| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Infizierte Kopie von c:\windows\SysWow64\wshtcpip.dll wurde gefunden und desinfiziertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.09.2013, 11:48
| #1 |
 |  Infizierte Kopie von c:\windows\SysWow64\wshtcpip.dll wurde gefunden und desinfiziert Hallo, irgendetwas stimmt nicht. Code:
ATTFilter ComboFix 13-09-17.01 - bash 21.09.2013 11:52:03.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4991.3890 [GMT 2:00]
ausgeführt von:: c:\users\1887\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Infizierte Kopie von c:\windows\SysWow64\wshtcpip.dll wurde gefunden und desinfiziert
Kopie von - c:\windows\erdnt\cache86\WSHTCPIP.DLL wurde wiederhergestellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-08-21 bis 2013-09-21 ))))))))))))))))))))))))))))))
.
.
2013-09-21 09:58 . 2013-09-21 09:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-20 11:03 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B40B6ECF-B83B-4A2A-8B28-C68474A5210B}\mpengine.dll
2013-09-18 15:01 . 2013-09-18 15:01 -------- d-----w- C:\FRST
2013-09-18 13:33 . 2013-09-18 15:52 -------- d-----w- c:\users\1887
2013-09-18 12:24 . 2013-09-18 12:24 -------- d-----w- c:\program files (x86)\ESET
2013-09-18 09:39 . 2013-09-18 09:39 -------- d-----w- c:\program files (x86)\Microsoft.NET
2013-09-17 14:35 . 2013-09-18 11:34 -------- d-----w- C:\AdwCleaner
2013-09-17 14:05 . 2013-09-18 15:49 -------- d-----w- c:\program files (x86)\GIMP 2
2013-09-16 07:55 . 2013-09-16 07:57 -------- d-----w- c:\program files (x86)\AbiWord
2013-09-15 17:04 . 2013-09-15 17:04 -------- d-----w- c:\program files (x86)\Julien MANICI
2013-09-15 10:02 . 2013-09-15 10:02 -------- d-----w- c:\program files (x86)\Secunia
2013-09-14 16:45 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-14 16:45 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
2013-09-14 16:45 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2013-09-14 16:45 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2013-09-14 16:44 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2013-09-14 16:44 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2013-09-14 16:44 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2013-09-14 16:44 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2013-09-14 16:44 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2013-09-14 16:44 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2013-09-14 16:44 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2013-09-14 16:44 . 2011-03-11 04:37 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2013-09-14 16:43 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-09-14 16:43 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-09-14 16:42 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-14 16:42 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-14 16:42 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-14 16:42 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-14 16:42 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-14 16:42 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-14 16:42 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-09-14 14:02 . 2013-09-15 18:40 -------- d-----w- c:\program files\Calibre2
2013-09-14 13:34 . 2009-10-21 15:16 243200 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2013-09-14 13:34 . 2009-10-12 13:23 114304 ----a-w- c:\windows\system32\drivers\ewusbdev.sys
2013-09-14 13:34 . 2009-09-10 13:31 117248 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2013-09-14 13:34 . 2007-08-09 02:10 29696 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2013-09-14 12:14 . 2013-09-14 12:14 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-09-14 12:14 . 2013-09-14 12:14 -------- d-----r- c:\program files (x86)\Skype
2013-09-14 12:14 . 2013-09-14 12:15 -------- d-----w- c:\programdata\Skype
2013-09-14 10:14 . 2013-09-15 01:22 -------- d-----r- C:\Sandbox
2013-09-14 10:08 . 2013-09-14 10:08 -------- d-----w- c:\program files\Sandboxie
2013-09-13 08:37 . 2013-09-19 11:11 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-09-13 08:37 . 2013-09-19 11:10 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-09-13 08:37 . 2013-09-13 08:37 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-09-12 14:35 . 2013-09-15 09:40 -------- d-----w- c:\windows\ERUNT
2013-09-12 11:51 . 2013-07-26 02:24 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-09-12 11:50 . 2013-08-02 02:12 6656 ----a-w- c:\windows\system32\apisetschema.dll
2013-09-12 11:50 . 2013-08-02 02:12 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 11:50 . 2013-08-02 02:12 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 11:50 . 2013-08-02 01:48 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-09-12 11:50 . 2013-08-02 01:48 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 11:50 . 2013-08-02 01:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-09-12 11:50 . 2013-08-02 00:45 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-09-12 11:50 . 2013-08-02 00:45 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-09-12 11:50 . 2013-08-02 00:45 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-09-12 11:50 . 2013-08-08 01:20 3155456 ----a-w- c:\windows\system32\win32k.sys
2013-09-12 11:24 . 2013-09-12 11:24 -------- d-----w- c:\programdata\Oracle
2013-09-12 11:24 . 2013-09-12 11:24 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-09-12 11:23 . 2013-09-12 11:23 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-12 11:23 . 2013-09-12 11:23 -------- d-----w- c:\program files (x86)\Java
2013-09-12 11:18 . 2013-09-12 11:18 -------- d-----w- c:\windows\Sun
2013-09-11 22:59 . 2013-09-18 09:37 -------- d-----w- c:\windows\system32\catroot2
2013-09-11 22:34 . 2013-09-11 22:39 -------- d-----w- c:\windows\SysWow64\wbem\Performance
2013-09-11 22:04 . 2013-09-11 22:53 181064 ----a-w- c:\windows\PSEXESVC.EXE
2013-09-11 16:07 . 2013-09-11 16:08 -------- d-----w- c:\programdata\Ashampoo
2013-09-11 16:07 . 2013-09-11 16:07 -------- d-----w- c:\program files (x86)\Ashampoo
2013-09-11 16:03 . 2013-09-16 08:29 -------- d-----w- c:\program files\CCleaner
2013-09-11 15:33 . 2013-09-11 15:33 -------- d-----w- c:\program files (x86)\SoundSpectrum
2013-09-10 12:23 . 2013-09-14 16:33 -------- d-----w- c:\windows\system32\MRT
2013-09-09 05:41 . 2013-09-12 12:45 -------- d-----w- c:\windows\Panther
2013-09-09 02:22 . 2013-09-17 22:24 -------- d-----w- c:\users\UpdatusUser
2013-09-09 02:22 . 2013-09-09 02:22 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2013-09-09 02:22 . 2013-09-09 02:22 -------- d-----w- c:\programdata\NVIDIA
2013-09-09 02:21 . 2013-01-31 09:25 6207776 ----a-w- c:\windows\system32\nvcpl.dll
2013-09-09 02:21 . 2013-01-31 09:25 3300640 ----a-w- c:\windows\system32\nvsvc64.dll
2013-09-09 02:21 . 2013-01-31 09:24 878368 ----a-w- c:\windows\system32\nvvsvc.exe
2013-09-09 02:21 . 2013-01-31 09:24 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-09-09 02:21 . 2013-01-31 09:24 2558240 ----a-w- c:\windows\system32\nvsvcr.dll
2013-09-09 02:21 . 2013-01-31 09:24 118560 ----a-w- c:\windows\system32\nvmctray.dll
2013-09-09 02:19 . 2013-02-19 20:32 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-09-09 02:19 . 2013-02-19 20:32 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-09-09 02:18 . 2013-09-09 02:18 -------- d-----w- c:\programdata\NVIDIA Corporation
2013-09-09 02:06 . 2013-09-09 02:07 -------- d-----w- c:\program files\Mixxx
2013-09-09 01:45 . 2013-09-09 01:45 -------- d-----w- c:\programdata\Malwarebytes
2013-09-09 01:45 . 2013-09-09 01:45 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-09 01:45 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-09 01:28 . 2013-09-09 01:28 -------- d-----w- c:\windows\de-DE
2013-09-09 01:28 . 2013-09-09 01:28 -------- d-----w- c:\windows\SysWow64\XPSViewer
2013-09-09 01:28 . 2013-09-09 01:28 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\de-DE
2013-09-09 01:28 . 2013-09-09 01:28 -------- d-----w- c:\windows\SysWow64\drivers\de-DE
2013-09-09 01:28 . 2013-09-09 01:28 -------- d-----w- c:\windows\SysWow64\de
2013-09-09 01:28 . 2013-09-09 01:28 -------- d-----w- c:\windows\SysWow64\0407
2013-09-09 01:28 . 2013-09-14 16:55 -------- d-----w- c:\windows\SysWow64\wbem\de-DE
2013-09-09 01:28 . 2013-09-14 16:55 -------- d-----w- c:\windows\system32\drivers\de-DE
2013-09-09 01:28 . 2013-09-09 01:28 -------- d-----w- c:\windows\system32\drivers\UMDF\de-DE
2013-09-09 01:28 . 2013-09-09 01:28 -------- d-----w- c:\windows\system32\0407
2013-09-09 01:27 . 2013-09-09 01:27 -------- d-----w- c:\windows\system32\de
2013-09-09 01:27 . 2013-09-14 16:55 -------- d-----w- c:\windows\system32\wbem\de-DE
2013-09-09 01:25 . 2013-09-09 01:25 3584 ----a-w- c:\windows\system32\Spool\prtprocs\x64\de-DE\LXKPTPRC.DLL.mui
2013-09-09 01:11 . 2013-09-12 11:23 868264 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-09-09 00:46 . 2013-09-09 00:47 -------- d-----w- c:\program files\Tracker Software
2013-09-09 00:39 . 2013-09-11 14:58 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-09 00:39 . 2013-09-11 14:58 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-09 00:38 . 2013-09-09 00:38 -------- d-----w- c:\windows\SysWow64\Macromed
2013-09-09 00:38 . 2013-09-09 00:38 -------- d-----w- c:\windows\system32\Macromed
2013-09-08 23:59 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-09-08 23:59 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-09-08 23:44 . 2010-08-12 09:46 758272 ----a-w- c:\windows\system32\cohelper.dll
2013-09-08 23:44 . 2010-08-09 20:33 11164 ----a-w- c:\windows\system32\drivers\nvphy.bin
2013-09-08 23:44 . 2013-09-09 02:22 -------- d-----w- c:\program files\NVIDIA Corporation
2013-09-08 23:43 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-09-08 23:43 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-09-08 23:43 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-09-08 23:43 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-09-08 23:38 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-09-08 23:38 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-09-08 23:38 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-09-08 23:38 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-09-08 23:38 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-09-08 23:38 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-09-08 23:38 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-09-08 23:35 . 2013-01-13 19:53 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-09-08 23:35 . 2013-01-13 19:24 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-09-08 23:35 . 2013-01-04 06:11 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-09 01:25 . 2013-09-09 01:25 2560 ----a-w- c:\windows\SysWow64\drivers\de-DE\qwavedrv.sys.mui
2013-09-09 01:25 . 2013-09-09 01:25 2560 ----a-w- c:\windows\SysWow64\drivers\de-DE\scfilter.sys.mui
2013-09-09 01:25 . 2013-09-09 01:25 5632 ----a-w- c:\windows\SysWow64\drivers\de-DE\ndiscap.sys.mui
2013-09-09 01:24 . 2013-09-09 01:24 51712 ----a-w- c:\windows\SysWow64\drivers\de-DE\tcpip.sys.mui
2013-09-09 01:24 . 2013-09-09 01:24 16896 ----a-w- c:\windows\SysWow64\drivers\de-DE\pacer.sys.mui
2013-09-09 01:24 . 2013-09-09 01:24 29696 ----a-w- c:\windows\SysWow64\drivers\de-DE\bfe.dll.mui
2013-08-07 02:22 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-02 01:48 . 2013-09-12 11:51 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-03 08:32 . 2013-07-03 08:32 18456 ----a-w- c:\windows\system32\drivers\psi_mf_amd64.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-7-3 563416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-09-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-09 14:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: Interfaces\{8F83CF82-3B1E-46AC-9D06-880EC3E2A99C}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{B46D864D-C4C9-49DA-A66D-0F91C8A04385}: NameServer = 193.189.244.225 193.189.244.206
FF - ProfilePath - c:\users\bash\AppData\Roaming\Mozilla\Firefox\Profiles\7moju7vn.default\
FF - prefs.js: browser.search.selectedEngine - Startpage HTTPS - Deutsch
FF - prefs.js: browser.startup.homepage - hxxps://startpage.com/deu/.
FF - ExtSQL: 2013-09-08 23:17; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-09-14 18:19; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\bash\AppData\Roaming\Mozilla\Firefox\Profiles\7moju7vn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-09-14 18:20; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\bash\AppData\Roaming\Mozilla\Firefox\Profiles\7moju7vn.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-09-21 12:10:27 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-09-21 10:10
ComboFix2.txt 2013-09-18 15:16
.
Vor Suchlauf: 11 Verzeichnis(se), 10.496.831.488 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 10.441.699.328 Bytes frei
.
- - End Of File - - A130A8B2723750FD7716113BDFFA348F
A36C5E4F47E84449FF07ED3517B43A31
|
|
21.09.2013, 11:49
| #2 |
| | Infizierte Kopie von c:\windows\SysWow64\wshtcpip.dll wurde gefunden und desinfiziertFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-09-2013 01
Ran by bash (administrator) on BASH-PC on 21-09-2013 12:14:25
Running from C:\Users\bash\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
==================== Registry (Whitelisted) ==================
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\1887\...\Policies\system: [LogonHoursAction] 2
HKU\1887\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDC5A6270CEACCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{8F83CF82-3B1E-46AC-9D06-880EC3E2A99C}: [NameServer]193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{B46D864D-C4C9-49DA-A66D-0F91C8A04385}: [NameServer]193.189.244.206 193.189.244.225
FireFox:
========
FF ProfilePath: C:\Users\bash\AppData\Roaming\Mozilla\Firefox\Profiles\7moju7vn.default
FF DefaultSearchEngine: Startpage HTTPS - Deutsch
FF SelectedSearchEngine: Startpage HTTPS - Deutsch
FF Homepage: https://startpage.com/deu/.
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\bash\AppData\Roaming\Mozilla\Firefox\Profiles\7moju7vn.default\searchplugins\startpage-https---deutsch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\bash\AppData\Roaming\Mozilla\Firefox\Profiles\7moju7vn.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\bash\AppData\Roaming\Mozilla\Firefox\Profiles\7moju7vn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [243200 2009-10-21] (Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-21 12:13 - 2013-09-21 12:13 - 01039554 _____ C:\Users\bash\Desktop\AdwCleaner.exe
2013-09-21 12:12 - 2013-09-21 12:13 - 01950622 _____ (Farbar) C:\Users\bash\Desktop\FRST64.exe
2013-09-21 12:10 - 2013-09-21 12:10 - 00018189 _____ C:\Users\bash\Desktop\combofix.txt
2013-09-21 12:10 - 2013-09-21 12:10 - 00018189 _____ C:\ComboFix.txt
2013-09-21 11:50 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-21 11:50 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-21 11:50 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-21 11:50 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-21 11:50 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-21 11:50 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-21 11:50 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-21 11:50 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-21 11:49 - 2013-09-21 12:10 - 00000000 ____D C:\Qoobox
2013-09-21 11:42 - 2013-09-21 11:42 - 00058016 _____ C:\Users\1887\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-20 12:45 - 2013-09-20 12:45 - 00000000 ____D C:\Users\1887\AppData\Roaming\SoundSpectrum
2013-09-20 12:45 - 2013-09-20 12:45 - 00000000 ____D C:\Users\1887\AppData\Local\SoundSpectrum
2013-09-19 03:31 - 2013-09-21 11:59 - 00006996 _____ C:\Windows\PFRO.log
2013-09-18 17:52 - 2013-09-18 17:52 - 00000000 ____D C:\Users\1887\AppData\Roaming\NVIDIA
2013-09-18 17:36 - 2013-09-18 17:36 - 00000000 ____D C:\Users\1887\AppData\Roaming\Malwarebytes
2013-09-18 17:33 - 2013-09-18 17:33 - 00000000 ____D C:\Users\1887\dwhelper
2013-09-18 17:20 - 2013-09-18 17:20 - 00659138 _____ C:\Users\bash\Downloads\DelFix-10.0.exe.part
2013-09-18 17:20 - 2013-09-18 17:20 - 00000000 _____ C:\Users\bash\Downloads\DelFix-10.0.exe
2013-09-18 17:17 - 2013-09-18 17:17 - 00058016 _____ C:\Users\bash\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-18 17:01 - 2013-09-18 17:01 - 00000000 ____D C:\FRST
2013-09-18 16:29 - 2013-09-18 16:47 - 00000000 ____D C:\Users\1887\AppData\Roaming\Skype
2013-09-18 15:50 - 2013-09-18 15:50 - 00281896 _____ (Mozilla) C:\Users\bash\Downloads\Firefox Setup Stub 24.0.exe
2013-09-18 15:45 - 2013-09-18 15:45 - 00000000 ____D C:\Users\1887\AppData\Roaming\Macromedia
2013-09-18 15:45 - 2013-09-18 15:45 - 00000000 ____D C:\Users\1887\AppData\Local\Macromedia
2013-09-18 15:41 - 2013-09-18 16:05 - 00000000 ____D C:\Users\1887\AppData\Local\Mozilla
2013-09-18 15:41 - 2013-09-18 15:41 - 00000000 ____D C:\Users\1887\AppData\Roaming\Mozilla
2013-09-18 15:37 - 2013-09-18 15:37 - 00001421 _____ C:\Users\1887\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-18 15:37 - 2013-09-18 15:37 - 00000000 ____D C:\Users\1887\AppData\Roaming\Adobe
2013-09-18 15:35 - 2013-09-18 15:37 - 00000000 ___RD C:\Users\1887\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-18 15:35 - 2013-09-18 15:37 - 00000000 ___RD C:\Users\1887\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-18 15:34 - 2013-09-18 15:34 - 00000680 __RSH C:\Users\1887\ntuser.pol
2013-09-18 15:34 - 2013-09-18 15:34 - 00000020 ___SH C:\Users\1887\ntuser.ini
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\Vorlagen
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\Startmenü
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\Netzwerkumgebung
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\Lokale Einstellungen
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\Eigene Dateien
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\Druckumgebung
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\Documents\Eigene Musik
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\Documents\Eigene Bilder
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\AppData\Local\Verlauf
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\AppData\Local\Anwendungsdaten
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\Anwendungsdaten
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 ____D C:\Users\1887\AppData\Local\VirtualStore
2013-09-18 15:34 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\1887\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-18 15:34 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\1887\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-18 15:33 - 2013-09-21 12:04 - 00001727 _____ C:\Windows\setupact.log
2013-09-18 15:33 - 2013-09-18 17:52 - 00000000 ____D C:\Users\1887
2013-09-18 15:33 - 2013-09-18 15:33 - 00275856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-18 15:33 - 2013-09-18 15:33 - 00000000 _____ C:\Windows\setuperr.log
2013-09-18 14:24 - 2013-09-18 14:24 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-17 18:12 - 2013-09-18 15:21 - 00001744 _____ C:\DelFix.txt
2013-09-17 16:35 - 2013-09-18 13:34 - 00000000 ____D C:\AdwCleaner
2013-09-17 16:12 - 2013-09-17 16:13 - 05128653 ____R (Swearware) C:\Users\1887\Desktop\ComboFix.exe
2013-09-17 16:05 - 2013-09-18 17:49 - 00000000 ____D C:\Program Files (x86)\GIMP 2
2013-09-16 09:55 - 2013-09-16 09:57 - 00000000 ____D C:\Program Files (x86)\AbiWord
2013-09-15 19:04 - 2013-09-15 19:04 - 00000000 ____D C:\Program Files (x86)\Julien MANICI
2013-09-15 12:02 - 2013-09-15 12:02 - 00000000 ____D C:\Users\bash\AppData\Local\Secunia PSI
2013-09-15 12:02 - 2013-09-15 12:02 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-09-14 18:45 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-14 18:45 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2013-09-14 18:45 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2013-09-14 18:45 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2013-09-14 18:44 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2013-09-14 18:44 - 2011-03-11 08:41 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2013-09-14 18:44 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2013-09-14 18:44 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2013-09-14 18:44 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2013-09-14 18:44 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2013-09-14 18:44 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2013-09-14 18:44 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-09-14 18:43 - 2013-04-17 09:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-09-14 18:43 - 2013-04-17 08:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-09-14 18:42 - 2011-03-25 05:29 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-09-14 18:42 - 2011-03-25 05:29 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-09-14 18:42 - 2011-03-25 05:29 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-09-14 18:42 - 2011-03-25 05:29 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-09-14 18:42 - 2011-03-25 05:29 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-09-14 18:42 - 2011-03-25 05:29 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-09-14 18:42 - 2011-03-25 05:28 - 00007936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-09-14 18:31 - 2013-09-01 17:08 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-14 16:49 - 2013-09-14 16:49 - 00000000 ____D C:\Users\bash\AppData\Roaming\Mozilla
2013-09-14 16:04 - 2013-09-14 16:04 - 00000000 ____D C:\Users\bash\AppData\Local\calibre-cache
2013-09-14 16:03 - 2013-09-14 16:35 - 00000000 ____D C:\Users\bash\Documents\Calibre-Bibliothek
2013-09-14 16:03 - 2013-09-14 16:04 - 00000000 ____D C:\Users\bash\AppData\Roaming\calibre
2013-09-14 16:02 - 2013-09-15 20:40 - 00000000 ____D C:\Program Files\Calibre2
2013-09-14 15:34 - 2009-10-21 17:16 - 00243200 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbnet.sys
2013-09-14 15:34 - 2009-10-12 15:23 - 00114304 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbdev.sys
2013-09-14 15:34 - 2009-09-10 15:31 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2013-09-14 15:34 - 2007-08-09 04:10 - 00029696 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2013-09-14 15:20 - 2013-09-19 03:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-14 14:14 - 2013-09-14 14:15 - 00000000 ____D C:\ProgramData\Skype
2013-09-14 14:14 - 2013-09-14 14:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-14 12:14 - 2013-09-15 03:22 - 00000000 ___RD C:\Sandbox
2013-09-14 12:09 - 2013-09-18 16:31 - 00002182 _____ C:\Windows\Sandboxie.ini
2013-09-14 12:08 - 2013-09-14 12:08 - 00000000 ____D C:\Program Files\Sandboxie
2013-09-12 16:35 - 2013-09-15 11:40 - 00000000 ____D C:\Windows\ERUNT
2013-09-12 13:54 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 13:54 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 13:54 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-12 13:54 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 13:54 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 13:54 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 13:54 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 13:54 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 13:54 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 13:54 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 13:54 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 13:54 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-12 13:54 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-12 13:54 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-12 13:54 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-12 13:54 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-12 13:54 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-12 13:54 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-12 13:54 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-12 13:54 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-12 13:54 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-12 13:54 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-12 13:54 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-12 13:54 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-12 13:54 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-12 13:54 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-12 13:54 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-12 13:54 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 13:54 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-12 13:54 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-12 13:54 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-12 13:51 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-12 13:51 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-12 13:51 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-12 13:51 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-12 13:51 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-12 13:51 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 13:51 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-12 13:51 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 13:51 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-12 13:51 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-12 13:51 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-12 13:51 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-12 13:51 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-12 13:51 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 13:51 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-12 13:51 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-12 13:51 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 13:51 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-12 13:51 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-12 13:51 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-12 13:51 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-12 13:51 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-12 13:50 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 13:50 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-12 13:50 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 13:50 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 13:50 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-12 13:50 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 13:50 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-12 13:50 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-12 13:50 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-12 13:50 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-12 13:24 - 2013-09-12 13:24 - 00000000 ____D C:\ProgramData\Sun
2013-09-12 13:24 - 2013-09-12 13:24 - 00000000 ____D C:\ProgramData\Oracle
2013-09-12 13:23 - 2013-09-12 13:23 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-12 13:23 - 2013-09-12 13:23 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-12 13:23 - 2013-09-12 13:23 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-12 13:23 - 2013-09-12 13:23 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-12 13:23 - 2013-09-12 13:23 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-12 13:18 - 2013-09-12 13:18 - 00000000 ____D C:\Windows\Sun
2013-09-12 01:53 - 2013-09-12 01:53 - 00001896 _____ C:\Users\bash\Documents\457.txt
2013-09-12 00:19 - 2013-09-21 12:10 - 00018400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-12 00:19 - 2013-09-21 12:10 - 00018400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-12 00:19 - 2013-09-12 00:19 - 00000552 _____ C:\Windows\system32\spsys.log
2013-09-12 00:04 - 2013-09-12 00:53 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-09-11 21:05 - 2013-09-11 21:05 - 00000680 __RSH C:\Users\bash\ntuser.pol
2013-09-11 18:50 - 2013-09-11 18:50 - 00001356 _____ C:\Users\bash\Desktop\CCleaner - Verknüpfung.lnk
2013-09-11 18:09 - 2013-09-11 18:09 - 00000000 ____D C:\Users\bash\AppData\Roaming\Ashampoo
2013-09-11 18:08 - 2013-09-11 18:08 - 00000000 ____D C:\Users\bash\AppData\Local\ashampoo
2013-09-11 18:07 - 2013-09-11 18:08 - 00000000 ____D C:\ProgramData\Ashampoo
2013-09-11 18:07 - 2013-09-11 18:07 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2013-09-11 18:03 - 2013-09-16 10:29 - 00000000 ____D C:\Program Files\CCleaner
2013-09-11 18:03 - 2013-09-11 18:03 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-11 17:34 - 2013-09-11 17:34 - 00000000 ____D C:\Users\bash\AppData\Roaming\SoundSpectrum
2013-09-11 17:34 - 2013-09-11 17:34 - 00000000 ____D C:\Users\bash\AppData\Local\SoundSpectrum
2013-09-11 17:33 - 2013-09-11 17:33 - 00000000 ____D C:\Program Files (x86)\SoundSpectrum
2013-09-11 16:49 - 2013-09-17 10:48 - 00007633 _____ C:\Users\bash\AppData\Local\Resmon.ResmonCfg
2013-09-10 18:07 - 2013-09-21 12:06 - 00000000 ____D C:\Windows\erdnt
2013-09-10 14:23 - 2013-09-14 18:33 - 00000000 ____D C:\Windows\system32\MRT
2013-09-09 12:56 - 2013-09-09 12:56 - 00000000 ____D C:\Users\bash\AppData\Roaming\NVIDIA
2013-09-09 11:52 - 2013-09-09 11:52 - 00001413 _____ C:\Users\bash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-09 07:41 - 2013-09-12 14:45 - 00000000 ____D C:\Windows\Panther
2013-09-09 04:31 - 2013-09-09 04:31 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-09 04:31 - 2013-09-09 04:31 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-09-09 04:31 - 2013-09-09 04:31 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-09-09 04:31 - 2013-09-09 04:31 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-09-09 04:31 - 2013-09-09 04:31 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-09-09 04:31 - 2013-09-09 04:31 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-09-09 04:31 - 2013-09-09 04:31 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-09-09 04:31 - 2013-09-09 04:31 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-09-09 04:31 - 2013-09-09 04:31 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-09-09 04:22 - 2013-09-09 04:22 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-09 04:22 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-09 04:22 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-09 04:21 - 2013-01-31 11:25 - 06207776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-09-09 04:21 - 2013-01-31 11:25 - 03300640 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-09-09 04:21 - 2013-01-31 11:24 - 02558240 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-09-09 04:21 - 2013-01-31 11:24 - 00878368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-09-09 04:21 - 2013-01-31 11:24 - 00118560 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-09-09 04:21 - 2013-01-31 11:24 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-09-09 04:19 - 2013-02-19 22:32 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2013-09-09 04:19 - 2013-02-19 22:32 - 00053024 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2013-09-09 04:18 - 2013-09-09 04:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-09-09 04:10 - 2013-09-14 10:53 - 00000000 ____D C:\Users\bash\AppData\Local\Mixxx
2013-09-09 04:06 - 2013-09-09 04:07 - 00000000 ____D C:\Program Files\Mixxx
2013-09-09 03:45 - 2013-09-09 03:45 - 00000000 ____D C:\Users\bash\AppData\Roaming\Malwarebytes
2013-09-09 03:45 - 2013-09-09 03:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-09 03:45 - 2013-09-09 03:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-09 03:45 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-09 03:30 - 2013-09-20 14:30 - 00653928 _____ C:\Windows\system32\perfh007.dat
2013-09-09 03:30 - 2013-09-20 14:30 - 00129800 _____ C:\Windows\system32\perfc007.dat
2013-09-09 03:30 - 2013-09-09 03:27 - 00295922 _____ C:\Windows\system32\perfi007.dat
2013-09-09 03:30 - 2013-09-09 03:27 - 00038104 _____ C:\Windows\system32\perfd007.dat
2013-09-09 03:28 - 2013-09-09 03:28 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-09-09 03:28 - 2013-09-09 03:28 - 00000000 ____D C:\Windows\SysWOW64\de
2013-09-09 03:28 - 2013-09-09 03:28 - 00000000 ____D C:\Windows\SysWOW64\0407
2013-09-09 03:28 - 2013-09-09 03:28 - 00000000 ____D C:\Windows\system32\0407
2013-09-09 03:27 - 2013-09-09 03:27 - 00000000 ____D C:\Windows\system32\de
2013-09-09 03:11 - 2013-09-12 13:23 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-09 03:11 - 2013-09-12 13:23 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-09 02:46 - 2013-09-09 02:47 - 00000000 ____D C:\Program Files\Tracker Software
2013-09-09 02:40 - 2013-09-09 02:40 - 00000000 ____D C:\Users\bash\AppData\Roaming\Macromedia
2013-09-09 02:40 - 2013-09-09 02:40 - 00000000 ____D C:\Users\bash\AppData\Roaming\Adobe
2013-09-09 02:40 - 2013-09-09 02:40 - 00000000 ____D C:\Users\bash\AppData\Local\Macromedia
2013-09-09 02:39 - 2013-09-20 18:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-09 02:39 - 2013-09-14 21:40 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-09 02:39 - 2013-09-11 16:58 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-09 02:39 - 2013-09-11 16:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-09 02:38 - 2013-09-09 02:38 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-09-09 02:38 - 2013-09-09 02:38 - 00000000 ____D C:\Windows\system32\Macromed
2013-09-09 01:59 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-09-09 01:59 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-09-09 01:44 - 2013-09-09 04:22 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-09 01:44 - 2010-08-12 11:46 - 00758272 _____ (NVIDIA Corporation) C:\Windows\system32\cohelper.dll
2013-09-09 01:44 - 2010-08-09 22:33 - 00011164 _____ C:\Windows\system32\Drivers\nvphy.bin
2013-09-09 01:43 - 2012-07-26 06:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-09-09 01:43 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-09-09 01:43 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-09-09 01:43 - 2012-06-02 16:35 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-09-09 01:42 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-09-09 01:42 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-09-09 01:42 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2013-09-09 01:42 - 2012-08-23 16:07 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-09-09 01:42 - 2012-08-23 15:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-09-09 01:42 - 2012-08-23 15:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-09-09 01:42 - 2012-08-23 15:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-09-09 01:42 - 2012-08-23 15:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-09-09 01:42 - 2012-08-23 15:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-09-09 01:42 - 2012-08-23 15:20 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-09-09 01:42 - 2012-08-23 15:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-09-09 01:42 - 2012-08-23 15:17 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-09-09 01:42 - 2012-08-23 15:06 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-09-09 01:42 - 2012-08-23 14:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-09-09 01:42 - 2012-08-23 13:20 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-09-09 01:42 - 2012-08-23 13:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-09-09 01:42 - 2012-08-23 13:14 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-09-09 01:42 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-09-09 01:42 - 2012-08-23 12:54 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-09-09 01:42 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-09-09 01:42 - 2012-08-23 12:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-09-09 01:42 - 2012-08-23 12:22 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-09-09 01:42 - 2012-08-23 11:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-09-09 01:42 - 2012-08-23 10:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-09-09 01:42 - 2012-08-23 10:13 - 05773824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-09-09 01:38 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-09-09 01:38 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-09-09 01:38 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-09-09 01:38 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-09-09 01:38 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-09-09 01:38 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-09-09 01:38 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-09-09 01:38 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-09-09 01:35 - 2013-01-13 21:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-09-09 01:35 - 2013-01-13 21:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-09-09 01:35 - 2013-01-13 21:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-09-09 01:35 - 2013-01-13 20:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-09-09 01:35 - 2013-01-04 08:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-09-09 01:35 - 2013-01-04 08:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-09-09 01:34 - 2013-01-13 23:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-09 01:34 - 2013-01-13 23:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-09 01:34 - 2013-01-13 23:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-09 01:34 - 2013-01-13 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-09 01:34 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-09 01:34 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-09 01:34 - 2013-01-13 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-09 01:34 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-09 01:34 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-09 01:34 - 2013-01-13 22:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-09 01:34 - 2013-01-13 22:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-09 01:34 - 2013-01-13 22:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-09 01:34 - 2013-01-13 22:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-09 01:34 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-09 01:34 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-09 01:34 - 2013-01-13 22:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-09 01:34 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-09 01:34 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-09 01:34 - 2013-01-13 22:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-09-09 01:34 - 2013-01-13 22:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-09-09 01:34 - 2013-01-13 22:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-09-09 01:34 - 2013-01-13 22:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-09-09 01:34 - 2013-01-13 21:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-09-09 01:34 - 2013-01-13 21:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-09-09 01:34 - 2013-01-13 21:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-09-09 01:34 - 2013-01-13 21:51 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-09-09 01:34 - 2013-01-13 21:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-09-09 01:34 - 2013-01-13 21:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-09-09 01:34 - 2013-01-13 21:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-09-09 01:34 - 2013-01-13 21:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-09-09 01:34 - 2013-01-13 21:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-09-09 01:34 - 2013-01-13 21:37 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-09-09 01:34 - 2013-01-13 21:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-09-09 01:34 - 2013-01-13 21:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-09-09 01:34 - 2013-01-13 21:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-09-09 01:34 - 2013-01-13 21:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-09-09 01:34 - 2013-01-13 21:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-09-09 01:34 - 2013-01-13 20:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-09-09 01:34 - 2013-01-13 20:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-09-09 01:34 - 2013-01-13 19:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-09-09 01:34 - 2013-01-13 19:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-09-09 01:32 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2013-09-09 01:32 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2013-09-09 01:31 - 2012-11-30 01:17 - 00420064 _____ C:\Windows\SysWOW64\locale.nls
2013-09-09 01:31 - 2012-11-30 01:15 - 00420064 _____ C:\Windows\system32\locale.nls
2013-09-09 01:30 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2013-09-09 01:30 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2013-09-09 01:30 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2013-09-09 01:30 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2013-09-09 01:30 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2013-09-09 01:30 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-09-09 01:30 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2013-09-09 01:30 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2013-09-09 01:30 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2013-09-09 01:30 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2013-09-09 01:30 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-09-09 01:29 - 2012-08-24 20:13 - 00154480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-09-09 01:29 - 2012-08-24 20:09 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-09-09 01:29 - 2012-08-24 20:05 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-09-09 01:29 - 2012-08-24 20:03 - 01448448 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-09-09 01:29 - 2012-08-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-09-09 01:29 - 2012-08-24 18:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-09-09 01:29 - 2012-08-24 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-09-09 01:27 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2013-09-09 01:27 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2013-09-09 01:27 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2013-09-09 01:27 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2013-09-09 01:27 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2013-09-09 01:27 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2013-09-09 01:27 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2013-09-09 01:27 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2013-09-09 01:27 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2013-09-09 01:27 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-09-09 01:27 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-09-09 01:27 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-09-09 01:27 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-09-09 01:27 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-09-09 01:27 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2013-09-09 01:27 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-09-09 01:27 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-09-09 01:27 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-09-09 01:26 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-09-09 01:26 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-09-09 01:25 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2013-09-09 01:24 - 2012-11-22 07:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2013-09-09 01:24 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-09-09 01:24 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2013-09-09 01:24 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2013-09-09 01:24 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-09-09 01:24 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-09-09 01:23 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-09-09 01:23 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2013-09-09 01:23 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2013-09-09 01:23 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2013-09-09 01:23 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2013-09-09 01:22 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2013-09-09 01:22 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2013-09-09 01:22 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-09-09 01:22 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-09-09 01:22 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2013-09-09 01:22 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2013-09-09 01:22 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2013-09-09 01:22 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2013-09-09 01:22 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2013-09-09 01:22 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2013-09-09 01:22 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2013-09-09 01:22 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2013-09-09 01:22 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2013-09-09 01:22 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2013-09-09 01:22 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2013-09-09 01:22 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2013-09-09 01:22 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2013-09-09 01:22 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2013-09-09 01:22 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-09-09 01:22 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-09-09 01:22 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-09-09 01:22 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-09-09 01:22 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-09-09 01:22 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-09-09 01:22 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-09-09 01:22 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-09-09 01:22 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-09-09 01:22 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-09-09 01:22 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-09-09 01:22 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-09-09 01:22 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-09-09 01:22 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-09-09 01:22 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2013-09-09 01:22 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2013-09-09 01:22 - 2011-04-23 00:15 - 00027520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2013-09-09 01:20 - 2012-04-07 14:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2013-09-09 01:20 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2013-09-09 01:19 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-09-09 01:19 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-09-09 01:18 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-09-09 01:18 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-09-09 01:18 - 2012-05-04 13:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-09-09 01:18 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-09-09 01:18 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2013-09-09 01:18 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2013-09-09 01:13 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2013-09-09 01:13 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2013-09-09 01:11 - 2013-03-19 07:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-09-09 01:11 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-09-09 01:11 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2013-09-09 01:11 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2013-09-09 01:05 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-09-09 00:09 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2013-09-09 00:02 - 2012-12-16 19:11 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-09-09 00:02 - 2012-12-16 16:45 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-09-09 00:02 - 2012-12-16 16:13 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-09-09 00:02 - 2012-12-16 16:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-09-09 00:02 - 2010-09-30 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-09-09 00:02 - 2010-09-30 08:47 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-09-08 23:57 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2013-09-08 23:57 - 2012-03-01 08:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-09-08 23:57 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2013-09-08 23:57 - 2012-03-01 07:33 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-09-08 23:57 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2013-09-08 23:55 - 2013-09-08 23:55 - 00000000 ____D C:\Program Files\7-Zip
2013-09-08 23:18 - 2013-09-09 13:51 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-08 23:18 - 2013-08-30 09:48 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-09-08 23:18 - 2013-08-30 09:48 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-09-08 23:18 - 2013-08-30 09:48 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-09-08 23:18 - 2013-08-30 09:48 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-09-08 23:18 - 2013-08-30 09:48 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-09-08 23:18 - 2013-08-30 09:48 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-09-08 23:18 - 2013-08-30 09:48 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-09-08 23:18 - 2013-08-30 09:48 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-09-08 23:16 - 2013-08-30 09:47 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-09-08 22:57 - 2013-09-16 10:35 - 00000000 ____D C:\Users\bash\AppData\Local\Google
2013-09-08 22:57 - 2013-09-16 10:35 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-08 22:57 - 2013-09-08 23:18 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-08 22:57 - 2013-08-30 09:47 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-09-08 22:54 - 2013-09-08 23:16 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-08 22:53 - 2013-09-08 23:16 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-08 22:39 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-09-08 22:39 - 2013-02-27 07:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-09-08 22:39 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-09-08 22:39 - 2013-02-27 06:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-09-08 22:38 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-09-08 22:38 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-09-08 22:38 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-09-08 22:38 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-09-08 22:38 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-09-08 22:38 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-09-08 22:38 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-09-08 22:38 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-09-08 22:37 - 2013-04-10 08:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-09-08 22:37 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-09-08 22:37 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-09-08 22:37 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-09-08 22:36 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-09-08 22:36 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-09-08 22:36 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-09-08 22:36 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-09-08 22:36 - 2011-06-15 12:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2013-09-08 22:36 - 2011-06-15 12:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2013-09-08 22:36 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2013-09-08 22:36 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2013-09-08 22:36 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2013-09-08 22:36 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2013-09-08 22:36 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2013-09-08 22:36 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2013-09-08 22:36 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2013-09-08 22:35 - 2013-04-12 16:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-09-08 22:35 - 2012-11-01 07:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-09-08 22:35 - 2012-11-01 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-09-08 22:35 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-09-08 22:35 - 2012-11-01 06:47 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-09-08 22:35 - 2011-05-24 13:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2013-09-08 22:35 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2013-09-08 22:35 - 2011-05-24 12:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2013-09-08 22:35 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2013-09-08 22:35 - 2011-05-24 12:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2013-09-08 22:35 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2013-09-08 22:35 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-09-08 22:35 - 2011-03-11 08:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2013-09-08 22:35 - 2011-03-11 08:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2013-09-08 22:35 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2013-09-08 22:35 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2013-09-08 22:35 - 2010-12-23 12:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2013-09-08 22:35 - 2010-12-23 12:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2013-09-08 22:35 - 2010-12-23 12:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2013-09-08 22:35 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2013-09-08 22:35 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2013-09-08 22:35 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2013-09-08 22:35 - 2010-06-26 05:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2013-09-08 22:35 - 2010-06-26 05:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-09-08 22:34 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-09-08 22:34 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-09-08 22:34 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-09-08 22:34 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-09-08 22:34 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-09-08 22:34 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-09-08 22:34 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-09-08 22:34 - 2012-11-20 07:48 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-09-08 22:34 - 2012-11-20 06:51 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-09-08 22:34 - 2012-06-02 07:48 - 00095600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-09-08 22:34 - 2011-11-17 08:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2013-09-08 22:34 - 2011-11-17 08:35 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-09-08 22:34 - 2011-11-17 08:35 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-09-08 22:34 - 2011-11-17 08:35 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-09-08 22:34 - 2011-11-17 08:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-09-08 22:34 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2013-09-08 22:34 - 2011-10-26 07:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2013-09-08 22:34 - 2011-10-26 06:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2013-09-08 22:34 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2013-09-08 22:34 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2013-09-08 22:34 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2013-09-08 22:34 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2013-09-08 22:34 - 2011-07-09 04:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2013-09-08 22:34 - 2011-04-29 05:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2013-09-08 22:34 - 2011-04-29 05:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2013-09-08 22:34 - 2011-04-29 05:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2013-09-08 22:34 - 2011-04-27 04:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2013-09-08 22:34 - 2011-04-27 04:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2013-09-08 22:34 - 2011-03-03 08:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2013-09-08 22:34 - 2011-03-03 08:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2013-09-08 22:34 - 2011-03-03 08:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2013-09-08 22:34 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2013-09-08 22:34 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2013-09-08 22:33 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-09-08 22:33 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-09-08 22:33 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-09-08 22:33 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-09-08 22:33 - 2012-08-11 02:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-09-08 22:33 - 2012-08-11 01:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-09-08 22:33 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2013-09-08 22:33 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2013-09-08 22:33 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2013-09-08 22:33 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2013-09-08 22:33 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2013-09-08 22:33 - 2012-04-26 07:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2013-09-08 22:33 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2013-09-08 22:33 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2013-09-08 22:33 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2013-09-08 22:33 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2013-09-08 22:33 - 2011-02-05 19:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-09-08 22:33 - 2011-02-05 19:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2013-09-08 22:33 - 2011-02-05 19:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2013-09-08 22:33 - 2011-02-05 19:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2013-09-08 22:33 - 2011-02-05 19:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-09-08 22:33 - 2011-02-05 19:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-09-08 22:33 - 2011-02-05 19:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-09-08 22:32 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-09-08 22:32 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-09-08 22:32 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-09-08 22:32 - 2013-01-03 08:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-09-08 22:32 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-09-08 22:32 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-09-08 22:32 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2013-09-08 22:32 - 2012-08-22 20:12 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-09-08 22:32 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-09-08 22:32 - 2012-04-28 05:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-09-08 22:32 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2013-09-08 22:32 - 2011-12-28 05:59 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-09-08 22:32 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2013-09-08 22:32 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2013-09-08 22:32 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2013-09-08 22:32 - 2011-02-12 13:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2013-09-08 22:26 - 2011-08-27 07:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-09-08 22:26 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2013-09-08 22:26 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-09-08 22:26 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2013-09-08 22:23 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2013-09-08 22:23 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2013-09-08 22:21 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2013-09-08 22:21 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2013-09-08 22:20 - 2011-11-19 16:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2013-09-08 22:20 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2013-09-08 22:18 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2013-09-08 22:18 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-09-08 22:18 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2013-09-08 22:09 - 2013-09-08 22:09 - 00000000 ____D C:\Users\bash\AppData\Local\Mozilla
2013-09-08 22:09 - 2013-09-08 22:09 - 00000000 ____D C:\ProgramData\Mozilla
2013-09-08 22:05 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-08 22:05 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-08 22:05 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-08 22:05 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-08 22:04 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-08 22:04 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-09-08 22:04 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-09-08 22:04 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-08 22:04 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-08 22:01 - 2013-09-14 15:36 - 00000000 ____D C:\Program Files (x86)\Mobile Partner
2013-09-08 22:01 - 2013-09-08 22:01 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2013-09-08 21:56 - 2013-09-12 14:01 - 00000000 ___RD C:\Users\bash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-08 21:56 - 2013-09-12 14:01 - 00000000 ___RD C:\Users\bash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-08 21:56 - 2013-09-08 21:56 - 00000000 ____D C:\Users\bash\AppData\Local\VirtualStore
2013-09-08 21:55 - 2013-09-21 11:48 - 00000000 ____D C:\Users\bash
2013-09-08 21:55 - 2013-09-08 21:55 - 00000020 ___SH C:\Users\bash\ntuser.ini
2013-09-08 21:55 - 2013-09-08 21:55 - 00000000 ____D C:\Recovery
2013-09-08 21:55 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\bash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-09-08 21:55 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\bash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-08 21:47 - 2013-09-21 12:14 - 01170121 _____ C:\Windows\WindowsUpdate.log
2013-08-23 03:32 - 2013-08-23 03:32 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-08-23 03:32 - 2013-08-23 03:32 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_43.dll
2013-08-23 03:32 - 2013-08-23 03:32 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-08-23 03:32 - 2013-08-23 03:32 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_43.dll
==================== One Month Modified Files and Folders =======
2013-09-21 12:14 - 2013-09-08 21:47 - 01170121 _____ C:\Windows\WindowsUpdate.log
2013-09-21 12:13 - 2013-09-21 12:13 - 01039554 _____ C:\Users\bash\Desktop\AdwCleaner.exe
2013-09-21 12:13 - 2013-09-21 12:12 - 01950622 _____ (Farbar) C:\Users\bash\Desktop\FRST64.exe
2013-09-21 12:10 - 2013-09-21 12:10 - 00018189 _____ C:\Users\bash\Desktop\combofix.txt
2013-09-21 12:10 - 2013-09-21 12:10 - 00018189 _____ C:\ComboFix.txt
2013-09-21 12:10 - 2013-09-21 11:49 - 00000000 ____D C:\Qoobox
2013-09-21 12:10 - 2013-09-12 00:19 - 00018400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-21 12:10 - 2013-09-12 00:19 - 00018400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-21 12:06 - 2013-09-10 18:07 - 00000000 ____D C:\Windows\erdnt
2013-09-21 12:06 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-09-21 12:05 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-21 12:04 - 2013-09-18 15:33 - 00001727 _____ C:\Windows\setupact.log
2013-09-21 11:59 - 2013-09-19 03:31 - 00006996 _____ C:\Windows\PFRO.log
2013-09-21 11:48 - 2013-09-08 21:55 - 00000000 ____D C:\Users\bash
2013-09-21 11:42 - 2013-09-21 11:42 - 00058016 _____ C:\Users\1887\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-20 18:59 - 2013-09-09 02:39 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-20 14:30 - 2013-09-09 03:30 - 00653928 _____ C:\Windows\system32\perfh007.dat
2013-09-20 14:30 - 2013-09-09 03:30 - 00129800 _____ C:\Windows\system32\perfc007.dat
2013-09-20 14:30 - 2009-07-14 07:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-20 12:45 - 2013-09-20 12:45 - 00000000 ____D C:\Users\1887\AppData\Roaming\SoundSpectrum
2013-09-20 12:45 - 2013-09-20 12:45 - 00000000 ____D C:\Users\1887\AppData\Local\SoundSpectrum
2013-09-19 03:31 - 2013-09-14 15:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-18 17:55 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-09-18 17:52 - 2013-09-18 17:52 - 00000000 ____D C:\Users\1887\AppData\Roaming\NVIDIA
2013-09-18 17:52 - 2013-09-18 15:33 - 00000000 ____D C:\Users\1887
2013-09-18 17:49 - 2013-09-17 16:05 - 00000000 ____D C:\Program Files (x86)\GIMP 2
2013-09-18 17:36 - 2013-09-18 17:36 - 00000000 ____D C:\Users\1887\AppData\Roaming\Malwarebytes
2013-09-18 17:33 - 2013-09-18 17:33 - 00000000 ____D C:\Users\1887\dwhelper
2013-09-18 17:20 - 2013-09-18 17:20 - 00659138 _____ C:\Users\bash\Downloads\DelFix-10.0.exe.part
2013-09-18 17:20 - 2013-09-18 17:20 - 00000000 _____ C:\Users\bash\Downloads\DelFix-10.0.exe
2013-09-18 17:17 - 2013-09-18 17:17 - 00058016 _____ C:\Users\bash\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-18 17:01 - 2013-09-18 17:01 - 00000000 ____D C:\FRST
2013-09-18 16:47 - 2013-09-18 16:29 - 00000000 ____D C:\Users\1887\AppData\Roaming\Skype
2013-09-18 16:31 - 2013-09-14 12:09 - 00002182 _____ C:\Windows\Sandboxie.ini
2013-09-18 16:05 - 2013-09-18 15:41 - 00000000 ____D C:\Users\1887\AppData\Local\Mozilla
2013-09-18 15:50 - 2013-09-18 15:50 - 00281896 _____ (Mozilla) C:\Users\bash\Downloads\Firefox Setup Stub 24.0.exe
2013-09-18 15:45 - 2013-09-18 15:45 - 00000000 ____D C:\Users\1887\AppData\Roaming\Macromedia
2013-09-18 15:45 - 2013-09-18 15:45 - 00000000 ____D C:\Users\1887\AppData\Local\Macromedia
2013-09-18 15:41 - 2013-09-18 15:41 - 00000000 ____D C:\Users\1887\AppData\Roaming\Mozilla
2013-09-18 15:37 - 2013-09-18 15:37 - 00001421 _____ C:\Users\1887\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-18 15:37 - 2013-09-18 15:37 - 00000000 ____D C:\Users\1887\AppData\Roaming\Adobe
2013-09-18 15:37 - 2013-09-18 15:35 - 00000000 ___RD C:\Users\1887\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-18 15:37 - 2013-09-18 15:35 - 00000000 ___RD C:\Users\1887\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-18 15:34 - 2013-09-18 15:34 - 00000680 __RSH C:\Users\1887\ntuser.pol
2013-09-18 15:34 - 2013-09-18 15:34 - 00000020 ___SH C:\Users\1887\ntuser.ini
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\Vorlagen
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\Startmenü
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\Netzwerkumgebung
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\Lokale Einstellungen
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\Eigene Dateien
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\Druckumgebung
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\Documents\Eigene Musik
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\Documents\Eigene Bilder
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\AppData\Local\Verlauf
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\AppData\Local\Anwendungsdaten
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 _SHDL C:\Users\1887\Anwendungsdaten
2013-09-18 15:34 - 2013-09-18 15:34 - 00000000 ____D C:\Users\1887\AppData\Local\VirtualStore
2013-09-18 15:33 - 2013-09-18 15:33 - 00275856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-18 15:33 - 2013-09-18 15:33 - 00000000 _____ C:\Windows\setuperr.log
2013-09-18 15:21 - 2013-09-17 18:12 - 00001744 _____ C:\DelFix.txt
2013-09-18 14:24 - 2013-09-18 14:24 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-18 13:34 - 2013-09-17 16:35 - 00000000 ____D C:\AdwCleaner
2013-09-17 18:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-09-17 16:13 - 2013-09-17 16:12 - 05128653 ____R (Swearware) C:\Users\1887\Desktop\ComboFix.exe
2013-09-17 10:48 - 2013-09-11 16:49 - 00007633 _____ C:\Users\bash\AppData\Local\Resmon.ResmonCfg
2013-09-16 10:35 - 2013-09-08 22:57 - 00000000 ____D C:\Users\bash\AppData\Local\Google
2013-09-16 10:35 - 2013-09-08 22:57 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-16 10:29 - 2013-09-11 18:03 - 00000000 ____D C:\Program Files\CCleaner
2013-09-16 09:57 - 2013-09-16 09:55 - 00000000 ____D C:\Program Files (x86)\AbiWord
2013-09-15 20:40 - 2013-09-14 16:02 - 00000000 ____D C:\Program Files\Calibre2
2013-09-15 19:04 - 2013-09-15 19:04 - 00000000 ____D C:\Program Files (x86)\Julien MANICI
2013-09-15 19:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2013-09-15 12:02 - 2013-09-15 12:02 - 00000000 ____D C:\Users\bash\AppData\Local\Secunia PSI
2013-09-15 12:02 - 2013-09-15 12:02 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-09-15 11:40 - 2013-09-12 16:35 - 00000000 ____D C:\Windows\ERUNT
2013-09-15 03:22 - 2013-09-14 12:14 - 00000000 ___RD C:\Sandbox
2013-09-14 21:40 - 2013-09-09 02:39 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-14 18:33 - 2013-09-10 14:23 - 00000000 ____D C:\Windows\system32\MRT
2013-09-14 16:49 - 2013-09-14 16:49 - 00000000 ____D C:\Users\bash\AppData\Roaming\Mozilla
2013-09-14 16:35 - 2013-09-14 16:03 - 00000000 ____D C:\Users\bash\Documents\Calibre-Bibliothek
2013-09-14 16:04 - 2013-09-14 16:04 - 00000000 ____D C:\Users\bash\AppData\Local\calibre-cache
2013-09-14 16:04 - 2013-09-14 16:03 - 00000000 ____D C:\Users\bash\AppData\Roaming\calibre
2013-09-14 15:36 - 2013-09-08 22:01 - 00000000 ____D C:\Program Files (x86)\Mobile Partner
2013-09-14 14:15 - 2013-09-14 14:14 - 00000000 ____D C:\ProgramData\Skype
2013-09-14 14:14 - 2013-09-14 14:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-14 12:08 - 2013-09-14 12:08 - 00000000 ____D C:\Program Files\Sandboxie
2013-09-14 10:53 - 2013-09-09 04:10 - 00000000 ____D C:\Users\bash\AppData\Local\Mixxx
2013-09-12 14:45 - 2013-09-09 07:41 - 00000000 ____D C:\Windows\Panther
2013-09-12 14:01 - 2013-09-08 21:56 - 00000000 ___RD C:\Users\bash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-12 14:01 - 2013-09-08 21:56 - 00000000 ___RD C:\Users\bash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-12 13:24 - 2013-09-12 13:24 - 00000000 ____D C:\ProgramData\Sun
2013-09-12 13:24 - 2013-09-12 13:24 - 00000000 ____D C:\ProgramData\Oracle
2013-09-12 13:23 - 2013-09-12 13:23 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-09-12 13:23 - 2013-09-12 13:23 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-09-12 13:23 - 2013-09-12 13:23 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-09-12 13:23 - 2013-09-12 13:23 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-09-12 13:23 - 2013-09-12 13:23 - 00000000 ____D C:\Program Files (x86)\Java
2013-09-12 13:23 - 2013-09-09 03:11 - 00868264 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-09-12 13:23 - 2013-09-09 03:11 - 00790440 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-09-12 13:18 - 2013-09-12 13:18 - 00000000 ____D C:\Windows\Sun
2013-09-12 02:41 - 2010-11-21 09:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-09-12 01:53 - 2013-09-12 01:53 - 00001896 _____ C:\Users\bash\Documents\457.txt
2013-09-12 00:53 - 2013-09-12 00:04 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-09-12 00:42 - 2009-07-14 04:34 - 00000855 _____ C:\Windows\system32\Drivers\etc\HOSTS.MVP
2013-09-12 00:41 - 2009-07-14 04:34 - 00000439 _____ C:\Windows\win.ini
2013-09-12 00:19 - 2013-09-12 00:19 - 00000552 _____ C:\Windows\system32\spsys.log
2013-09-11 21:05 - 2013-09-11 21:05 - 00000680 __RSH C:\Users\bash\ntuser.pol
2013-09-11 21:05 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-09-11 18:50 - 2013-09-11 18:50 - 00001356 _____ C:\Users\bash\Desktop\CCleaner - Verknüpfung.lnk
2013-09-11 18:09 - 2013-09-11 18:09 - 00000000 ____D C:\Users\bash\AppData\Roaming\Ashampoo
2013-09-11 18:08 - 2013-09-11 18:08 - 00000000 ____D C:\Users\bash\AppData\Local\ashampoo
2013-09-11 18:08 - 2013-09-11 18:07 - 00000000 ____D C:\ProgramData\Ashampoo
2013-09-11 18:07 - 2013-09-11 18:07 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2013-09-11 18:03 - 2013-09-11 18:03 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-11 17:34 - 2013-09-11 17:34 - 00000000 ____D C:\Users\bash\AppData\Roaming\SoundSpectrum
2013-09-11 17:34 - 2013-09-11 17:34 - 00000000 ____D C:\Users\bash\AppData\Local\SoundSpectrum
2013-09-11 17:33 - 2013-09-11 17:33 - 00000000 ____D C:\Program Files (x86)\SoundSpectrum
2013-09-11 16:58 - 2013-09-09 02:39 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-11 16:58 - 2013-09-09 02:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-09 13:51 - 2013-09-08 23:18 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-09 12:56 - 2013-09-09 12:56 - 00000000 ____D C:\Users\bash\AppData\Roaming\NVIDIA
2013-09-09 11:52 - 2013-09-09 11:52 - 00001413 _____ C:\Users\bash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-09 11:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-09 07:41 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2013-09-09 07:41 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2013-09-09 04:31 - 2013-09-09 04:31 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-09 04:31 - 2013-09-09 04:31 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-09-09 04:31 - 2013-09-09 04:31 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-09-09 04:31 - 2013-09-09 04:31 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-09-09 04:31 - 2013-09-09 04:31 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-09-09 04:31 - 2013-09-09 04:31 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-09-09 04:31 - 2013-09-09 04:31 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-09-09 04:31 - 2013-09-09 04:31 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-09-09 04:31 - 2013-09-09 04:31 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-09-09 04:31 - 2013-09-09 04:31 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-09-09 04:31 - 2013-09-09 04:31 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-09-09 04:22 - 2013-09-09 04:22 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-09 04:22 - 2013-09-09 04:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-09 04:22 - 2013-09-09 01:44 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-09 04:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2013-09-09 04:18 - 2013-09-09 04:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-09-09 04:07 - 2013-09-09 04:06 - 00000000 ____D C:\Program Files\Mixxx
2013-09-09 04:06 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-09-09 03:45 - 2013-09-09 03:45 - 00000000 ____D C:\Users\bash\AppData\Roaming\Malwarebytes
2013-09-09 03:45 - 2013-09-09 03:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-09 03:45 - 2013-09-09 03:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-09 03:28 - 2013-09-09 03:28 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2013-09-09 03:28 - 2013-09-09 03:28 - 00000000 ____D C:\Windows\SysWOW64\de
2013-09-09 03:28 - 2013-09-09 03:28 - 00000000 ____D C:\Windows\SysWOW64\0407
2013-09-09 03:28 - 2013-09-09 03:28 - 00000000 ____D C:\Windows\system32\0407
2013-09-09 03:28 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2013-09-09 03:28 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-09-09 03:28 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\SysWOW64\WCN
2013-09-09 03:28 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2013-09-09 03:28 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2013-09-09 03:28 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2013-09-09 03:28 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\system32\winrm
2013-09-09 03:28 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\system32\WCN
2013-09-09 03:28 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\system32\slmgr
2013-09-09 03:28 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\DigitalLocker
2013-09-09 03:28 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2013-09-09 03:28 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-09-09 03:28 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-09-09 03:28 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-09-09 03:28 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2013-09-09 03:28 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2013-09-09 03:28 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-09-09 03:28 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-09-09 03:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2013-09-09 03:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-09-09 03:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-09-09 03:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-09-09 03:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-09-09 03:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\com
2013-09-09 03:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-09-09 03:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Setup
2013-09-09 03:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\MUI
2013-09-09 03:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\migwiz
2013-09-09 03:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2013-09-09 03:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2013-09-09 03:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\IME
2013-09-09 03:28 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-09-09 03:27 - 2013-09-09 03:30 - 00295922 _____ C:\Windows\system32\perfi007.dat
2013-09-09 03:27 - 2013-09-09 03:30 - 00038104 _____ C:\Windows\system32\perfd007.dat
2013-09-09 03:27 - 2013-09-09 03:27 - 00000000 ____D C:\Windows\system32\de
2013-09-09 03:27 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-09-09 03:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\com
2013-09-09 02:47 - 2013-09-09 02:46 - 00000000 ____D C:\Program Files\Tracker Software
2013-09-09 02:40 - 2013-09-09 02:40 - 00000000 ____D C:\Users\bash\AppData\Roaming\Macromedia
2013-09-09 02:40 - 2013-09-09 02:40 - 00000000 ____D C:\Users\bash\AppData\Roaming\Adobe
2013-09-09 02:40 - 2013-09-09 02:40 - 00000000 ____D C:\Users\bash\AppData\Local\Macromedia
2013-09-09 02:38 - 2013-09-09 02:38 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-09-09 02:38 - 2013-09-09 02:38 - 00000000 ____D C:\Windows\system32\Macromed
2013-09-09 01:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-09-09 01:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-09-09 01:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-09-09 01:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-09-08 23:55 - 2013-09-08 23:55 - 00000000 ____D C:\Program Files\7-Zip
2013-09-08 23:18 - 2013-09-08 22:57 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-08 23:16 - 2013-09-08 22:54 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-08 23:16 - 2013-09-08 22:53 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-08 22:09 - 2013-09-08 22:09 - 00000000 ____D C:\Users\bash\AppData\Local\Mozilla
2013-09-08 22:09 - 2013-09-08 22:09 - 00000000 ____D C:\ProgramData\Mozilla
2013-09-08 22:04 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2013-09-08 22:01 - 2013-09-08 22:01 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2013-09-08 21:56 - 2013-09-08 21:56 - 00000000 ____D C:\Users\bash\AppData\Local\VirtualStore
2013-09-08 21:55 - 2013-09-08 21:55 - 00000020 ___SH C:\Users\bash\ntuser.ini
2013-09-08 21:55 - 2013-09-08 21:55 - 00000000 ____D C:\Recovery
2013-09-08 21:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-01 17:08 - 2013-09-14 18:31 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-30 09:48 - 2013-09-08 23:18 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2013-09-08 23:18 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2013-09-08 23:18 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-09-08 23:18 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-30 09:48 - 2013-09-08 23:18 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-08-30 09:48 - 2013-09-08 23:18 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2013-09-08 23:18 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2013-09-08 23:18 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-30 09:47 - 2013-09-08 23:16 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-08-30 09:47 - 2013-09-08 22:57 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-08-23 03:32 - 2013-08-23 03:32 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2013-08-23 03:32 - 2013-08-23 03:32 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_43.dll
2013-08-23 03:32 - 2013-08-23 03:32 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-08-23 03:32 - 2013-08-23 03:32 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_43.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-12 18:06
==================== End Of Log ============================
|
|
21.09.2013, 11:51
| #3 |
| | Infizierte Kopie von c:\windows\SysWow64\wshtcpip.dll wurde gefunden und desinfiziertCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-09-2013 01 Ran by bash at 2013-09-21 12:15:52 Running from C:\Users\bash\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= 7-Zip 9.20 (x64 edition) (Version: 9.20.00.0) AbiWord 2.8.6 (x32 Version: 2.8.6) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168) Ashampoo Burning Studio 2013 v.11.0.6 (x32 Version: 11.0.6) avast! Free Antivirus (x32 Version: 8.0.1497.0) calibre 64bit (Version: 1.3.0) CCleaner (Version: 4.05) ESET Online Scanner v3 (x32) G-Force (x32 Version: 5.1.1) Java 7 Update 40 (x32 Version: 7.0.400) Java Auto Updater (x32 Version: 2.1.9.8) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Mixxx 1.11.0 (64-bit) (x32 Version: 1.11.0) Mobile Partner (x32 Version: 11.302.06.07.40) Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0) Next Generation Visualisations (x32 Version: 1.0.0) NVIDIA Drivers (Version: 1.10.62.40) NVIDIA Grafiktreiber 307.83 (Version: 307.83) NVIDIA Install Application (Version: 2.1002.109.706) NVIDIA Systemsteuerung 307.83 (Version: 307.83) NVIDIA Update 1.10.8 (Version: 1.10.8) NVIDIA Update Components (Version: 1.10.8) PDF-Viewer (Version: 2.5.212.0) Sandboxie 4.04 (64-bit) (Version: 4.04) Secunia PSI (3.0.0.7011) (x32 Version: 3.0.0.7011) Skype™ 6.7 (x32 Version: 6.7.102) Windows 7 Logon Background Changer (x32 Version: 1.5.2) ==================== Restore Points ========================= 20-09-2013 16:03:22 Geplanter Prüfpunkt ==================== Hosts content: ========================== 2009-07-14 04:34 - 2013-09-21 12:06 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {208E61E0-DF7B-43AA-AD5B-4ED7939186F8} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: {75E9719C-3AC7-4012-98E8-E8FF47C62E6B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd) Task: {7D484718-B25C-4AB4-BE10-185739BB73C4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software) Task: {96E5FDCE-907D-4D84-82DD-C24ADA1010DD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-21] (Microsoft Corporation) Task: {C820DAA5-D1A8-4C2A-9BCB-AC4D72A40258} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11] (Adobe Systems Incorporated) Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File Task: {F7A3A843-0D5A-48C2-879C-6A27957D74DD} - \{ACA5F95D-D8B2-4D38-973F-4802DDBD0695} No Task File Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2009-07-14 02:22 - 2009-07-14 03:38 - 00081408 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm 2013-09-18 15:54 - 2013-09-11 04:26 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-09-11 16:58 - 2013-09-11 16:58 - 16177544 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ==================== Alternate Data Streams (whitelisted) ========== ==================== Faulty Device Manager Devices ============= Name: Standardtastatur (PS/2) Description: Standardtastatur (PS/2) Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Standardtastaturen) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (09/20/2013 06:03:23 PM) (Source: VSS) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-3216138899-974872428-841672105-1012.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig. . Vorgang: OnIdentify-Ereignis Generatordaten werden gesammelt Kontext: Ausführungskontext: Shadow Copy Optimization Writer Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {ee24bcb1-4864-4352-b976-2494c7a886f3} Error: (09/20/2013 02:15:51 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/18/2013 05:24:00 PM) (Source: VSS) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-3216138899-974872428-841672105-1012.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig. . Vorgang: OnIdentify-Ereignis Generatordaten werden gesammelt Kontext: Ausführungskontext: Shadow Copy Optimization Writer Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {9ed7d2f0-607d-4ab3-89ba-318e92a692b2} Error: (09/18/2013 03:34:27 PM) (Source: Windows Search Service) (User: ) Description: Der Index kann nicht initialisiert werden. Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/18/2013 03:34:27 PM) (Source: Windows Search Service) (User: ) Description: Die Anwendung kann nicht initialisiert werden. Kontext: Windows Anwendung Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/18/2013 03:34:27 PM) (Source: Windows Search Service) (User: ) Description: Das Gatherer-Objekt kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/18/2013 03:34:27 PM) (Source: Windows Search Service) (User: ) Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490) Error: (09/18/2013 03:34:26 PM) (Source: Windows Search Service) (User: ) Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/18/2013 03:34:26 PM) (Source: Windows Search Service) (User: ) Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800) Error: (09/18/2013 03:34:26 PM) (Source: Windows Search Service) (User: ) Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet. Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) System errors: ============= Error: (09/21/2013 00:05:56 PM) (Source: WMPNetworkSvc) (User: ) Description: Dienst "WMPNetworkSvc" konnte nicht ordnungsgemäß gestartet werden, da ein Fehler "0x80004005" in "CoCreateInstance(CLSID_UPnPDeviceFinder)" aufgetreten ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente "UPnPHost" richtig installiert ist. Error: (09/21/2013 00:04:30 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT) Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten. Error: (09/21/2013 11:59:11 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT) Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten. Error: (09/21/2013 11:58:25 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Error: (09/21/2013 11:55:12 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Error: (09/21/2013 11:41:10 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (09/21/2013 11:41:10 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht. Error: (09/21/2013 11:39:58 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT) Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten. Error: (09/20/2013 11:24:16 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT) Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten. Error: (09/20/2013 07:46:32 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Microsoft Office Sessions: ========================= Error: (09/20/2013 06:03:23 PM) (Source: VSS)(User: ) Description: ConvertStringSidToSid(S-1-5-21-3216138899-974872428-841672105-1012.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig. Vorgang: OnIdentify-Ereignis Generatordaten werden gesammelt Kontext: Ausführungskontext: Shadow Copy Optimization Writer Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {ee24bcb1-4864-4352-b976-2494c7a886f3} Error: (09/20/2013 02:15:51 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (09/18/2013 05:24:00 PM) (Source: VSS)(User: ) Description: ConvertStringSidToSid(S-1-5-21-3216138899-974872428-841672105-1012.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig. Vorgang: OnIdentify-Ereignis Generatordaten werden gesammelt Kontext: Ausführungskontext: Shadow Copy Optimization Writer Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Generatorname: Shadow Copy Optimization Writer Generatorinstanz-ID: {9ed7d2f0-607d-4ab3-89ba-318e92a692b2} Error: (09/18/2013 03:34:27 PM) (Source: Windows Search Service)(User: ) Description: Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/18/2013 03:34:27 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Windows Anwendung Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/18/2013 03:34:27 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/18/2013 03:34:27 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490) Search.TripoliIndexer Error: (09/18/2013 03:34:26 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Search.JetPropStore Error: (09/18/2013 03:34:26 PM) (Source: Windows Search Service)(User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800) Error: (09/18/2013 03:34:26 PM) (Source: Windows Search Service)(User: ) Description: Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) The catalog is corrupt CodeIntegrity Errors: =================================== Date: 2013-09-17 16:22:52.659 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2013-09-17 16:22:52.596 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Percentage of memory in use: 31% Total physical RAM: 4991.3 MB Available physical RAM: 3410.64 MB Total Pagefile: 9980.79 MB Available Pagefile: 8298.99 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:37.17 GB) (Free:9.8 GB) NTFS Drive e: (Mobile Partner) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS Drive h: (DATENSAU) (Removable) (Total:14.9 GB) (Free:11.78 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 37 GB) (Disk ID: 00008FF5) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=37 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 15 GB) (Disk ID: 0001B96A) Partition 1: (Not Active) - (Size=15 GB) - (Type=0C) ==================== End Of Log ============================ Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.21.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16686 bash :: BASH-PC [Administrator] 21.09.2013 12:25:20 mbam-log-2013-09-21 (12-25-20).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 240915 Laufzeit: 7 Minute(n), 46 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter # AdwCleaner v3.004 - Bericht erstellt am 17/09/2013 um 16:36:27
# Updated 15/09/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : bash - BASH-PC
# Gestartet von : C:\Users\1887\Desktop\AdwCleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16686
-\\ Mozilla Firefox v23.0.1 (de)
[ Datei : C:\Users\bash\AppData\Roaming\Mozilla\Firefox\Profiles\7moju7vn.default\prefs.js ]
[ Datei : C:\Users\1887\AppData\Roaming\Mozilla\Firefox\Profiles\f512v6ji.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [892 octets] - [17/09/2013 16:35:36]
AdwCleaner[S0].txt - [816 octets] - [17/09/2013 16:36:27]
########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [875 octets] ##########
AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.004 - Bericht erstellt am 18/09/2013 um 13:34:24
# Updated 15/09/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : bash - BASH-PC
# Gestartet von : C:\Users\bash\Desktop\AdwCleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16686
-\\ Mozilla Firefox v23.0.1 (de)
[ Datei : C:\Users\bash\AppData\Roaming\Mozilla\Firefox\Profiles\7moju7vn.default\prefs.js ]
[ Datei : C:\Users\1887\AppData\Roaming\Mozilla\Firefox\Profiles\f512v6ji.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1847 octets] - [17/09/2013 16:35:36]
AdwCleaner[S0].txt - [1769 octets] - [17/09/2013 16:36:27]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1829 octets] ##########
AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.004 - Bericht erstellt am 21/09/2013 um 12:19:09
# Updated 15/09/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : bash - BASH-PC
# Gestartet von : C:\Users\bash\Desktop\AdwCleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16686
-\\ Mozilla Firefox v24.0 (de)
[ Datei : C:\Users\bash\AppData\Roaming\Mozilla\Firefox\Profiles\7moju7vn.default\prefs.js ]
[ Datei : C:\Users\1887\AppData\Roaming\Mozilla\Firefox\Profiles\g3q61txk.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [2801 octets] - [17/09/2013 16:35:36]
AdwCleaner[S0].txt - [2724 octets] - [17/09/2013 16:36:27]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2784 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Windows 7 Home Premium x64
Ran by bash on 21.09.2013 at 12:33:39,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.09.2013 at 12:41:47,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
| Themen zu Infizierte Kopie von c:\windows\SysWow64\wshtcpip.dll wurde gefunden und desinfiziert |
| adobe, adobe flash player, agent, antivirus, avast, combofix, dateien, defender, desktop, explorer, firefox, flash player, generic, home, infizierte, mozilla, neu, nvidia, prozesse, setup, system, system32, tracker, updates, windows, wshtcpip.dll |
Linear-Darstellung
