0653 8648 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:26:31.0717 8648 WANARP - ok
14:26:31.0736 8648 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:26:31.0763 8648 Wanarpv6 - ok
14:26:31.0827 8648 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:26:31.0870 8648 wbengine - ok
14:26:31.0889 8648 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:26:31.0905 8648 WbioSrvc - ok
14:26:31.0924 8648 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:26:31.0957 8648 wcncsvc - ok
14:26:31.0981 8648 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:26:32.0001 8648 WcsPlugInService - ok
14:26:32.0036 8648 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
14:26:32.0044 8648 Wd - ok
14:26:32.0099 8648 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:26:32.0140 8648 Wdf01000 - ok
14:26:32.0158 8648 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:26:32.0173 8648 WdiServiceHost - ok
14:26:32.0175 8648 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:26:32.0189 8648 WdiSystemHost - ok
14:26:32.0204 8648 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:26:32.0233 8648 WebClient - ok
14:26:32.0246 8648 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:26:32.0281 8648 Wecsvc - ok
14:26:32.0304 8648 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:26:32.0332 8648 wercplsupport - ok
14:26:32.0361 8648 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:26:32.0388 8648 WerSvc - ok
14:26:32.0417 8648 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:26:32.0444 8648 WfpLwf - ok
14:26:32.0456 8648 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:26:32.0464 8648 WIMMount - ok
14:26:32.0483 8648 WinDefend - ok
14:26:32.0486 8648 WinHttpAutoProxySvc - ok
14:26:32.0545 8648 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:26:32.0594 8648 Winmgmt - ok
14:26:32.0645 8648 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:26:32.0697 8648 WinRM - ok
14:26:32.0751 8648 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
14:26:32.0771 8648 WinUsb - ok
14:26:32.0804 8648 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:26:32.0836 8648 Wlansvc - ok
14:26:32.0889 8648 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:26:32.0914 8648 wlcrasvc - ok
14:26:32.0993 8648 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:26:33.0034 8648 wlidsvc - ok
14:26:33.0069 8648 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:26:33.0109 8648 WmiAcpi - ok
14:26:33.0140 8648 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:26:33.0170 8648 wmiApSrv - ok
14:26:33.0226 8648 WMPNetworkSvc - ok
14:26:33.0248 8648 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:26:33.0277 8648 WPCSvc - ok
14:26:33.0294 8648 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:26:33.0312 8648 WPDBusEnum - ok
14:26:33.0332 8648 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:26:33.0370 8648 ws2ifsl - ok
14:26:33.0399 8648 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
14:26:33.0434 8648 wscsvc - ok
14:26:33.0436 8648 WSearch - ok
14:26:33.0518 8648 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:26:33.0560 8648 wuauserv - ok
14:26:33.0591 8648 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:26:33.0637 8648 WudfPf - ok
14:26:33.0659 8648 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:26:33.0689 8648 WUDFRd - ok
14:26:33.0725 8648 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:26:33.0761 8648 wudfsvc - ok
14:26:33.0788 8648 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:26:33.0817 8648 WwanSvc - ok
14:26:33.0854 8648 ZeroConfigService - ok
14:26:33.0883 8648 ================ Scan global ===============================
14:26:33.0907 8648 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:26:33.0939 8648 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:26:33.0954 8648 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:26:33.0988 8648 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:26:34.0017 8648 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:26:34.0023 8648 [Global] - ok
14:26:34.0024 8648 ================ Scan MBR ==================================
14:26:34.0032 8648 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:26:34.0998 8648 \Device\Harddisk0\DR0 - ok
14:26:35.0346 8648 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:26:36.0139 8648 \Device\Harddisk1\DR1 - ok
14:26:36.0147 8648 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
14:26:36.0262 8648 \Device\Harddisk2\DR2 - ok
14:26:36.0270 8648 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk3\DR3
14:26:36.0411 8648 \Device\Harddisk3\DR3 - ok
14:26:36.0882 8648 [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk4\DR4
14:26:37.0297 8648 \Device\Harddisk4\DR4 - ok
14:26:37.0535 8648 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR5
14:26:37.0689 8648 \Device\Harddisk5\DR5 - ok
14:26:37.0690 8648 ================ Scan VBR ==================================
14:26:37.0731 8648 [ B884ADD219BE4AD281661AD7FA0384CE ] \Device\Harddisk0\DR0\Partition1
14:26:37.0734 8648 \Device\Harddisk0\DR0\Partition1 - ok
14:26:37.0748 8648 [ 7079DCBFC33F018C4F52532AA90CCF09 ] \Device\Harddisk0\DR0\Partition2
14:26:37.0751 8648 \Device\Harddisk0\DR0\Partition2 - ok
14:26:37.0777 8648 [ 626C68954C68A94A04CC9E32331AD285 ] \Device\Harddisk0\DR0\Partition3
14:26:37.0780 8648 \Device\Harddisk0\DR0\Partition3 - ok
14:26:37.0793 8648 [ D042AE2CD6346415E402F5800AF63B6D ] \Device\Harddisk0\DR0\Partition4
14:26:37.0794 8648 \Device\Harddisk0\DR0\Partition4 - ok
14:26:37.0834 8648 [ 41D1710F4EE3D5AE9F002A20AB1CBD62 ] \Device\Harddisk1\DR1\Partition1
14:26:37.0837 8648 \Device\Harddisk1\DR1\Partition1 - ok
14:26:37.0845 8648 [ 0AE9953DCCC71044A41BED24076B8F6B ] \Device\Harddisk2\DR2\Partition1
14:26:37.0847 8648 \Device\Harddisk2\DR2\Partition1 - ok
14:26:37.0855 8648 [ DF267E919C871FFA2CA20F008FE6989F ] \Device\Harddisk3\DR3\Partition1
14:26:37.0857 8648 \Device\Harddisk3\DR3\Partition1 - ok
14:26:38.0142 8648 [ 87E3CAB46764878EA722A4F735D47AC7 ] \Device\Harddisk4\DR4\Partition1
14:26:38.0144 8648 \Device\Harddisk4\DR4\Partition1 - ok
14:26:38.0150 8648 [ A2CCDC432E819A8DD74EE9CC5B1F1E55 ] \Device\Harddisk5\DR5\Partition1
14:26:38.0151 8648 \Device\Harddisk5\DR5\Partition1 - ok
14:26:38.0154 8648 ============================================================
14:26:38.0154 8648 Scan finished
14:26:38.0154 8648 ============================================================
14:26:38.0170 7948 Detected object count: 12
14:26:38.0170 7948 Actual detected object count: 12
14:26:59.0393 7948 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:59.0393 7948 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:26:59.0396 7948 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:59.0396 7948 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:26:59.0398 7948 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:59.0398 7948 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:26:59.0400 7948 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:59.0400 7948 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:26:59.0403 7948 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:59.0403 7948 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:26:59.0405 7948 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:59.0405 7948 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:26:59.0407 7948 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:59.0407 7948 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:26:59.0408 7948 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:59.0408 7948 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:26:59.0409 7948 IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:59.0409 7948 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:26:59.0410 7948 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:59.0410 7948 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:26:59.0412 7948 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:59.0412 7948 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:26:59.0413 7948 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:59.0413 7948 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
20.08.2013, 13:32
| #73 |
| /// the machine /// TB-Ausbilder | Ordner vom USB Stick und Speicherkarten Ok. Alle Platten dran und Panda ist nochmal gelaufen? Dann jetzt ein frisches FRST log bitte. Haken setzen bei Additional, beide Logfiles posten.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.08.2013, 13:42
| #74 |
| | Ordner vom USB Stick und SpeicherkartenFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-08-2013 03
Ran by Samsunlu55 (administrator) on 20-08-2013 14:40:24
Running from C:\Users\Samsunlu55\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Andre Weinert) C:\Program Files (x86)\Terraniser\TerraService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(ScreenCapturer.com) C:\Program Files (x86)\Screen Capturer\ScreenCapturer.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\bin\HPNetworkCommunicator.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10355200 2011-01-24] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-05-23] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59280 2012-11-28] (Apple Inc.)
HKCU\...\Run: [TerraniserService] - C:\Program Files (x86)\Terraniser\TerraService.exe [1347584 2011-03-09] (Andre Weinert)
HKCU\...\Run: [HP Officejet 6700 (NET)] - C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2676584 2011-09-09] (Hewlett-Packard Co.)
HKCU\...\Run: [knjgffmqtl] - C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs [14267 2013-08-01] ()
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2013-05-23] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-02-15] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [TrayServer] - C:\PROGRA~2\MAGIX\VIDEO_~1\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2013-06-13] (cyberlink)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\knjgffmqtl..vbs ()
Startup: C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Screen Capturer.lnk
ShortcutTarget: Screen Capturer.lnk -> C:\Program Files (x86)\Screen Capturer\ScreenCapturer.exe (ScreenCapturer.com)
Startup: C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 6700 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 6700\bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {1BFA2E7D-697D-4755-AAB0-D63F34301B3E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Samsunlu55\AppData\Roaming\Mozilla\Firefox\Profiles\nwx8oe3y.default
FF NewTab: about:blank
FF SelectedSearchEngine: Google
FF Homepage: www.reptilien-grotte.de
FF Keyword.URL: hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Samsunlu55\AppData\Roaming\Mozilla\Firefox\Profiles\nwx8oe3y.default\Extensions\de_DE@dicts.j3e.de
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dfaldikcoaplhepekpbngkepfcoiihef] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-01-25] ()
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [244720 2012-02-08] (CyberLink)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
S2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [x]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [x]
S2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [x]
S2 ZeroConfigService; "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe" [x]
==================== Drivers (Whitelisted) ====================
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-07-15] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-07-15] (Symantec Corporation)
R3 BYPUSB; C:\Windows\System32\Drivers\BYPUSB.sys [50688 2010-10-08] (SNBC)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-20] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-20] (Symantec Corporation)
U3 EraserUtilDrv11310; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11310.sys [139864 2013-08-20] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-09] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\IPSDefs\20130813.001\IDSvia64.sys [513184 2013-08-01] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\IPSDefs\20130813.001\IDSvia64.sys [513184 2013-08-01] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20130819.023\ENG64.SYS [126040 2013-08-02] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20130819.023\ENG64.SYS [126040 2013-08-02] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20130819.023\EX64.SYS [2098776 2013-08-02] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.0.9\Definitions\VirusDefs\20130819.023\EX64.SYS [2098776 2013-08-02] (Symantec Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2012-03-29] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-05-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U4 mbamswissarmy;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-20 14:25 - 2013-08-20 14:25 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Samsunlu55\Desktop\tdsskiller.exe
2013-08-20 13:36 - 2013-08-20 13:36 - 00000000 ____D C:\Users\Samsunlu55\Desktop\mbar-1.06.1.1005
2013-08-20 12:41 - 2013-08-20 14:05 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-20 12:40 - 2013-08-20 14:05 - 00000000 ____D C:\Users\Samsunlu55\Desktop\mbar
2013-08-20 12:40 - 2013-08-20 12:40 - 12081912 _____ (Malwarebytes Corp.) C:\Users\Samsunlu55\Desktop\mbar-1.06.1.1005.exe
2013-08-19 11:04 - 2013-08-01 18:48 - 00014267 ___SH C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs
2013-08-17 10:54 - 2013-08-17 10:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 12:50 - 2013-08-16 12:50 - 00003128 _____ C:\Windows\System32\Tasks\PandaUSBVaccine
2013-08-16 12:50 - 2013-08-16 12:50 - 00000000 ____D C:\ProgramData\Panda Security
2013-08-16 12:50 - 2013-08-16 12:50 - 00000000 ____D C:\Program Files (x86)\Panda USB Vaccine
2013-08-15 20:11 - 2013-07-25 05:54 - 17830400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 20:11 - 2013-07-25 05:37 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 20:11 - 2013-07-25 05:35 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 20:11 - 2013-07-25 05:31 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 20:11 - 2013-07-25 05:30 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 20:11 - 2013-07-25 05:29 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-15 20:11 - 2013-07-25 05:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-15 20:11 - 2013-07-25 05:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-15 20:11 - 2013-07-25 05:28 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-15 20:11 - 2013-07-25 05:27 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 20:11 - 2013-07-25 05:27 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-15 20:11 - 2013-07-25 05:26 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 20:11 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 20:11 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 20:11 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 20:11 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 20:11 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 20:11 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-08-15 20:11 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-08-15 20:11 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-08-15 20:11 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-08-15 20:11 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 20:11 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 20:11 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-08-15 13:58 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 13:58 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 13:58 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 13:58 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 13:58 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 13:58 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 13:58 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 13:58 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 13:58 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 13:58 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 13:58 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 13:58 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 13:58 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 13:58 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 13:58 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 13:58 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 13:58 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 13:58 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 13:58 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 13:58 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 13:58 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 13:58 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 13:58 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 13:58 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 13:58 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 13:58 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 13:58 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-10 12:12 - 2013-08-10 12:12 - 00033741 _____ C:\ComboFix.txt
2013-08-10 11:59 - 2013-08-10 11:59 - 00003164 _____ C:\Windows\System32\Tasks\{D773B974-A8A2-4F43-8030-A089F124875E}
2013-08-07 10:15 - 2013-08-07 10:15 - 01527912 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-07 09:58 - 2013-08-07 09:58 - 00000000 ____D C:\Windows\ERUNT
2013-08-07 09:50 - 2013-08-07 09:51 - 00019887 _____ C:\AdwCleaner[S1].txt
2013-08-07 09:34 - 2013-08-07 09:34 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-07 09:34 - 2013-08-07 09:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-07 09:34 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-06 19:10 - 2013-08-06 18:39 - 02044928 _____ C:\Users\Samsunlu55\Desktop\sicherung20130806.crm
2013-08-06 19:09 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-06 19:09 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-06 19:09 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-06 19:09 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-06 19:07 - 2013-08-10 12:12 - 00000000 ____D C:\Qoobox
2013-08-06 19:07 - 2013-08-06 19:18 - 00000000 ____D C:\Windows\erdnt
2013-08-05 18:30 - 2013-08-19 11:01 - 00000000 ____D C:\FRST
2013-08-03 15:14 - 2012-07-26 06:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-08-03 15:14 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-08-03 15:14 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-08-03 15:14 - 2012-06-02 16:35 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-08-03 15:13 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-08-03 15:13 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-08-03 15:13 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-08-03 15:13 - 2012-08-23 16:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-08-03 15:13 - 2012-08-23 15:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-08-03 15:13 - 2012-08-23 15:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-08-03 15:13 - 2012-08-23 15:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-08-03 15:13 - 2012-08-23 15:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-08-03 15:13 - 2012-08-23 15:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-08-03 15:13 - 2012-08-23 15:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-08-03 15:13 - 2012-08-23 15:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-08-03 15:13 - 2012-08-23 15:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-08-03 15:13 - 2012-08-23 15:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-08-03 15:13 - 2012-08-23 14:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-08-03 15:13 - 2012-08-23 13:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-08-03 15:13 - 2012-08-23 13:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-08-03 15:13 - 2012-08-23 13:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-08-03 15:13 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-08-03 15:13 - 2012-08-23 12:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-08-03 15:13 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-08-03 15:13 - 2012-08-23 12:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-08-03 15:13 - 2012-08-23 12:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-08-03 15:13 - 2012-08-23 11:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-08-03 15:13 - 2012-08-23 10:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-08-03 15:13 - 2012-08-23 10:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-08-03 15:09 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-08-03 15:09 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-08-03 15:09 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-08-03 15:09 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-08-03 15:09 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-08-03 15:09 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-08-03 15:09 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-08-03 15:09 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-08-03 15:04 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-08-03 15:04 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-08-03 15:04 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2013-08-03 15:04 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2013-08-03 15:04 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-08-03 15:04 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-08-03 15:04 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2013-08-03 15:04 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2013-08-03 15:04 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-08-03 15:04 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-08-03 15:04 - 2012-11-30 07:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-08-03 15:04 - 2012-11-30 07:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-08-03 15:04 - 2012-11-30 07:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-08-03 15:04 - 2012-11-30 07:41 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-08-03 15:04 - 2012-11-30 07:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-08-03 15:04 - 2012-11-30 06:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 05:23 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-08-03 15:04 - 2012-11-30 04:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 04:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 04:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 04:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-08-03 15:04 - 2012-11-30 01:17 - 00420064 _____ C:\Windows\SysWOW64\locale.nls
2013-08-03 15:04 - 2012-11-30 01:15 - 00420064 _____ C:\Windows\system32\locale.nls
2013-08-03 15:04 - 2012-08-24 20:13 - 00154480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-08-03 15:04 - 2012-08-24 20:09 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-08-03 15:04 - 2012-08-24 20:05 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-08-03 15:04 - 2012-08-24 20:03 - 01448448 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-08-03 15:04 - 2012-08-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-08-03 15:04 - 2012-08-24 18:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-08-03 15:04 - 2012-08-24 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-08-03 15:03 - 2013-03-19 07:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-08-03 15:03 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-08-03 15:03 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-08-03 15:03 - 2012-11-22 07:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2013-08-03 15:03 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-08-03 15:03 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2013-08-03 15:03 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2013-08-03 15:03 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-08-03 15:03 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2013-08-03 15:03 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2013-08-03 15:03 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-08-03 15:03 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2013-08-03 15:03 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2013-08-03 15:03 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2013-08-03 15:03 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2013-08-03 15:03 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-08-03 14:49 - 2013-08-15 20:14 - 00000000 ____D C:\Windows\system32\MRT
2013-08-02 19:15 - 2013-08-19 10:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-02 16:09 - 2013-08-02 16:09 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\Malwarebytes
2013-08-02 16:09 - 2013-08-02 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-31 18:08 - 2013-07-31 18:07 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-31 18:04 - 2013-07-31 18:03 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-31 18:04 - 2013-07-31 18:03 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-31 18:04 - 2013-07-31 18:03 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-31 18:04 - 2013-07-31 18:03 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-31 15:34 - 2013-07-31 15:34 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\CrashRpt
2013-07-31 15:32 - 2013-07-31 15:32 - 00000000 ____D C:\ProgramData\RapidSolution
2013-07-31 15:32 - 2013-07-31 15:32 - 00000000 ____D C:\Program Files (x86)\Audials
2013-07-31 15:31 - 2013-07-31 15:31 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\RapidSolution
2013-07-25 16:06 - 2013-07-25 16:06 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\msgr
2013-07-23 14:35 - 2013-07-23 14:42 - 00000000 ____D C:\Program Files (x86)\WinZipper
==================== One Month Modified Files and Folders =======
2013-08-20 14:33 - 2013-08-20 14:33 - 01576196 _____ (Farbar) C:\Users\Samsunlu55\Desktop\FRST64.exe
2013-08-20 14:25 - 2013-08-20 14:25 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Samsunlu55\Desktop\tdsskiller.exe
2013-08-20 14:05 - 2013-08-20 12:41 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-08-20 14:05 - 2013-08-20 12:40 - 00000000 ____D C:\Users\Samsunlu55\Desktop\mbar
2013-08-20 13:52 - 2011-10-21 02:57 - 01957294 _____ C:\Windows\WindowsUpdate.log
2013-08-20 13:36 - 2013-08-20 13:36 - 00000000 ____D C:\Users\Samsunlu55\Desktop\mbar-1.06.1.1005
2013-08-20 12:40 - 2013-08-20 12:40 - 12081912 _____ (Malwarebytes Corp.) C:\Users\Samsunlu55\Desktop\mbar-1.06.1.1005.exe
2013-08-20 09:45 - 2012-01-13 16:46 - 00000000 ____D C:\HDS-FAKTURA
2013-08-20 09:38 - 2012-01-14 11:44 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\Adobe
2013-08-20 09:36 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-20 09:36 - 2009-07-14 06:45 - 00031856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-20 09:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-20 09:27 - 2013-03-12 16:57 - 00017545 _____ C:\Windows\setupact.log
2013-08-19 18:24 - 2012-10-25 18:41 - 00003216 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSamsunlu55
2013-08-19 18:24 - 2012-10-25 18:41 - 00000352 _____ C:\Windows\Tasks\HPCeeScheduleForSamsunlu55.job
2013-08-19 16:42 - 2012-01-11 15:12 - 00003950 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{DF247F0A-98DD-4A49-A3D7-19DA5F27453D}
2013-08-19 14:36 - 2012-01-13 18:09 - 00000000 ____D C:\Users\Samsunlu55\Documents\Reptidokus
2013-08-19 11:01 - 2013-08-05 18:30 - 00000000 ____D C:\FRST
2013-08-19 11:00 - 2010-11-21 05:47 - 00076634 _____ C:\Windows\PFRO.log
2013-08-19 10:52 - 2013-08-02 19:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-17 12:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-17 10:54 - 2013-08-17 10:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 17:48 - 2012-12-13 16:02 - 01261568 ___SH C:\Users\Samsunlu55\Desktop\Thumbs.db
2013-08-16 13:56 - 2012-02-04 11:40 - 00000000 ____D C:\Users\Samsunlu55\Desktop\Anzeigen Bilder
2013-08-16 13:54 - 2013-06-27 15:02 - 00001456 _____ C:\Users\SAMSUN~1\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-08-16 13:11 - 2012-01-11 15:12 - 00000000 ___RD C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-16 12:50 - 2013-08-16 12:50 - 00003128 _____ C:\Windows\System32\Tasks\PandaUSBVaccine
2013-08-16 12:50 - 2013-08-16 12:50 - 00000000 ____D C:\ProgramData\Panda Security
2013-08-16 12:50 - 2013-08-16 12:50 - 00000000 ____D C:\Program Files (x86)\Panda USB Vaccine
2013-08-15 20:19 - 2012-01-11 18:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-15 20:17 - 2011-09-03 10:22 - 00657948 _____ C:\Windows\system32\perfh007.dat
2013-08-15 20:17 - 2011-09-03 10:22 - 00131288 _____ C:\Windows\system32\perfc007.dat
2013-08-15 20:17 - 2009-07-14 07:13 - 01529494 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-15 20:14 - 2013-08-03 14:49 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 20:13 - 2012-01-16 12:19 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-15 18:24 - 2012-01-12 17:51 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-08-15 18:23 - 2012-02-02 19:07 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-08-10 15:31 - 2012-12-07 16:10 - 00000342 _____ C:\Windows\Tasks\HPCeeScheduleForSAMSUNLU$.job
2013-08-10 15:31 - 2012-11-20 15:10 - 00003218 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSAMSUNLU$
2013-08-10 12:12 - 2013-08-10 12:12 - 00033741 _____ C:\ComboFix.txt
2013-08-10 12:12 - 2013-08-06 19:07 - 00000000 ____D C:\Qoobox
2013-08-10 12:10 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-08-10 11:59 - 2013-08-10 11:59 - 00003164 _____ C:\Windows\System32\Tasks\{D773B974-A8A2-4F43-8030-A089F124875E}
2013-08-10 10:43 - 2012-01-11 15:13 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\Adobe
2013-08-10 10:43 - 2011-09-03 00:56 - 00000000 ____D C:\ProgramData\Adobe
2013-08-07 10:15 - 2013-08-07 10:15 - 01527912 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-07 09:58 - 2013-08-07 09:58 - 00000000 ____D C:\Windows\ERUNT
2013-08-07 09:51 - 2013-08-07 09:50 - 00019887 _____ C:\AdwCleaner[S1].txt
2013-08-07 09:50 - 2012-01-11 15:12 - 00001178 _____ C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-07 09:50 - 2012-01-11 15:12 - 00000995 _____ C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-08-07 09:34 - 2013-08-07 09:34 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-07 09:34 - 2013-08-07 09:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-06 19:18 - 2013-08-06 19:07 - 00000000 ____D C:\Windows\erdnt
2013-08-06 19:17 - 2012-01-11 15:03 - 00000000 ____D C:\Users\Samsunlu55
2013-08-06 18:39 - 2013-08-06 19:10 - 02044928 _____ C:\Users\Samsunlu55\Desktop\sicherung20130806.crm
2013-08-06 09:52 - 2012-01-13 19:12 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-08-06 09:51 - 2012-01-11 19:31 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\CrashDumps
2013-08-03 15:33 - 2012-01-11 15:10 - 00159464 _____ C:\Users\SAMSUN~1\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-03 15:31 - 2009-07-14 06:45 - 05199072 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-03 15:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-08-03 14:56 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-02 16:09 - 2013-08-02 16:09 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\Malwarebytes
2013-08-02 16:09 - 2013-08-02 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-01 18:48 - 2013-08-19 11:04 - 00014267 ___SH C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs
2013-07-31 18:07 - 2013-07-31 18:08 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-31 18:07 - 2013-07-31 18:07 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-31 18:07 - 2012-05-12 10:15 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-31 18:07 - 2011-09-03 00:59 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-07-31 18:03 - 2013-07-31 18:04 - 00312232 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-31 18:03 - 2013-07-31 18:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-31 18:03 - 2013-07-31 18:04 - 00188840 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-31 18:03 - 2013-07-31 18:04 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-07-31 18:03 - 2012-09-03 13:00 - 01093032 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2013-07-31 18:03 - 2011-09-03 00:59 - 00972712 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-31 18:03 - 2011-09-03 00:59 - 00000000 ____D C:\Program Files\Java
2013-07-31 15:34 - 2013-07-31 15:34 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\CrashRpt
2013-07-31 15:32 - 2013-07-31 15:32 - 00000000 ____D C:\ProgramData\RapidSolution
2013-07-31 15:32 - 2013-07-31 15:32 - 00000000 ____D C:\Program Files (x86)\Audials
2013-07-31 15:31 - 2013-07-31 15:31 - 00000000 ____D C:\Users\SAMSUN~1\AppData\Local\RapidSolution
2013-07-25 18:35 - 2011-09-03 00:51 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-07-25 16:06 - 2013-07-25 16:06 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\msgr
2013-07-25 11:25 - 2013-08-15 13:58 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-15 13:58 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-25 05:54 - 2013-08-15 20:11 - 17830400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-25 05:37 - 2013-08-15 20:11 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-25 05:35 - 2013-08-15 20:11 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-25 05:31 - 2013-08-15 20:11 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-25 05:30 - 2013-08-15 20:11 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-25 05:29 - 2013-08-15 20:11 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-25 05:29 - 2013-08-15 20:11 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-25 05:29 - 2013-08-15 20:11 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-25 05:28 - 2013-08-15 20:11 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-25 05:27 - 2013-08-15 20:11 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-25 05:27 - 2013-08-15 20:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-25 05:26 - 2013-08-15 20:11 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-25 04:40 - 2013-08-15 20:11 - 12334080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-25 04:32 - 2013-08-15 20:11 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-25 04:30 - 2013-08-15 20:11 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-25 04:26 - 2013-08-15 20:11 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-25 04:26 - 2013-08-15 20:11 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-25 04:25 - 2013-08-15 20:11 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-25 04:24 - 2013-08-15 20:11 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-25 04:24 - 2013-08-15 20:11 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-25 04:23 - 2013-08-15 20:11 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-25 04:22 - 2013-08-15 20:11 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-25 04:22 - 2013-08-15 20:11 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-25 04:22 - 2013-08-15 20:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-24 19:15 - 2012-01-13 16:19 - 00000000 ____D C:\Users\Samsunlu55\AppData\Roaming\HpUpdate
2013-07-24 15:20 - 2012-01-14 12:22 - 00000000 ____D C:\Users\Samsunlu55\Desktop\shopbild
2013-07-23 14:42 - 2013-07-23 14:35 - 00000000 ____D C:\Program Files (x86)\WinZipper
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-14 10:58
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2013 03 Ran by Samsunlu55 at 2013-08-20 14:40:43 Running from C:\Users\Samsunlu55\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Update for Microsoft Office 2007 (KB2508958) (x32) 64 Bit HP CIO Components Installer (Version: 7.2.8) Adobe Flash Player 11 ActiveX (x32 Version: 11.4.402.278) Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.202) Adobe Photoshop CC (x32 Version: 14.0) Adobe Photoshop CS (x32 Version: CS) Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7) Adobe Shockwave Player 11.5 (x32 Version: 11.5.9.620) Advertising Center (x32 Version: 0.0.0.2) Agatha Christie - Peril at End House (x32 Version: 2.2.0.95) Apple Application Support (x32 Version: 2.3.2) Apple Mobile Device Support (Version: 6.0.1.3) Apple Software Update (x32 Version: 2.1.3.127) ATI Catalyst Install Manager (Version: 3.0.816.0) AuthenTec TrueAPI (Version: 1.3.0.144) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95) Big Rig Europe (x32 Version: 2.2.0.95) Bing Bar (x32 Version: 7.0.610.0) Blasterball 3 (x32 Version: 2.2.0.95) Bonjour (Version: 3.0.0.10) Bounce Symphony (x32 Version: 2.2.0.95) BufferChm (x32 Version: 130.0.331.000) C4400 (x32 Version: 130.0.365.000) Cake Mania (x32 Version: 2.2.0.95) Camtasia Studio 8 (x32 Version: 8.0.4.1060) Catalyst Control Center - Branding (x32 Version: 1.00.0000) Catalyst Control Center (x32 Version: 2011.0508.224.2391) Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0508.224.2391) Catalyst Control Center InstallProxy (x32 Version: 2011.0508.224.2391) Catalyst Control Center Localization All (x32 Version: 2011.0508.224.2391) Catalyst Control Center Profiles Mobile (x32 Version: 2011.0508.224.2391) CCC Help Chinese Standard (x32 Version: 2011.0508.0223.2391) CCC Help Chinese Traditional (x32 Version: 2011.0508.0223.2391) CCC Help Czech (x32 Version: 2011.0508.0223.2391) CCC Help Danish (x32 Version: 2011.0508.0223.2391) CCC Help Dutch (x32 Version: 2011.0508.0223.2391) CCC Help English (x32 Version: 2011.0508.0223.2391) CCC Help Finnish (x32 Version: 2011.0508.0223.2391) CCC Help French (x32 Version: 2011.0508.0223.2391) CCC Help German (x32 Version: 2011.0508.0223.2391) CCC Help Greek (x32 Version: 2011.0508.0223.2391) CCC Help Hungarian (x32 Version: 2011.0508.0223.2391) CCC Help Italian (x32 Version: 2011.0508.0223.2391) CCC Help Japanese (x32 Version: 2011.0508.0223.2391) CCC Help Korean (x32 Version: 2011.0508.0223.2391) CCC Help Norwegian (x32 Version: 2011.0508.0223.2391) CCC Help Polish (x32 Version: 2011.0508.0223.2391) CCC Help Portuguese (x32 Version: 2011.0508.0223.2391) CCC Help Russian (x32 Version: 2011.0508.0223.2391) CCC Help Spanish (x32 Version: 2011.0508.0223.2391) CCC Help Swedish (x32 Version: 2011.0508.0223.2391) CCC Help Thai (x32 Version: 2011.0508.0223.2391) CCC Help Turkish (x32 Version: 2011.0508.0223.2391) ccc-utility64 (Version: 2011.0508.224.2391) Chuzzle Deluxe (x32 Version: 2.2.0.95) Copy (x32 Version: 130.0.428.000) Crazy Chicken Kart 2 (x32 Version: 2.2.0.95) CyberLink PowerDVD (x32 Version: 10.0.5.3817) CyberLink YouCam (x32 Version: 3.5.1.3922) D3DX10 (x32 Version: 15.4.2368.0902) Destinations (x32 Version: 130.0.0.0) DeviceDiscovery (x32 Version: 130.0.465.000) Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95) DocProc (x32 Version: 13.0.0.0) DolbyFiles (x32 Version: 2.0) ElsterFormular (x32 Version: 14.1.11318) Energy Star Digital Logo (x32 Version: 1.0.1) ESU for Microsoft Windows 7 (x32 Version: 1.0.0) Evernote v. 4.2.2 (x32 Version: 4.2.2.3979) Farm Frenzy (x32 Version: 2.2.0.95) FATE (x32 Version: 2.2.0.95) Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.32.0) Fishdom (x32 Version: 2.2.0.95) GPBaseService2 (x32 Version: 130.0.371.000) Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000) HP 3D DriveGuard (Version: 4.1.16.1) HP Auto (Version: 1.0.12935.3667) HP Client Services (Version: 1.1.12938.3539) HP Connection Manager (x32 Version: 4.0.45.1) HP Customer Experience Enhancements (x32 Version: 6.0.1.7) HP Customer Participation Program 13.0 (Version: 13.0) HP Documentation (x32 Version: 1.1.0.0) HP DVB-T TV Tuner 8.0.64.43 (x32 Version: 8.0.64.43) HP FWUpdateEDO2 (x32 Version: 1.2.0.0) HP Games (x32 Version: 1.0.2.4) HP Imaging Device Functions 13.0 (Version: 13.0) HP Officejet 6700 - Grundlegende Software für das Gerät (Version: 25.0.619.0) HP Officejet 6700 Hilfe (x32 Version: 140.0.2.2) HP On Screen Display (x32 Version: 1.3.5) HP Photo Creations (x32 Version: 1.0.0.9572) HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (Version: 13.0) HP Photosmart Essential 3.5 (Version: 3.5) HP Power Manager (x32 Version: 1.2.3) HP Product Detection (x32 Version: 11.14.0001) HP Quick Launch (x32 Version: 2.7.2) HP Setup (x32 Version: 8.6.4530.3651) HP Setup Manager (x32 Version: 1.1.13253.3682) HP SimplePass 2011 (x32 Version: 5.3.0.273) HP Smart Web Printing 4.51 (Version: 4.51) HP Software Framework (x32 Version: 4.5.10.1) HP Solution Center 13.0 (Version: 13.0) HP Support Assistant (x32 Version: 7.0.39.15) HP Update (x32 Version: 5.005.000.001) HPDiagnosticAlert (x32 Version: 1.00.0000) HPPhotoGadget (x32 Version: 130.0.282.000) HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000) HPPhotosmartEssential (x32 Version: 2.04.0000) HPProductAssistant (x32 Version: 130.0.371.000) HPSSupply (x32 Version: 130.0.371.000) I.R.I.S. OCR (x32 Version: 12.3.4.0) iCloud (Version: 2.1.0.39) IDT Audio (x32 Version: 1.0.6381.0) ImagXpress (x32 Version: 7.0.74.0) Intel(R) Control Center (x32 Version: 1.2.1.1007) Intel(R) Display Audio Driver (x32 Version: 6.14.00.3074) Intel(R) Management Engine Components (x32 Version: 7.0.0.1144) Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (Version: 14.2.0.0216) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 1.0.2.0511) Intel(R) Rapid Storage Technology (x32 Version: 10.6.0.1002) Intel(R) WiDi (x32 Version: 2.1.39.0) Intel(R) Wireless Display IsoBuster 2.8.5 (x32 Version: 2.8.5) iTunes (Version: 11.0.1.12) Java 7 Update 25 (64-bit) (Version: 7.0.250) Java 7 Update 25 (x32 Version: 7.0.250) Java Auto Updater (x32 Version: 2.1.9.5) Jewel Quest Solitaire (x32 Version: 2.2.0.95) Junk Mail filter update (x32 Version: 15.4.3502.0922) MAGIX Foto Manager MX Deluxe (Version: 9.0.1.250) MAGIX Foto Manager MX Deluxe (x32 Version: 9.0.1.250) MAGIX Foto Manager MX Deluxe Update (Version: 9.0.2.256) MAGIX Fotos auf DVD 2013 Deluxe (Version: 12.0.0.75) MAGIX Fotos auf DVD 2013 Deluxe (x32 Version: 12.0.0.75) MAGIX Screenshare (x32 Version: 4.3.6.1987) MAGIX Slideshow Maker 2 (Version: 2.0.1.9) MAGIX Slideshow Maker 2 (x32 Version: 2.0.1.9) MAGIX Speed burnR (MSI) (Version: 7.0.2.6) MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6) MAGIX Video deluxe 17 Plus Sonderedition Download-Version (x32 Version: 10.0.11.0) MAGIX Video deluxe 2013 Plus (Designelemente) (Version: 1.0.0.0) MAGIX Video deluxe 2013 Plus (Designelemente) (x32 Version: 1.0.0.0) MAGIX Video deluxe 2013 Plus (Filmvorlagen) (Version: 1.0.0.0) MAGIX Video deluxe 2013 Plus (Filmvorlagen) (x32 Version: 1.0.0.0) MAGIX Video deluxe 2013 Plus (Fotoshow Maker-Stile 1) (Version: 1.0.0.0) MAGIX Video deluxe 2013 Plus (Fotoshow Maker-Stile 1) (x32 Version: 1.0.0.0) MAGIX Video deluxe 2013 Plus (Fotoshow Maker-Stile 2) (Version: 1.0.0.0) MAGIX Video deluxe 2013 Plus (Fotoshow Maker-Stile 2) (x32 Version: 1.0.0.0) MAGIX Video deluxe 2013 Plus (Individuelle Menüvorlagen) (Version: 1.0.0.0) MAGIX Video deluxe 2013 Plus (Individuelle Menüvorlagen) (x32 Version: 1.0.0.0) MAGIX Video deluxe 2013 Plus (Menüvorlagen 1) (Version: 1.0.0.0) MAGIX Video deluxe 2013 Plus (Menüvorlagen 1) (x32 Version: 1.0.0.0) MAGIX Video deluxe 2013 Plus (Menüvorlagen 2) (Version: 1.0.0.0) MAGIX Video deluxe 2013 Plus (Menüvorlagen 2) (x32 Version: 1.0.0.0) MAGIX Video deluxe 2013 Plus (Soundtrack Maker-Stile) (Version: 1.0.0.0) MAGIX Video deluxe 2013 Plus (Soundtrack Maker-Stile) (x32 Version: 1.0.0.0) MAGIX Video deluxe 2013 Plus (Titeleffekte) (Version: 1.0.0.0) MAGIX Video deluxe 2013 Plus (Titeleffekte) (x32 Version: 1.0.0.0) MAGIX Video deluxe 2013 Plus (Überblendeffekte) (Version: 1.0.1.0) MAGIX Video deluxe 2013 Plus (Überblendeffekte) (x32 Version: 1.0.1.0) MAGIX Video deluxe 2013 Plus (Version: 12.0.0.32) MAGIX Video deluxe 2013 Plus (x32 Version: 12.0.0.32) MAGIX Video deluxe Plus 2013 Update (Version: 12.0.3.4) Mah Jong Medley (x32 Version: 2.2.0.95) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) MarketResearch (x32 Version: 130.0.374.000) McAfee Security Scan Plus (x32 Version: 3.0.318.3) Menu Templates - Starter Kit (x32 Version: 9.6.0.0) Mesh Runtime (x32 Version: 15.4.5722.2) MFC RunTime files (x32 Version: 1.0.0) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office 2007 Service Pack 3 (SP3) (x32) Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003) Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000) Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32) Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Movie Templates - Starter Kit (x32 Version: 9.6.0.0) Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1) Mozilla Maintenance Service (x32 Version: 23.0.1) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0) MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0) MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0) Mystery P.I. - The London Caper (x32 Version: 2.2.0.95) Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95) Nero 9 (x32) Nero BurnRights (x32 Version: 3.4.13.100) Nero ControlCenter (x32 Version: 9.0.0.1) Nero CoverDesigner (x32 Version: 1.0.0.0) Nero Disc Copy Gadget (x32 Version: 2.4.43.0) Nero DiscSpeed (x32 Version: 5.4.13.100) Nero DriveSpeed (x32 Version: 4.4.12.100) Nero InfoTool (x32 Version: 6.4.12.100) Nero Installer (x32 Version: 4.4.9.0) Nero PhotoSnap (x32 Version: 2.4.29.0) Nero Recode (x32 Version: 4.4.40.0) Nero Rescue Agent (x32 Version: 2.4.14.100) Nero ShowTime (x32 Version: 5.4.27.100) Nero StartSmart (x32 Version: 9.4.40.100) Nero Vision (x32 Version: 6.4.19.100) Nero WaveEditor (x32 Version: 5.4.39.0) NeroBurningROM (x32 Version: 1.0.0.0) NeroExpress (x32 Version: 1.0.0.0) neroxml (x32 Version: 1.0.0) Norton Internet Security (x32 Version: 19.9.1.14) OCR Software by I.R.I.S. 13.0 (Version: 13.0) P 2.8.4 (Version: 2.8.4) Panda USB Vaccine 1.0.1.4 (x32) PDF Settings CC (x32 Version: 12.0) Penguins! (x32 Version: 2.2.0.95) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95) Polar Bowler (x32 Version: 2.2.0.95) PS_AIO_03_C4400_Software_Min (x32 Version: 130.0.365.000) PX Profile Update (x32 Version: 1.00.1.) QuickTime (x32 Version: 7.73.80.64) Ravensburger tiptoi (x32) Realtek Ethernet Controller Driver (x32 Version: 7.41.216.2011) Realtek PCIE Card Reader (x32 Version: 6.1.7601.83) Recovery Manager (x32 Version: 2.0.0) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.19.0) Safari (x32 Version: 5.34.57.2) Scan (x32 Version: 13.0.0.0) Screen Capturer (x32 Version: 1.0.4.42) Shop for HP Supplies (Version: 13.0) simplitec simplicheck (x32 Version: 1.2.6.0) Skype™ 6.0 (x32 Version: 6.0.126) Slingo Deluxe (x32 Version: 2.2.0.95) SmartFTP Client (Version: 4.0.1236.0) SmartFTP Client German (Germany) MUI (Version: 4.0.1236.0) SmartFTP Client Setup Files 4.0 (x64) (remove only) (x32 Version: 4.0) SmartWebPrinting (x32 Version: 130.0.457.000) SolutionCenter (x32 Version: 130.0.373.000) SoundTrax (x32 Version: 4.4.39.0) Status (x32 Version: 130.0.469.000) Studie zur Verbesserung von HP Officejet 6700 Produkten (Version: 25.0.619.0) Synaptics TouchPad Driver (Version: 15.3.29.0) TeamViewer 6 (x32 Version: 6.0.12879) Terraniser (x32) Toolbox (x32 Version: 130.0.648.000) Total Commander 64-bit (Remove or Repair) (Version: 8.0) TrayApp (x32 Version: 130.0.422.000) UnloadSupport (x32 Version: 11.0.0) Update for 2007 Microsoft Office System (KB967642) (x32) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32) Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition (x32) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition (x32) Update für Microsoft Office Excel 2007 Help (KB963678) (x32) Update für Microsoft Office Outlook 2007 Help (KB963677) (x32) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32) Update für Microsoft Office Word 2007 Help (KB963665) (x32) Update Installer for WildTangent Games App (x32) UseNeXT by Tangysoft (x32) Validity WBF DDK (Version: 4.3.205.0) Virtual Villagers - The Secret City (x32 Version: 2.2.0.95) VLC media player 2.0.4 (x32 Version: 2.0.4) Watermark Studio 2.11 (x32) WebReg (x32 Version: 130.0.132.017) Wedding Dash (x32 Version: 2.2.0.95) WildTangent Games App (HP Games) (x32 Version: 4.0.5.36) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3508.1109) Windows Live Fotogalerie (x32 Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4225.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3508.1109) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Mesh (x32 Version: 15.4.3502.0922) Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2) Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2) Windows Live Messenger (x32 Version: 15.4.3502.0922) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8) WinRAR WinRAR (x32) Zuma Deluxe (x32 Version: 2.2.0.95) ==================== Restore Points ========================= 09-08-2013 14:59:01 Windows Update 11-08-2013 18:51:40 Windows-Sicherung 15-08-2013 18:10:47 Windows Update 19-08-2013 09:10:51 Windows-Sicherung ==================== Hosts content: ========================== 2009-07-14 04:34 - 2013-08-06 19:18 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {01BF8DD2-891A-4F4A-A5E2-2C624BC578D9} - System32\Tasks\{D9689B74-8862-4EBA-A79F-5A509C33E756} => F:\Crack\Keygen.exe No File Task: {22BC4574-4F84-44C9-B490-C8DBAD079868} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation) Task: {2AA7E686-53DF-4F5B-B167-C2A179609321} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation) Task: {36BCDC00-C252-4C4E-82FD-E5B39FD0E4DC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {4A97297C-3402-45D4-B5F0-7512A4E537E4} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-21] (Microsoft Corporation) Task: {4D67E9EC-091C-498B-A6B5-E5D766FA16CD} - System32\Tasks\HPCeeScheduleForSAMSUNLU$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard) Task: {4E8FA1FC-DF6A-4C18-BFC6-BE7FB613355F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-07-29] (Hewlett-Packard) Task: {60124C15-13FD-4A23-88D3-3B29A2B36457} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe No File Task: {66FAC0EF-F09E-49F0-B9DE-19ECEE482397} - System32\Tasks\Omiga Plus RunAsStdUser => C:\Program Files (x86)\Omiga Plus\omigaplus.exe No File Task: {6DEA5FDE-0568-4C4B-BE1D-A81753C4EB19} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {700FB8ED-F118-4DC0-A7FA-EBF322051035} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation) Task: {78B32F49-BEF4-42E4-9BCA-A192575D8051} - System32\Tasks\User_Feed_Synchronization-{DF247F0A-98DD-4A49-A3D7-19DA5F27453D} => C:\Windows\system32\msfeedssync.exe [2011-10-21] (Microsoft Corporation) Task: {78C7275B-0551-4C3E-A719-4D74BD0091FD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company) Task: {7F076D50-978C-4F1A-B427-4533D4B271B3} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] () Task: {804EC0B0-22DF-4F1F-AE91-FE57595D3E91} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2013-08-06] (Microsoft) Task: {8566C185-B441-4BC5-9B11-755415A0AD54} - System32\Tasks\AdobeAAMUpdater-1.0-Samsunlu-Samsunlu55 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated) Task: {87E76B34-52CD-4AC2-B5A5-BA25160234B3} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-22] (CyberLink) Task: {8E5CBFE5-3D93-4AA8-A6C6-2A2DF42E57B5} - \Dealply No Task File Task: {9B4E095A-136D-43B7-B74C-8D98CBEAF405} - System32\Tasks\HPCustParticipation HP Officejet 6700 => C:\Program Files\HP\HP Officejet 6700\Bin\HPCustPartic.exe [2011-09-09] (Hewlett-Packard Co.) Task: {A8DC303B-863C-4CED-A330-F7EB50132EC0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {AA47BCD3-1023-4623-8853-D8FCF3CE7D50} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] () Task: {B556450C-17B7-467C-A070-8CC39AB9F860} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation) Task: {BA7C577D-8F75-4C07-88E7-5B85AACFFCE9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {BFDF97E1-26A9-400F-8551-AD755E7AB0B3} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation) Task: {C57FC739-247E-492D-BC48-4295D94F1E2E} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe No File Task: {CBAD730A-5392-4F7F-8BDB-937D83E859F3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-07-29] (Hewlett-Packard) Task: {D3DC7E56-C6DF-4CD2-8B81-21D95454DF0C} - System32\Tasks\HPCeeScheduleForSamsunlu55 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard) Task: {D8054690-827C-4BA9-9880-C78607F70595} - System32\Tasks\hpUrlLauncher.exe_{92ACBE9B-7947-448D-890F-19A89C75A7E5} => C:\Program Files\HP\HP Officejet 6700\Bin\utils\hpUrlLauncher.exe [2011-09-09] (Hewlett-Packard Co.) Task: {DAC4E28B-007B-4819-87E7-DFD94829F542} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {F26527FF-7C69-44B5-9752-683CA9245C23} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation) Task: {FFAC4C90-181E-4FE9-8F0F-E8C45F5A2063} - System32\Tasks\{8DEACD13-F046-4134-88E3-7BAEF94B745D} => F:\Crack\Keygen.exe No File Task: C:\Windows\Tasks\HPCeeScheduleForSAMSUNLU$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\HPCeeScheduleForSamsunlu55.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Faulty Device Manager Devices ============= Name: Bluetooth-Peripheriegerät Description: Bluetooth-Peripheriegerät Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Bluetooth-Peripheriegerät Description: Bluetooth-Peripheriegerät Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/20/2013 09:28:55 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (08/20/2013 09:28:34 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/20/2013 09:28:01 AM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT) Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0 Error: (08/20/2013 09:28:01 AM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT) Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0 Error: (08/20/2013 09:28:01 AM) (Source: Microsoft-Windows-EapHost) (User: NT-AUTORITÄT) Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0 Error: (08/19/2013 06:32:25 PM) (Source: ATIeRecord) (User: ) Description: ATI EEU failed to post message to CCC Error: (08/19/2013 06:32:25 PM) (Source: ATIeRecord) (User: ) Description: ATI EEU failed to post message to CCC Error: (08/19/2013 06:32:25 PM) (Source: ATIeRecord) (User: ) Description: ATI EEU failed to post message to CCC Error: (08/19/2013 06:32:25 PM) (Source: ATIeRecord) (User: ) Description: ATI EEU failed to post message to CCC Error: (08/19/2013 06:32:25 PM) (Source: ATIeRecord) (User: ) Description: ATI EEU failed to post message to CCC System errors: ============= Error: (08/20/2013 09:28:11 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/20/2013 09:28:08 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Intel(R) PROSet/Wireless Registry Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/20/2013 09:28:02 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Intel(R) PROSet/Wireless Event Log" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/20/2013 09:28:01 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden. Modulpfad: C:\Windows\System32\IWMSSvc.dll Fehlercode: 126 Error: (08/19/2013 11:00:22 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/19/2013 11:00:19 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Intel(R) PROSet/Wireless Registry Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/19/2013 11:00:16 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Intel(R) PROSet/Wireless Event Log" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/19/2013 11:00:15 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden. Modulpfad: C:\Windows\System32\IWMSSvc.dll Fehlercode: 126 Error: (08/19/2013 10:52:52 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (08/19/2013 10:52:50 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Intel(R) PROSet/Wireless Registry Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2013-08-10 12:10:19.830 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-08-10 12:10:19.799 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-08-10 12:10:19.768 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-08-10 12:10:19.737 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-08-10 11:28:05.753 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-08-10 11:28:05.722 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-08-10 11:28:05.691 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-08-10 11:28:05.659 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-08-10 10:36:38.989 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-08-10 10:36:38.958 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Percentage of memory in use: 34% Total physical RAM: 8139.86 MB Available physical RAM: 5350.72 MB Total Pagefile: 488732.9 MB Available Pagefile: 485522.25 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:680.14 GB) (Free:574.6 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (DATA) (Fixed) (Total:698.63 GB) (Free:74.26 GB) NTFS Drive e: (RECOVERY) (Fixed) (Total:18.2 GB) (Free:1.96 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive g: (EOS_DIGITAL) (Removable) (Total:29.71 GB) (Free:29.59 GB) FAT32 Drive h: (INTENSO) (Fixed) (Total:1862.55 GB) (Free:1859.11 GB) FAT32 Drive i: (INTENSO) (Removable) (Total:7.26 GB) (Free:7.26 GB) FAT32 Drive j: () (Removable) (Total:7.5 GB) (Free:5.58 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 527073E8) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=680 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=18 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=103 MB) - (Type=0C) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: C2F2CAF6) Partition 1: (Not Active) - (Size=699 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 30 GB) (Disk ID: 00000000) Partition 1: (Not Active) - (Size=30 GB) - (Type=0C) ======================================================== Disk: 3 (Size: 7 GB) (Disk ID: D682F0B7) Partition 1: (Not Active) - (Size=7 GB) - (Type=0B) ======================================================== Disk: 4 (Size: 8 GB) (Disk ID: 00000000) Partition 1: (Active) - (Size=8 GB) - (Type=06) ======================================================== Disk: 5 (Size: 1863 GB) (Disk ID: 1F202609) Partition 1: (Not Active) - (Size=-198627982848) - (Type=0C) ==================== End Of Log ============================ |
|
20.08.2013, 13:53
| #75 |
| /// the machine /// TB-Ausbilder | Ordner vom USB Stick und Speicherkarten Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKCU\...\Run: [knjgffmqtl] - C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs [14267 2013-08-01] ()
Startup: C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\knjgffmqtl..vbs ()
C:\Users\Samsunlu55\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\knjgffmqtl..vbs
C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs
2013-08-19 11:04 - 2013-08-01 18:48 - 00014267 ___SH C:\Users\Samsunlu55\AppData\Roaming\knjgffmqtl..vbs
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
Linear-Darstellung
