| |
| |||||||
Log-Analyse und Auswertung: win mediaplayer startet nicht! infiziert?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
09.12.2013, 16:14
| #16 |
| /// the machine /// TB-Ausbilder    |  win mediaplayer startet nicht! infiziert? Win 7 DVD zur Hand?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.12.2013, 19:52
| #17 |
 | win mediaplayer startet nicht! infiziert? Nein,
__________________den Laptop mit vorinstallierter software gekauft. Nur eine recovery-systemwiederherstellung moeglich. Ist wohl auf C: Das habe ich ja vor etwa 2 wochen durchgefuehrt. Mit dem Erfolg, dass der mediaplayer nicht startete. Sieht nicht gut aus? Gruss Tomfroland Hi, Ich habe eben mit "svchost process analyser" die laufenden prozesse am schirm, das sieht nicht gut aus. Svchost.exe ID 1216. Gruppe: Keine microsoft datei. Zugriff wird verweigert Aussefdem 4 aktive dienste. wo ebenfalls der zugriff verweigert ist. Und das system die angegdbene datei nicht finden kann. Alle haben etwas mit dem netzwerk zu tun. Ob der rechner da noch mir gehoert.??? Schade dass ich das bild nicht posten kann Gruss Tomfroland melde mich nochmals, weil ich mir die Mühe mache und alle ungewöhnlichen Prozesse auflisten will. da sind neben dem vorhin schon beschriebenen Prozess noch 5 Dienste in einem svchost-exe aktiv. Anzeigename............................................Dienstna.....Datei nicht zu finden Zugriff.verw. 1. Netzwerkspeicher-Schnittstellendienst.......nsi.............detto 2. NLA(Network Lokation Awareness..............NlaSvc.......detto 3. TPC/IP-NetBIOS-Hilfsdienst......................Imhosts......detto 4. WinHTTP-WebProxyAuto-Discovery-Dienst..WinHttpAutoProxySvc Datei: winhttp.dll auch diese Datei kann das System nicht finden aber hier Status: deaktiviert Ich weiss nicht ob das weiterhilft oder unnötig war, jedenfalls habe ich mich bemüht... aufgefallen ist mir noch, dass nun überall in "Eigenschaften/Sicherheit" dieser ominöse ERSTELLER-BESITZER aufscheint - mit speziellen Berechtigungen" Ist dieser nun der eigentliche Herrr über meinen Rechner? schlimm wärs  und damit genug für heute.mfG tomfroland  |
|
10.12.2013, 10:40
| #18 |
| /// the machine /// TB-Ausbilder | win mediaplayer startet nicht! infiziert? Du hast erst ne komplette Recovery auf Werkseinstellungen gemacht? Irgendwas ist da total verbogen.
__________________
__________________ |
|
10.12.2013, 13:08
| #19 |
| | win mediaplayer startet nicht! infiziert? Ja am 27.11. Habe ich den rechner ueber die samsung recovery in den auslieferungszustand versetzt und dann alle win updates etc gemacht, es funktionierte alles bis auf den mediaplayer. Deswegen hab ich mich an euch um hilfe gewandt. Du kannst das in meinem 1. Thread vielleicht noch nachlesen ( uebersehen? ) mfg tomfroland Hab ich nun einen schaedling drauf, gibt es einen hinweis? Ich starte nur mehr im abgesicherten modus, weil im normalstart nach einiger zeit oder manchmal auch gleich nach wenigen minuten der schirm schwarz ist. Im abgesicherten modus ist dies noch nie passier. Die graphikkarte ist jedoch lt. Systemsteuerung ok, es steht dort "alles funkt. einwandfrei " Dies als nachtrag zum status quo gruss tomfroland |
|
10.12.2013, 14:18
| #20 |
| /// the machine /// TB-Ausbilder | win mediaplayer startet nicht! infiziert? Grafikkartentreiber mal erneuert? Das würde das erklären das Du im Safe Mode keine Probleme hast. Malware ist da keine. Ich würd ne Recovery machen. keine Programme und keine DAten aufspielen, dann erstmal alle Treiber und alle Funktionen testen inkl Media Player.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.12.2013, 14:46
| #21 |
| | win mediaplayer startet nicht! infiziert? Nochmals ein recovery....dann ist das system 4 jahre alt. Da sind natuerlich schon gewisse programme drauf. Wie kann ich alles durchtesten wenn ich keine dateien habe Ausserdem ist die virensoftware nicht mehr zu aktalisieren weil es dafuer kein update mehr gibt, Ich muss also zumindest bevor ich online gehe eine neue AV draufgeben Und dann gibt es da noch mehrere huntert win updates. Wie gehe ich da am besten vor... formatieren geht wegen dem recovery ja wohl nicht. Was mach ich als erstes nach dem erfoltem recovery? Hab auf einem usb avast das koennte ich ohne internet gegen das "AVG oder so" austauschen. Die recovery kann nicht verseucht sein ? PS.: der graphiktreiber ist auf dem neuesten stand. bin draufgekommen, dass der schirm immer dann schawarz wird, wenn ich den laptop bewege - dürfte also ein kontaktfehler zwischen schirm und gehäuse sein- wenn da keine malware drauf ist, warum soll ich denn den ganzen recovery aufwand betreiben. nur wegen dem nicht möglichem adobe reader update? könnte ja auch durch einen anderen reader ersetzt werden. sonst läuft der rechner ja einwandfrei -ich will nur sicher sein, dass da kein schädlich drinnen ist. was ist den dazu deine meinung? mfg tomfroland Geändert von tomfroland (10.12.2013 um 15:32 Uhr) Grund: PS |
|
11.12.2013, 08:11
| #22 |
| |  win mediaplayer startet nicht! infiziert? hallo schrauber, hab einen OTL scan nach Vorschrift gemacht und sehe da am ende des logfiles einige "EORROR" werde es posten. wenn das unnötig war, entschuldige bitte Code:
ATTFilter OTL logfile created on: 12/11/2013 7:28:44 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tom\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000409 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 2.99 Gb Total Physical Memory | 1.93 Gb Available Physical Memory | 64.46% Memory free 5.98 Gb Paging File | 4.64 Gb Available in Paging File | 77.64% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 180.26 Gb Total Space | 102.42 Gb Free Space | 56.82% Space Free | Partition Type: NTFS Drive D: | 270.40 Gb Total Space | 208.61 Gb Free Space | 77.15% Space Free | Partition Type: NTFS Computer Name: TOM-PC | User Name: tom | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\tom\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe () PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC) PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics) PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) PRC - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe () ========== Modules (No Company Name) ========== MOD - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll () MOD - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll () MOD - C:\Program Files\Google\Chrome\Application\31.0.1650.63\libglesv2.dll () MOD - C:\Program Files\Google\Chrome\Application\31.0.1650.63\libegl.dll () MOD - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll () MOD - C:\Program Files\AVAST Software\Avast\libcef.dll () MOD - C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe () MOD - C:\Program Files\Samsung\Samsung Update Plus\HMXML.dll () MOD - C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll () ========== Services (SafeList) ========== SRV - (Rezip) -- C:\windows\SYSTEM32\Rezip.exe File not found SRV - (Partner Service) -- C:\ProgramData\Partner\Partner.exe File not found SRV - (IEEtwCollectorService) -- C:\windows\System32\IEEtwCollector.exe (Microsoft Corporation) SRV - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation) SRV - (OberonGameConsoleService) -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe () SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (catchme) -- C:\Users\tom\AppData\Local\Temp\catchme.sys File not found DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswNdis2) -- C:\windows\System32\drivers\aswNdis2.sys (AVAST Software) DRV - (aswNdis) -- C:\Windows\System32\drivers\aswNdis.sys (ALWIL Software) DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software) DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software) DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswVmm) -- C:\windows\System32\drivers\aswVmm.sys () DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software) DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswRvrt) -- C:\windows\System32\drivers\aswRvrt.sys () DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (rtport) -- C:\Windows\System32\drivers\rtport.sys (Windows (R) 2003 DDK 3790 provider) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (Impcd) -- C:\Windows\System32\drivers\Impcd.sys (Intel Corporation) DRV - (TurboB) -- C:\Windows\System32\drivers\TurboB.sys () DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys () DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.) DRV - (btusbflt) -- C:\Windows\System32\drivers\btusbflt.sys (Broadcom Corporation.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2339853823-2107313754-116825072-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKU\S-1-5-21-2339853823-2107313754-116825072-1001\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKU\S-1-5-21-2339853823-2107313754-116825072-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR IE - HKU\S-1-5-21-2339853823-2107313754-116825072-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_dePH564 IE - HKU\S-1-5-21-2339853823-2107313754-116825072-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-2339853823-2107313754-116825072-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - Extension: Google Docs = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Google Wallet = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\ CHR - Extension: Google Mail = C:\Users\tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found O3 - HKU\S-1-5-21-2339853823-2107313754-116825072-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\windows\System32\SPReview\SPReview.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\windows\System32\SPReview\SPReview.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2339853823-2107313754-116825072-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2339853823-2107313754-116825072-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D0C6259-5E61-4865-9431-317DC1CB92E1}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/12/11 07:18:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\tom\Desktop\OTL.exe [2013/12/10 10:01:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager [2013/12/09 17:40:30 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan [2013/12/09 17:40:24 | 000,000,000 | ---D | C] -- C:\Program Files\Security Task Manager [2013/12/09 10:30:37 | 000,247,192 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswNdis2.sys [2013/12/09 10:30:37 | 000,054,832 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswRdr.sys [2013/12/09 10:30:22 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\windows\System32\drivers\aswNdis.sys [2013/12/09 10:03:24 | 000,000,000 | ---D | C] -- C:\Users\tom\CCleaner_Sicherungen [2013/12/09 09:38:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2013/12/09 09:38:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013/12/08 01:33:51 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Local\Facebook [2013/12/06 23:54:02 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2013/12/06 21:16:01 | 000,000,000 | ---D | C] -- C:\windows\ERUNT [2013/12/06 20:07:12 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\dvdcss [2013/12/06 00:49:35 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\vlc [2013/12/06 00:42:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013/12/06 00:42:34 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2013/12/05 23:29:00 | 000,000,000 | ---D | C] -- C:\windows\temp [2013/12/05 23:28:24 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013/12/05 23:21:21 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe [2013/12/05 23:21:21 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe [2013/12/05 23:21:21 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe [2013/12/05 22:46:08 | 000,000,000 | ---D | C] -- C:\Qoobox [2013/12/05 22:45:44 | 000,000,000 | ---D | C] -- C:\windows\erdnt [2013/12/04 22:13:30 | 000,000,000 | ---D | C] -- C:\windows\Minidump [2013/12/04 02:23:26 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\windows\System32\nvhdagenco32.dll [2013/12/04 02:23:26 | 000,161,056 | ---- | C] (NVIDIA Corporation) -- C:\windows\System32\drivers\nvhda32v.sys [2013/12/04 02:23:26 | 000,028,448 | ---- | C] (NVIDIA Corporation) -- C:\windows\System32\nvhdap32.dll [2013/12/03 23:51:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2013/12/03 23:51:37 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2013/12/03 05:18:29 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Local\ElevatedDiagnostics [2013/12/02 22:00:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013/11/28 22:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in [2013/11/28 22:41:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013/11/28 22:05:42 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Local\WindowsUpdate [2013/11/28 21:32:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio [2013/11/28 21:27:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8 [2013/11/28 21:20:14 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [2013/11/28 16:35:27 | 000,000,000 | ---D | C] -- C:\windows\Migration [2013/11/28 16:33:42 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usbport.sys [2013/11/28 16:33:42 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usbd.sys [2013/11/28 16:16:29 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe [2013/11/28 16:05:12 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\rdpvideominiport.sys [2013/11/28 16:05:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TsUsbRedirectionGroupPolicyControl.exe [2013/11/28 16:05:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TsUsbRedirectionGroupPolicyExtension.dll [2013/11/28 16:05:10 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RdpGroupPolicyExtension.dll [2013/11/28 16:05:08 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\TsUsbFlt.sys [2013/11/28 16:05:05 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wksprt.exe [2013/11/28 16:05:05 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\aaclient.dll [2013/11/28 16:05:05 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpudd.dll [2013/11/28 16:05:05 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpendp_winip.dll [2013/11/28 16:05:05 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TSWbPrxy.exe [2013/11/28 16:05:05 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MsRdpWebAccess.dll [2013/11/28 16:05:05 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tsgqec.dll [2013/11/28 16:05:05 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TsUsbGDCoInstaller.dll [2013/11/28 16:05:05 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wksprtPS.dll [2013/11/28 16:05:04 | 002,739,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcorets.dll [2013/11/28 16:00:48 | 004,240,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll [2013/11/28 16:00:48 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2013/11/28 16:00:48 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl [2013/11/28 16:00:48 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtmlmedia.dll [2013/11/28 16:00:48 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dll [2013/11/28 16:00:48 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MsSpellCheckingFacility.exe [2013/11/28 16:00:48 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsIntl.dll [2013/11/28 16:00:48 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dat [2013/11/28 16:00:48 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9diag.dll [2013/11/28 16:00:48 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2013/11/28 16:00:48 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2013/11/28 16:00:48 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtmsft.dll [2013/11/28 16:00:48 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec [2013/11/28 16:00:48 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxtrans.dll [2013/11/28 16:00:48 | 000,238,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll [2013/11/28 16:00:48 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll [2013/11/28 16:00:48 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe [2013/11/28 16:00:48 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\elshyph.dll [2013/11/28 16:00:48 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msls31.dll [2013/11/28 16:00:48 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msrating.dll [2013/11/28 16:00:48 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iexpress.exe [2013/11/28 16:00:48 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wextract.exe [2013/11/28 16:00:48 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll [2013/11/28 16:00:48 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe [2013/11/28 16:00:48 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\IEAdvpack.dll [2013/11/28 16:00:48 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieetwcollector.exe [2013/11/28 16:00:48 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll [2013/11/28 16:00:48 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inseng.dll [2013/11/28 16:00:48 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SetIEInstalledDate.exe [2013/11/28 16:00:48 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe [2013/11/28 16:00:48 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MshtmlDac.dll [2013/11/28 16:00:48 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll [2013/11/28 16:00:48 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\pngfilt.dll [2013/11/28 16:00:48 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieetwproxystub.dll [2013/11/28 16:00:48 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtmler.dll [2013/11/28 16:00:48 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll [2013/11/28 16:00:48 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2013/11/28 16:00:48 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\imgutil.dll [2013/11/28 16:00:48 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\JavaScriptCollectionAgent.dll [2013/11/28 16:00:48 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll [2013/11/28 16:00:48 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll [2013/11/28 16:00:48 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe [2013/11/28 16:00:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieetwcollectorres.dll [2013/11/28 15:59:13 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qdvd.dll [2013/11/28 15:57:06 | 000,000,000 | R--D | C] -- C:\Users\tom\Searches [2013/11/28 14:39:54 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskhost.exe [2013/11/28 14:39:36 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d2d1.dll [2013/11/28 14:39:36 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msmpeg2vdec.dll [2013/11/28 14:39:36 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10warp.dll [2013/11/28 14:39:36 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll [2013/11/28 14:39:36 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsPrint.dll [2013/11/28 14:39:36 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10.dll [2013/11/28 14:39:36 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10level9.dll [2013/11/28 14:39:36 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMPhoto.dll [2013/11/28 14:39:36 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll [2013/11/28 14:39:36 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxgi.dll [2013/11/28 14:39:36 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1core.dll [2013/11/28 14:39:36 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10core.dll [2013/11/28 14:39:36 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WindowsCodecsExt.dll [2013/11/28 14:39:36 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\UIAnimation.dll [2013/11/28 14:39:36 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1.dll [2013/11/28 14:39:36 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/11/28 14:39:36 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/11/28 14:39:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/11/28 14:39:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/11/28 14:39:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll [2013/11/28 14:39:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/11/28 14:39:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-version-l1-1-0.dll [2013/11/28 14:39:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/11/28 14:39:36 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/11/28 14:38:43 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d11.dll [2013/11/28 14:36:16 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\certutil.exe [2013/11/28 14:36:15 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\certenc.dll [2013/11/28 14:36:01 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMVDECOD.DLL [2013/11/28 14:35:49 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncrypt.dll [2013/11/28 14:35:49 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sspisrv.dll [2013/11/28 14:35:39 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cryptdlg.dll [2013/11/28 14:35:36 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netcorehc.dll [2013/11/28 14:35:36 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncsi.dll [2013/11/28 14:35:35 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netevent.dll [2013/11/28 14:35:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll [2013/11/28 14:35:30 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\OxpsConverter.exe [2013/11/28 14:35:26 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\authui.dll [2013/11/28 14:35:26 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SmartcardCredentialProvider.dll [2013/11/28 14:35:22 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\hidclass.sys [2013/11/28 14:35:22 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\hidparse.sys [2013/11/28 14:35:21 | 002,348,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2013/11/28 14:35:10 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll [2013/11/28 14:35:10 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fontsub.dll [2013/11/28 14:35:10 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll [2013/11/28 14:35:10 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dciman32.dll [2013/11/28 14:34:58 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\scavengeui.dll [2013/11/28 14:34:56 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxgmms1.sys [2013/11/28 14:34:56 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\RNDISMP.sys [2013/11/28 14:34:54 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe [2013/11/28 14:34:54 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe [2013/11/28 14:34:54 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tdh.dll [2013/11/28 14:34:44 | 000,133,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\ataport.sys [2013/11/28 14:34:36 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dhcpcore6.dll [2013/11/28 14:34:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dhcpcsvc6.dll [2013/11/28 14:34:34 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qedit.dll [2013/11/28 14:34:31 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\nshwfp.dll [2013/11/28 14:34:31 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\FWPUCLNT.DLL [2013/11/28 14:34:27 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\conhost.exe [2013/11/28 14:34:27 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll [2013/11/28 14:34:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-1-0.dll [2013/11/28 14:34:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2013/11/28 14:34:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2013/11/28 14:34:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-1-0.dll [2013/11/28 14:34:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-misc-l1-1-0.dll [2013/11/28 14:34:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2013/11/28 14:34:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2013/11/28 14:34:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2013/11/28 14:34:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-memory-l1-1-0.dll [2013/11/28 14:34:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2013/11/28 14:34:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-string-l1-1-0.dll [2013/11/28 14:34:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2013/11/28 14:34:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-profile-l1-1-0.dll [2013/11/28 14:34:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2013/11/28 14:34:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2013/11/28 14:34:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2013/11/28 14:34:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-heap-l1-1-0.dll [2013/11/28 14:34:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-io-l1-1-0.dll [2013/11/28 14:34:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-handle-l1-1-0.dll [2013/11/28 14:34:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2013/11/28 14:34:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2013/11/28 14:34:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2013/11/28 14:34:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-debug-l1-1-0.dll [2013/11/28 14:34:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2013/11/28 14:34:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-security-base-l1-1-0.dll [2013/11/28 14:34:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-util-l1-1-0.dll [2013/11/28 14:34:20 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-1-0.dll [2013/11/28 14:34:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-console-l1-1-0.dll [2013/11/28 14:34:16 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PresentationCFFRasterizerNative_v0300.dll [2013/11/28 14:34:16 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wwanprotdim.dll [2013/11/28 14:24:57 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\consent.exe [2013/11/28 01:24:03 | 000,000,000 | ---D | C] -- C:\Users\tom\Witziges [2013/11/28 01:23:56 | 000,000,000 | ---D | C] -- C:\Users\tom\Weisheiten [2013/11/28 01:23:52 | 000,000,000 | ---D | C] -- C:\Users\tom\Vokabel [2013/11/28 01:18:29 | 000,000,000 | ---D | C] -- C:\Users\tom\Tests [2013/11/28 01:17:46 | 000,000,000 | ---D | C] -- C:\Users\tom\Sinnestäuschung [2013/11/28 01:15:46 | 000,000,000 | ---D | C] -- C:\Users\tom\Präsentationen [2013/11/28 01:15:15 | 000,000,000 | ---D | C] -- C:\Users\tom\Meine Scans [2013/11/27 23:40:15 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\Skype [2013/11/27 23:40:02 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2013/11/27 23:40:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013/11/27 23:40:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2013/11/27 23:39:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2013/11/27 21:22:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-Disabled [2013/11/27 20:32:14 | 000,000,000 | ---D | C] -- C:\windows\System32\SPReview [2013/11/27 20:31:24 | 000,000,000 | ---D | C] -- C:\windows\System32\EventProviders [2013/11/27 20:16:24 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc40.dll [2013/11/27 20:16:24 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc40u.dll [2013/11/27 20:16:23 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc_isv.dll [2013/11/27 20:16:22 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc.dll [2013/11/27 20:16:22 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate_isv.exe [2013/11/27 20:16:21 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate.exe [2013/11/27 20:16:20 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spwizui.dll [2013/11/27 20:16:19 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mf.dll [2013/11/27 20:16:19 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mcupdate_GenuineIntel.dll [2013/11/27 20:16:18 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\CertEnroll.dll [2013/11/27 20:16:17 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PresentationHost.exe [2013/11/27 20:16:17 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PresentationHostProxy.dll [2013/11/27 20:16:15 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\AuthFWSnapin.dll [2013/11/27 20:16:15 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RacEngn.dll [2013/11/27 20:16:13 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ExplorerFrame.dll [2013/11/27 20:16:12 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d9.dll [2013/11/27 20:16:11 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskschd.dll [2013/11/27 20:16:10 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spinstall.exe [2013/11/27 20:16:10 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spreview.exe [2013/11/27 20:16:09 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dwmcore.dll [2013/11/27 20:16:09 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wer.dll [2013/11/27 20:16:08 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\diagperf.dll [2013/11/27 20:16:07 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WinSAT.exe [2013/11/27 20:16:07 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TSWorkspace.dll [2013/11/27 20:16:07 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tsmf.dll [2013/11/27 20:16:06 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dbgeng.dll [2013/11/27 20:16:03 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mmcndmgr.dll [2013/11/27 20:16:03 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sppobjs.dll [2013/11/27 20:16:03 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\imapi2fs.dll [2013/11/27 20:16:03 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdrm.dll [2013/11/27 20:16:03 | 000,252,928 | ---- | C] (Microsoft) -- C:\windows\System32\DShowRdpFilter.dll [2013/11/27 20:16:03 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netfxperf.dll [2013/11/27 20:16:02 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PortableDeviceApi.dll [2013/11/27 20:16:02 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mcbuilder.exe [2013/11/27 20:16:01 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\xpsservices.dll [2013/11/27 20:16:01 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\certmgr.dll [2013/11/27 20:16:01 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winload.exe [2013/11/27 20:16:01 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sppwinob.dll [2013/11/27 20:16:01 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drvstore.dll [2013/11/27 20:16:00 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cmd.exe [2013/11/27 20:16:00 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\framedynos.dll [2013/11/27 20:15:59 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winresume.exe [2013/11/27 20:15:59 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmicmiplugin.dll [2013/11/27 20:15:59 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfds.dll [2013/11/27 20:15:58 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\werconcpl.dll [2013/11/27 20:15:58 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\azroles.dll [2013/11/27 20:15:57 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfreadwrite.dll [2013/11/27 20:15:57 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\basecsp.dll [2013/11/27 20:15:56 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\NaturalLanguage6.dll [2013/11/27 20:15:56 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\calc.exe [2013/11/27 20:15:56 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\evr.dll [2013/11/27 20:15:56 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WinSATAPI.dll [2013/11/27 20:15:56 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskcomp.dll [2013/11/27 20:15:55 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\UIRibbon.dll [2013/11/27 20:15:55 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sqlsrv32.dll [2013/11/27 20:15:55 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\lpksetup.exe [2013/11/27 20:15:55 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fveapi.dll [2013/11/27 20:15:55 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vpnike.dll [2013/11/27 20:15:54 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\hgprint.dll [2013/11/27 20:15:53 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmpeffects.dll [2013/11/27 20:15:53 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\prncache.dll [2013/11/27 20:15:52 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ci.dll [2013/11/27 20:15:52 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WSDApi.dll [2013/11/27 20:15:52 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\aepdu.dll [2013/11/27 20:15:52 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\net1.exe [2013/11/27 20:15:52 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rpchttp.dll [2013/11/27 20:15:52 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\aitagent.exe [2013/11/27 20:15:51 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMVCORE.DLL [2013/11/27 20:15:51 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wlangpui.dll [2013/11/27 20:15:51 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\scansetting.dll [2013/11/27 20:15:51 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MMDevAPI.dll [2013/11/27 20:15:51 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\QSHVHOST.DLL [2013/11/27 20:15:50 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\pnidui.dll [2013/11/27 20:15:50 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webservices.dll [2013/11/27 20:15:50 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fde.dll [2013/11/27 20:15:50 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\t2embed.dll [2013/11/27 20:15:49 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SyncCenter.dll [2013/11/27 20:15:49 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sdengin2.dll [2013/11/27 20:15:49 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netdiagfx.dll [2013/11/27 20:15:49 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wscapi.dll [2013/11/27 20:15:48 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSMPEG2ENC.DLL [2013/11/27 20:15:48 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mcmde.dll [2013/11/27 20:15:47 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DXPTaskRingtone.dll [2013/11/27 20:15:47 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\imapi2.dll [2013/11/27 20:15:47 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\aeinv.dll [2013/11/27 20:15:47 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\setupcl.exe [2013/11/27 20:15:46 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMPEncEn.dll [2013/11/27 20:15:46 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dwmredir.dll [2013/11/27 20:15:45 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\bootres.dll [2013/11/27 20:15:45 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Narrator.exe [2013/11/27 20:15:45 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\autofmt.exe [2013/11/27 20:15:45 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vaultsvc.dll [2013/11/27 20:15:45 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\hbaapi.dll [2013/11/27 20:15:44 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\halmacpi.dll [2013/11/27 20:15:44 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\hal.dll [2013/11/27 20:15:44 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netiohlp.dll [2013/11/27 20:15:44 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\audiodg.exe [2013/11/27 20:15:44 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\proquota.exe [2013/11/27 20:15:43 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\autoconv.exe [2013/11/27 20:15:43 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ipsmsnap.dll [2013/11/27 20:15:43 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msinfo32.exe [2013/11/27 20:15:43 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\srchadmin.dll [2013/11/27 20:15:43 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\AudioSes.dll [2013/11/27 20:15:43 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mimefilt.dll [2013/11/27 20:15:42 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\powercpl.dll [2013/11/27 20:15:42 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msihnd.dll [2013/11/27 20:15:42 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\eapphost.dll [2013/11/27 20:15:42 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\framedyn.dll [2013/11/27 20:15:42 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tcpipcfg.dll [2013/11/27 20:15:42 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\schtasks.exe [2013/11/27 20:15:41 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\AuxiliaryDisplayCpl.dll [2013/11/27 20:15:41 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mscorier.dll [2013/11/27 20:15:40 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DXP.dll [2013/11/27 20:15:40 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\QAGENT.DLL [2013/11/27 20:15:40 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netid.dll [2013/11/27 20:15:39 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wdc.dll [2013/11/27 20:15:39 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\untfs.dll [2013/11/27 20:15:38 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wlanpref.dll [2013/11/27 20:15:38 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sdclt.exe [2013/11/27 20:15:38 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Vault.dll [2013/11/27 20:15:38 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\nci.dll [2013/11/27 20:15:37 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMNetMgr.dll [2013/11/27 20:15:37 | 000,098,816 | ---- | C] (Microsoft) -- C:\windows\System32\Robocopy.exe [2013/11/27 20:15:36 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DxpTaskSync.dll [2013/11/27 20:15:36 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Display.dll [2013/11/27 20:15:36 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdri.dll [2013/11/27 20:15:36 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sharemediacpl.dll [2013/11/27 20:15:36 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsRasterService.dll [2013/11/27 20:15:36 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\userinit.exe [2013/11/27 20:15:35 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DiagCpl.dll [2013/11/27 20:15:35 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\termmgr.dll [2013/11/27 20:15:35 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\puiobj.dll [2013/11/27 20:15:35 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\eudcedit.exe [2013/11/27 20:15:35 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\scsiport.sys [2013/11/27 20:15:34 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdtctm.dll [2013/11/27 20:15:34 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\FirewallControlPanel.dll [2013/11/27 20:15:34 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\biocpl.dll [2013/11/27 20:15:34 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wiadefui.dll [2013/11/27 20:15:34 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msconfig.exe [2013/11/27 20:15:34 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sppcomapi.dll [2013/11/27 20:15:34 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\logoncli.dll [2013/11/27 20:15:34 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\shsetup.dll [2013/11/27 20:15:33 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SensorsCpl.dll [2013/11/27 20:15:33 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\themecpl.dll [2013/11/27 20:15:33 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wpccpl.dll [2013/11/27 20:15:33 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dnscmmc.dll [2013/11/27 20:15:32 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mscms.dll [2013/11/27 20:15:32 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\localsec.dll [2013/11/27 20:15:32 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PhotoScreensaver.scr [2013/11/27 20:15:32 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\hgcpl.dll [2013/11/27 20:15:32 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mprddm.dll [2013/11/27 20:15:32 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mscories.dll [2013/11/27 20:15:31 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netcenter.dll [2013/11/27 20:15:31 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mblctr.exe [2013/11/27 20:15:31 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\VAN.dll [2013/11/27 20:15:31 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PerfCenterCPL.dll [2013/11/27 20:15:31 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\usercpl.dll [2013/11/27 20:15:31 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wlanui.dll [2013/11/27 20:15:31 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SndVol.exe [2013/11/27 20:15:31 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SndVolSSO.dll [2013/11/27 20:15:31 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\bcdsrv.dll [2013/11/27 20:15:31 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\prntvpt.dll [2013/11/27 20:15:31 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iasacct.dll [2013/11/27 20:15:31 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\w32tm.exe [2013/11/27 20:15:30 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\accessibilitycpl.dll [2013/11/27 20:15:30 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spwizeng.dll [2013/11/27 20:15:30 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\azroleui.dll [2013/11/27 20:15:30 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\ks.sys [2013/11/27 20:15:30 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fdeploy.dll [2013/11/27 20:15:29 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\networkmap.dll [2013/11/27 20:15:29 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\main.cpl [2013/11/27 20:15:29 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mspbda.dll [2013/11/27 20:15:29 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Faultrep.dll [2013/11/27 20:15:29 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSAC3ENC.DLL [2013/11/27 20:15:29 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\adsldp.dll [2013/11/27 20:15:29 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netjoin.dll [2013/11/27 20:15:28 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sud.dll [2013/11/27 20:15:28 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ActionCenter.dll [2013/11/27 20:15:28 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\prnfldr.dll [2013/11/27 20:15:28 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wusa.exe [2013/11/27 20:15:28 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MCEWMDRMNDBootstrap.dll [2013/11/27 20:15:28 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MediaMetadataHandler.dll [2013/11/27 20:15:28 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskbarcpl.dll [2013/11/27 20:15:28 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\OnLineIDCpl.dll [2013/11/27 20:15:27 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\bthprops.cpl [2013/11/27 20:15:27 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wpd_ci.dll [2013/11/27 20:15:27 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\shwebsvc.dll [2013/11/27 20:15:27 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sysmon.ocx [2013/11/27 20:15:27 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\intl.cpl [2013/11/27 20:15:27 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\slui.exe [2013/11/27 20:15:27 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iprtrmgr.dll [2013/11/27 20:15:27 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\defaultlocationcpl.dll [2013/11/27 20:15:27 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iasrad.dll [2013/11/27 20:15:27 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ifsutil.dll [2013/11/27 20:15:27 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\halacpi.dll [2013/11/27 20:15:27 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dot3cfg.dll [2013/11/27 20:15:27 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ftp.exe [2013/11/27 20:15:27 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sisbkup.dll [2013/11/27 20:15:26 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sdcpl.dll [2013/11/27 20:15:26 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TabletPC.cpl [2013/11/27 20:15:26 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ActionCenterCPL.dll [2013/11/27 20:15:26 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\efscore.dll [2013/11/27 20:15:26 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\autoplay.dll [2013/11/27 20:15:26 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\recovery.dll [2013/11/27 20:15:25 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\OobeFldr.dll [2013/11/27 20:15:25 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmpmde.dll [2013/11/27 20:15:25 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DeviceCenter.dll [2013/11/27 20:15:25 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\systemcpl.dll [2013/11/27 20:15:25 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\bcdedit.exe [2013/11/27 20:15:25 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\recdisc.exe [2013/11/27 20:15:25 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vdsutil.dll [2013/11/27 20:15:25 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sppnp.dll [2013/11/27 20:15:25 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WSTPager.ax [2013/11/27 20:15:24 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\blackbox.dll [2013/11/27 20:15:24 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntprint.dll [2013/11/27 20:15:24 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sethc.exe [2013/11/27 20:15:24 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ksproxy.ax [2013/11/27 20:15:24 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\bcdboot.exe [2013/11/27 20:15:23 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\nshipsec.dll [2013/11/27 20:15:23 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dpx.dll [2013/11/27 20:15:23 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wsqmcons.exe [2013/11/27 20:15:23 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmpsrcwp.dll [2013/11/27 20:15:23 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\AuxiliaryDisplayServices.dll [2013/11/27 20:15:23 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\NAPHLPR.DLL [2013/11/27 20:15:23 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\migisol.dll [2013/11/27 20:15:23 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\windows\System32\fms.dll [2013/11/27 20:15:23 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\asycfilt.dll [2013/11/27 20:15:22 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msftedit.dll [2013/11/27 20:15:22 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dfrgui.exe [2013/11/27 20:15:22 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wlanmsm.dll [2013/11/27 20:15:22 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dot3ui.dll [2013/11/27 20:15:22 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ReAgent.dll [2013/11/27 20:15:22 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wavemsp.dll [2013/11/27 20:15:22 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sysclass.dll [2013/11/27 20:15:22 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ocsetup.exe [2013/11/27 20:15:22 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\isoburn.exe [2013/11/27 20:15:22 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzutil.exe [2013/11/27 20:15:21 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wvc.dll [2013/11/27 20:15:21 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wimgapi.dll [2013/11/27 20:15:21 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PkgMgr.exe [2013/11/27 20:15:21 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qcap.dll [2013/11/27 20:15:21 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\windows\twain_32.dll [2013/11/27 20:15:20 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\SmiEngine.dll [2013/11/27 20:15:20 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ssText3d.scr [2013/11/27 20:15:20 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\srrstr.dll [2013/11/27 20:15:20 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qasf.dll [2013/11/27 20:15:20 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\uxlib.dll [2013/11/27 20:15:20 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\setupugc.exe [2013/11/27 20:15:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\slwga.dll [2013/11/27 20:15:19 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmdrmsdk.dll [2013/11/27 20:15:19 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msscp.dll [2013/11/27 20:15:19 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\diskraid.exe [2013/11/27 20:15:19 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DevicePairingFolder.dll [2013/11/27 20:15:19 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wwanconn.dll [2013/11/27 20:15:19 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\nslookup.exe [2013/11/27 20:15:19 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mciavi32.dll [2013/11/27 20:15:18 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drmmgrtn.dll [2013/11/27 20:15:18 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wimserv.exe [2013/11/27 20:15:18 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WindowsAnytimeUpgradeResults.exe [2013/11/27 20:15:18 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\input.dll [2013/11/27 20:15:18 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpencom.dll [2013/11/27 20:15:18 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\perfmon.exe [2013/11/27 20:15:18 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\NAPCRYPT.DLL [2013/11/27 20:15:18 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\acppage.dll [2013/11/27 20:15:17 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\onexui.dll [2013/11/27 20:15:17 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\nltest.exe [2013/11/27 20:15:17 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iTVData.dll [2013/11/27 20:15:17 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxdiagn.dll [2013/11/27 20:15:17 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wpdwcn.dll [2013/11/27 20:15:17 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ocsetapi.dll [2013/11/27 20:15:17 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vdsbas.dll [2013/11/27 20:15:17 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\UserAccountControlSettings.dll [2013/11/27 20:15:17 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\bfsvc.exe [2013/11/27 20:15:17 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\runonce.exe [2013/11/27 20:15:17 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vpnikeapi.dll [2013/11/27 20:15:16 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\eapp3hst.dll [2013/11/27 20:15:16 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MFPlay.dll [2013/11/27 20:15:16 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\rmcast.sys [2013/11/27 20:15:16 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\logagent.exe [2013/11/27 20:15:15 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\OpcServices.dll [2013/11/27 20:15:15 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Bubbles.scr [2013/11/27 20:15:15 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmdrmdev.dll [2013/11/27 20:15:15 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sqlcese30.dll [2013/11/27 20:15:15 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\bitsadmin.exe [2013/11/27 20:15:15 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\shacct.dll [2013/11/27 20:15:15 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tabcal.exe [2013/11/27 20:15:15 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PnPUnattend.exe [2013/11/27 20:15:15 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\unimdmat.dll [2013/11/27 20:15:15 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpd3d.dll [2013/11/27 20:15:15 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iscsium.dll [2013/11/27 20:15:15 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\lsmproxy.dll [2013/11/27 20:15:14 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PortableDeviceStatus.dll [2013/11/27 20:15:14 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WPDSp.dll [2013/11/27 20:15:14 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Mystify.scr [2013/11/27 20:15:14 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Ribbons.scr [2013/11/27 20:15:14 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PortableDeviceSyncProvider.dll [2013/11/27 20:15:14 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ActionQueue.dll [2013/11/27 20:15:14 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\powercfg.cpl [2013/11/27 20:15:14 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MdSched.exe [2013/11/27 20:15:14 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\QSVRMGMT.DLL [2013/11/27 20:15:14 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\kstvtune.ax [2013/11/27 20:15:14 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\logman.exe [2013/11/27 20:15:14 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\olethk32.dll [2013/11/27 20:15:14 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\lpremove.exe [2013/11/27 20:15:14 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncryptui.dll [2013/11/27 20:15:14 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\djoin.exe [2013/11/27 20:15:13 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMADMOD.DLL [2013/11/27 20:15:13 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMVSDECD.DLL [2013/11/27 20:15:13 | 000,257,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WindowsAnytimeUpgrade.exe [2013/11/27 20:15:13 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\VBICodec.ax [2013/11/27 20:15:13 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dot3msm.dll [2013/11/27 20:15:13 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wiavideo.dll [2013/11/27 20:15:13 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Kswdmcap.ax [2013/11/27 20:15:13 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fphc.dll [2013/11/27 20:15:13 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mapistub.dll [2013/11/27 20:15:13 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mapi32.dll [2013/11/27 20:15:13 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\takeown.exe [2013/11/27 20:15:13 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\utildll.dll [2013/11/27 20:15:12 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmdrmnet.dll [2013/11/27 20:15:12 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qdv.dll [2013/11/27 20:15:12 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msnetobj.dll [2013/11/27 20:15:12 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\EhStorAPI.dll [2013/11/27 20:15:12 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sppinst.dll [2013/11/27 20:15:11 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMSPDMOD.DLL [2013/11/27 20:15:11 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\unattend.dll [2013/11/27 20:15:11 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RelPost.exe [2013/11/27 20:15:11 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\setupcln.dll [2013/11/27 20:15:11 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cmstp.exe [2013/11/27 20:15:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\QCLIPROV.DLL [2013/11/27 20:15:11 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MuiUnattend.exe [2013/11/27 20:15:11 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cca.dll [2013/11/27 20:15:11 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vfwwdm32.dll [2013/11/27 20:15:11 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wsnmp32.dll [2013/11/27 20:15:11 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\pdhui.dll [2013/11/27 20:15:11 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\basesrv.dll [2013/11/27 20:15:10 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msorcl32.dll [2013/11/27 20:15:10 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\desk.cpl [2013/11/27 20:15:10 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iasrecst.dll [2013/11/27 20:15:10 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\umb.dll [2013/11/27 20:15:10 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\relog.exe [2013/11/27 20:15:10 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\PrintIsolationProxy.dll [2013/11/27 20:15:10 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\AzSqlExt.dll [2013/11/27 20:15:09 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\itircl.dll [2013/11/27 20:15:09 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iscsicli.exe [2013/11/27 20:15:09 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\diskpart.exe [2013/11/27 20:15:09 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc_ssp_isv.dll [2013/11/27 20:15:09 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\secproc_ssp.dll [2013/11/27 20:15:09 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\amstream.dll [2013/11/27 20:15:09 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spbcd.dll [2013/11/27 20:15:09 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MultiDigiMon.exe [2013/11/27 20:15:09 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\setbcdlocale.dll [2013/11/27 20:15:09 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wkscli.dll [2013/11/27 20:15:09 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WavDest.dll [2013/11/27 20:15:09 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netiougc.exe [2013/11/27 20:15:09 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netbtugc.exe [2013/11/27 20:15:09 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\nrpsrv.dll [2013/11/27 20:15:08 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\IMJP10.IME [2013/11/27 20:15:08 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\FXSTIFF.dll [2013/11/27 20:15:08 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate_ssp_isv.exe [2013/11/27 20:15:08 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmpps.dll [2013/11/27 20:15:08 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\eappgnui.dll [2013/11/27 20:15:08 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tlscsp.dll [2013/11/27 20:15:08 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\CertPolEng.dll [2013/11/27 20:15:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ksxbar.ax [2013/11/27 20:15:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WerFaultSecure.exe [2013/11/27 20:15:08 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ReAgentc.exe [2013/11/27 20:15:08 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\syssetup.dll [2013/11/27 20:15:07 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RMActivate_ssp.exe [2013/11/27 20:15:07 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sppc.dll [2013/11/27 20:15:07 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\windows\System32\iccvid.dll [2013/11/27 20:15:07 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\findstr.exe [2013/11/27 20:15:07 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mciqtz32.dll [2013/11/27 20:15:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wiarpc.dll [2013/11/27 20:15:07 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\muifontsetup.dll [2013/11/27 20:15:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\manage-bde.exe [2013/11/27 20:15:06 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\repair-bde.exe [2013/11/27 20:15:06 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\luainstall.dll [2013/11/27 20:15:06 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\unlodctr.exe [2013/11/27 20:15:06 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vbisurf.ax [2013/11/27 20:15:06 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wdiasqmmodule.dll [2013/11/27 20:15:06 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdmo.dll [2013/11/27 20:15:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usbrpm.sys [2013/11/27 20:15:06 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\netcfg.exe [2013/11/27 20:15:06 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\HotStartUserAgent.dll [2013/11/27 20:15:06 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\tdi.sys [2013/11/27 20:15:06 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spopk.dll [2013/11/27 20:15:05 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\UIRibbonRes.dll [2013/11/27 20:15:05 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetmib1.dll [2013/11/27 20:15:05 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\g711codc.ax [2013/11/27 20:15:05 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbcconf.dll [2013/11/27 20:15:05 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdprefdrvapi.dll [2013/11/27 20:15:04 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\FXSMON.dll [2013/11/27 20:15:04 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\perfts.dll [2013/11/27 20:15:03 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RDPENCDD.dll [2013/11/27 20:15:03 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\elsTrans.dll [2013/11/27 20:15:03 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TRAPI.dll [2013/11/27 20:15:03 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\bitsperf.dll [2013/11/27 20:15:03 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\schedcli.dll [2013/11/27 20:15:02 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\napdsnap.dll [2013/11/27 20:15:02 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dsauth.dll [2013/11/27 20:15:01 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\imkr80.ime [2013/11/27 20:15:01 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wsdchngr.dll [2013/11/27 20:15:01 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sscore.dll [2013/11/27 20:15:01 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\riched32.dll [2013/11/27 20:15:00 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcfgex.dll [2013/11/27 20:14:59 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wshirda.dll [2013/11/27 20:14:58 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\USBCAMD2.sys [2013/11/27 20:14:58 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\USBCAMD.sys [2013/11/27 20:14:58 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spwmp.dll [2013/11/27 20:14:57 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RDPREFDD.dll [2013/11/27 20:14:57 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\C_ISCII.DLL [2013/11/27 20:14:57 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\shunimpl.dll [2013/11/27 20:14:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdxm.ocx [2013/11/27 20:14:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dxmasf.dll [2013/11/27 20:14:56 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmploc.DLL [2013/11/27 20:14:56 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\kbdlk41a.dll [2013/11/27 20:14:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDSF.DLL [2013/11/27 20:14:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDNEPR.DLL [2013/11/27 20:14:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDUS.DLL [2013/11/27 20:14:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDUGHR1.DLL [2013/11/27 20:14:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDTURME.DLL [2013/11/27 20:14:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDTAJIK.DLL [2013/11/27 20:14:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDMON.DLL [2013/11/27 20:14:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDMAORI.DLL [2013/11/27 20:14:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDLT1.DLL [2013/11/27 20:14:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDINTEL.DLL [2013/11/27 20:14:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDINORI.DLL [2013/11/27 20:14:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDINKAN.DLL [2013/11/27 20:14:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDBULG.DLL [2013/11/27 20:14:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDBLR.DLL [2013/11/27 20:14:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDBASH.DLL [2013/11/27 20:14:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDGEO.DLL [2013/11/27 20:14:55 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\nlsbres.dll [2013/11/27 20:14:55 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\BlbEvents.dll [2013/11/27 20:14:55 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\pifmgr.dll [2013/11/27 20:14:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\spwizres.dll [2013/11/27 20:14:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDSG.DLL [2013/11/27 20:14:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDCZ1.DLL [2013/11/27 20:14:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDTUQ.DLL [2013/11/27 20:14:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDTUF.DLL [2013/11/27 20:14:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDPO.DLL [2013/11/27 20:14:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDINBEN.DLL [2013/11/27 20:14:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDGR1.DLL [2013/11/27 20:14:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDGKL.DLL [2013/11/27 20:14:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDINTAM.DLL [2013/11/27 20:14:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDINMAR.DLL [2013/11/27 20:14:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\KBDINHIN.DLL [2013/11/27 20:14:19 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wdscore.dll [2013/11/27 20:14:12 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wbemcomn.dll [2013/11/27 20:14:08 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sqmapi.dll [2013/11/27 20:05:22 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\Malwarebytes [2013/11/27 20:05:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013/11/27 20:05:01 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2013/11/27 20:05:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013/11/27 20:03:23 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Local\Programs [2013/11/27 19:37:44 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\storport.sys [2013/11/27 19:37:43 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fsutil.exe [2013/11/27 19:37:41 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fsquirt.exe [2013/11/27 19:17:05 | 000,026,136 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswKbd.sys [2013/11/27 19:16:56 | 000,259,928 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswNdisFlt.sys [2013/11/27 18:12:46 | 000,000,000 | ---D | C] -- C:\windows\System32\MRT [2013/11/27 18:12:24 | 000,000,000 | ---D | C] -- C:\windows\System32\Wat [2013/11/27 17:55:34 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\GlarySoft [2013/11/27 17:51:09 | 000,230,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MpSigStub.exe [2013/11/27 17:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group [2013/11/27 17:21:45 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\AVAST Software [2013/11/27 17:21:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast [2013/11/27 17:21:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013/11/27 17:19:34 | 000,774,392 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys [2013/11/27 17:19:34 | 000,403,440 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys [2013/11/27 17:19:34 | 000,070,384 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys [2013/11/27 17:19:34 | 000,057,672 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys [2013/11/27 17:19:33 | 000,269,216 | ---- | C] (AVAST Software) -- C:\windows\System32\aswBoot.exe [2013/11/27 17:19:33 | 000,079,720 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswRdr2.sys [2013/11/27 17:19:33 | 000,035,656 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys [2013/11/27 17:19:30 | 000,043,152 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr [2013/11/27 17:19:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013/11/27 17:18:36 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2013/11/27 17:14:35 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\Macromedia [2013/11/27 17:11:35 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\WdfLdr.sys [2013/11/27 17:11:34 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Wdfres.dll [2013/11/27 17:10:41 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WUDFPlatform.dll [2013/11/27 17:10:39 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WUDFCoinstaller.dll [2013/11/27 17:10:38 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WUDFx.dll [2013/11/27 16:59:24 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cdosys.dll [2013/11/27 16:59:18 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\System32\fpb.rs [2013/11/27 16:59:18 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\System32\oflc-nz.rs [2013/11/27 16:59:18 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\System32\pegibbfc.rs [2013/11/27 16:59:18 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\System32\csrr.rs [2013/11/27 16:59:18 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\System32\cob-au.rs [2013/11/27 16:59:18 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\System32\usk.rs [2013/11/27 16:59:18 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\System32\grb.rs [2013/11/27 16:59:18 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi-pt.rs [2013/11/27 16:59:18 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi.rs [2013/11/27 16:59:18 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\System32\djctq.rs [2013/11/27 16:59:17 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\gameux.dll [2013/11/27 16:59:17 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Wpc.dll [2013/11/27 16:59:13 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\System32\cero.rs [2013/11/27 16:59:13 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\System32\esrb.rs [2013/11/27 16:59:13 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\System32\oflc.rs [2013/11/27 16:59:13 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi-fi.rs [2013/11/27 16:58:54 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\sbe.dll [2013/11/27 16:58:54 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\CPFilters.dll [2013/11/27 16:58:53 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mpg2splt.ax [2013/11/27 16:58:37 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\csrsrv.dll [2013/11/27 16:58:26 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\netio.sys [2013/11/27 16:58:26 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\FWPKCLNT.SYS [2013/11/27 16:58:24 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\webio.dll [2013/11/27 16:57:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msxml3r.dll [2013/11/27 16:57:41 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\EncDec.dll [2013/11/27 16:57:37 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tquery.dll [2013/11/27 16:57:37 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssrch.dll [2013/11/27 16:57:37 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssvp.dll [2013/11/27 16:57:37 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssph.dll [2013/11/27 16:57:37 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssphtb.dll [2013/11/27 16:57:36 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msscntrs.dll [2013/11/27 16:57:35 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dpnet.dll [2013/11/27 16:57:35 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dpnaddr.dll [2013/11/27 16:57:32 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usb8023.sys [2013/11/27 16:56:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dnscacheugc.exe [2013/11/27 16:56:45 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\timedate.cpl [2013/11/27 16:56:31 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\srcore.dll [2013/11/27 16:56:31 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rstrui.exe [2013/11/27 16:56:28 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\quartz.dll [2013/11/27 16:56:25 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbcjt32.dll [2013/11/27 16:56:25 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbctrac.dll [2013/11/27 16:56:25 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbccp32.dll [2013/11/27 16:56:25 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbccu32.dll [2013/11/27 16:56:25 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbccr32.dll [2013/11/27 16:56:21 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\packager.dll [2013/11/27 16:56:17 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\browcli.dll [2013/11/27 16:56:14 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\profprov.dll [2013/11/27 16:56:13 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\psisdecd.dll [2013/11/27 16:56:13 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\psisrndr.ax [2013/11/27 16:56:12 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSNP.ax [2013/11/27 16:56:12 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Mpeg2Data.ax [2013/11/27 16:56:12 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSDvbNP.ax [2013/11/27 16:56:09 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\prevhost.exe [2013/11/27 16:56:08 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WFS.exe [2013/11/27 16:56:08 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\FXSCOVER.exe [2013/11/27 16:56:04 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\synceng.dll [2013/11/27 16:56:03 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcorekmts.dll [2013/11/27 16:56:03 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpwsx.dll [2013/11/27 16:56:03 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdrmemptylst.exe [2013/11/27 16:47:12 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\poqexec.exe [2013/11/27 16:47:11 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42u.dll [2013/11/27 16:47:11 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42.dll [2013/11/27 16:47:10 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\Diskdump.sys [2013/11/27 16:45:25 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cdd.dll [2013/11/27 16:40:32 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcore.dll [2013/11/27 16:39:08 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\Google [2013/11/27 16:39:08 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Local\Google [2013/11/27 16:38:50 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\Adobe [2013/11/27 16:35:15 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wucltux.dll [2013/11/27 16:35:15 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups2.dll [2013/11/27 16:35:07 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapi.dll [2013/11/27 16:35:07 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wudriver.dll [2013/11/27 16:35:07 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wups.dll [2013/11/27 16:35:02 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuwebv.dll [2013/11/27 16:35:01 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wuapp.exe [2013/11/27 16:33:16 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Local\Diagnostics [2013/11/27 16:29:09 | 000,000,000 | ---D | C] -- C:\Users\tom\AppData\Roaming\InstallShield ========== Files - Modified Within 30 Days ========== [2013/12/11 07:23:06 | 000,014,736 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/12/11 07:23:06 | 000,014,736 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/12/11 07:21:30 | 000,698,926 | ---- | M] () -- C:\windows\System32\perfh007.dat [2013/12/11 07:21:30 | 000,653,724 | ---- | M] () -- C:\windows\System32\perfh009.dat [2013/12/11 07:21:30 | 000,149,034 | ---- | M] () -- C:\windows\System32\perfc007.dat [2013/12/11 07:21:30 | 000,121,596 | ---- | M] () -- C:\windows\System32\perfc009.dat [2013/12/11 07:19:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tom\Desktop\OTL.exe [2013/12/11 07:16:28 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013/12/11 07:15:35 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013/12/11 07:15:33 | 000,000,316 | ---- | M] () -- C:\windows\tasks\GlaryInitialize 4.job [2013/12/11 07:14:51 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013/12/11 07:14:46 | 3209,216,000 | -HS- | M] () -- C:\hiberfil.sys [2013/12/09 16:53:46 | 000,001,177 | ---- | M] () -- C:\Users\tom\Desktop\svchostanalyzer.exe - Verknüpfung.lnk [2013/12/09 10:30:55 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\avast! SafeZone.lnk [2013/12/09 10:30:36 | 000,054,832 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswRdr.sys [2013/12/09 10:30:22 | 000,247,192 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswNdis2.sys [2013/12/09 10:30:22 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\windows\System32\drivers\aswNdis.sys [2013/12/09 09:38:44 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013/12/08 17:43:30 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat [2013/12/04 02:23:26 | 000,892,704 | ---- | M] (NVIDIA Corporation) -- C:\windows\System32\nvhdagenco32.dll [2013/12/04 02:23:26 | 000,161,056 | ---- | M] (NVIDIA Corporation) -- C:\windows\System32\drivers\nvhda32v.sys [2013/12/04 02:23:26 | 000,028,448 | ---- | M] (NVIDIA Corporation) -- C:\windows\System32\nvhdap32.dll [2013/12/03 04:02:11 | 000,000,000 | ---- | M] () -- C:\Users\tom\defogger_reenable [2013/12/02 21:04:16 | 000,000,355 | ---- | M] () -- C:\Users\tom\Desktop\Computer - Verknüpfung.lnk [2013/12/02 21:04:07 | 000,000,649 | ---- | M] () -- C:\Users\tom\Desktop\tom - Verknüpfung.lnk [2013/11/28 22:42:48 | 000,430,144 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2013/11/28 21:20:14 | 000,001,222 | ---- | M] () -- C:\Users\tom\Desktop\Revo Uninstaller.lnk [2013/11/28 16:00:48 | 004,240,384 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll [2013/11/28 16:00:48 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2013/11/28 16:00:48 | 001,926,656 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl [2013/11/28 16:00:48 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtmlmedia.dll [2013/11/28 16:00:48 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dll [2013/11/28 16:00:48 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\MsSpellCheckingFacility.exe [2013/11/28 16:00:48 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jsIntl.dll [2013/11/28 16:00:48 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieapfltr.dat [2013/11/28 16:00:48 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jscript9diag.dll [2013/11/28 16:00:48 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2013/11/28 16:00:48 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2013/11/28 16:00:48 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dxtmsft.dll [2013/11/28 16:00:48 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\html.iec [2013/11/28 16:00:48 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dxtrans.dll [2013/11/28 16:00:48 | 000,238,288 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll [2013/11/28 16:00:48 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\url.dll [2013/11/28 16:00:48 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe [2013/11/28 16:00:48 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\elshyph.dll [2013/11/28 16:00:48 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msls31.dll [2013/11/28 16:00:48 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msrating.dll [2013/11/28 16:00:48 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iexpress.exe [2013/11/28 16:00:48 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\wextract.exe [2013/11/28 16:00:48 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll [2013/11/28 16:00:48 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe [2013/11/28 16:00:48 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\IEAdvpack.dll [2013/11/28 16:00:48 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieetwcollector.exe [2013/11/28 16:00:48 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll [2013/11/28 16:00:48 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\inseng.dll [2013/11/28 16:00:48 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\SetIEInstalledDate.exe [2013/11/28 16:00:48 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe [2013/11/28 16:00:48 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\MshtmlDac.dll [2013/11/28 16:00:48 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll [2013/11/28 16:00:48 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\pngfilt.dll [2013/11/28 16:00:48 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieetwproxystub.dll [2013/11/28 16:00:48 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mshtmler.dll [2013/11/28 16:00:48 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll [2013/11/28 16:00:48 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2013/11/28 16:00:48 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\imgutil.dll [2013/11/28 16:00:48 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\JavaScriptCollectionAgent.dll [2013/11/28 16:00:48 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll [2013/11/28 16:00:48 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll [2013/11/28 16:00:48 | 000,016,284 | ---- | M] () -- C:\windows\System32\ieuinit.inf [2013/11/28 16:00:48 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe [2013/11/28 16:00:48 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ieetwcollectorres.dll [2013/11/28 14:39:54 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\taskhost.exe [2013/11/28 14:39:36 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\d2d1.dll [2013/11/28 14:39:36 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msmpeg2vdec.dll [2013/11/28 14:39:36 | 001,988,096 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\d3d10warp.dll [2013/11/28 14:39:36 | 001,247,744 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll [2013/11/28 14:39:36 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\XpsPrint.dll [2013/11/28 14:39:36 | 001,080,832 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\d3d10.dll [2013/11/28 14:39:36 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\d3d10level9.dll [2013/11/28 14:39:36 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\WMPhoto.dll [2013/11/28 14:39:36 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll [2013/11/28 14:39:36 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\dxgi.dll [2013/11/28 14:39:36 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\d3d10_1core.dll [2013/11/28 14:39:36 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\d3d10core.dll [2013/11/28 14:39:36 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\WindowsCodecsExt.dll [2013/11/28 14:39:36 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\UIAnimation.dll [2013/11/28 14:39:36 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\d3d10_1.dll [2013/11/28 14:39:36 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/11/28 14:39:36 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/11/28 14:39:36 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/11/28 14:39:36 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/11/28 14:39:36 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll [2013/11/28 14:39:36 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/11/28 14:39:36 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-version-l1-1-0.dll [2013/11/28 14:39:36 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/11/28 14:39:36 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/11/28 14:38:43 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\d3d11.dll [2013/11/27 20:53:17 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\msclmd.dll [2013/11/27 20:05:04 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013/11/27 19:16:58 | 000,026,136 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswKbd.sys [2013/11/27 19:16:56 | 000,259,928 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswNdisFlt.sys [2013/11/27 17:19:31 | 000,774,392 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys [2013/11/27 17:19:31 | 000,403,440 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys [2013/11/27 17:19:31 | 000,178,304 | ---- | M] () -- C:\windows\System32\drivers\aswVmm.sys [2013/11/27 17:19:31 | 000,079,720 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswRdr2.sys [2013/11/27 17:19:31 | 000,070,384 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys [2013/11/27 17:19:31 | 000,057,672 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys [2013/11/27 17:19:31 | 000,049,944 | ---- | M] () -- C:\windows\System32\drivers\aswRvrt.sys [2013/11/27 17:19:31 | 000,035,656 | ---- | M] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys [2013/11/27 17:19:30 | 000,269,216 | ---- | M] (AVAST Software) -- C:\windows\System32\aswBoot.exe [2013/11/27 17:19:30 | 000,043,152 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr ========== Files Created - No Company Name ========== [2013/12/09 16:53:46 | 000,001,177 | ---- | C] () -- C:\Users\tom\Desktop\svchostanalyzer.exe - Verknüpfung.lnk [2013/12/09 09:38:44 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013/12/08 17:43:30 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat [2013/12/05 23:21:21 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe [2013/12/05 23:21:21 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe [2013/12/05 23:21:21 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe [2013/12/05 23:21:21 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe [2013/12/05 23:21:21 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe [2013/12/03 04:02:11 | 000,000,000 | ---- | C] () -- C:\Users\tom\defogger_reenable [2013/12/02 21:04:16 | 000,000,355 | ---- | C] () -- C:\Users\tom\Desktop\Computer - Verknüpfung.lnk [2013/12/02 21:04:07 | 000,000,649 | ---- | C] () -- C:\Users\tom\Desktop\tom - Verknüpfung.lnk [2013/11/28 16:00:48 | 000,016,284 | ---- | C] () -- C:\windows\System32\ieuinit.inf [2013/11/28 01:25:22 | 000,058,468 | ---- | C] () -- C:\Users\tom\broker-deutsche Sparkassen.pdf [2013/11/28 01:25:22 | 000,042,585 | ---- | C] () -- C:\Users\tom\rep.hinten.JPG [2013/11/28 01:25:22 | 000,003,515 | ---- | C] () -- C:\Users\tom\bmw_lenkst_rep.vorne.htm [2013/11/27 20:16:14 | 000,146,852 | ---- | C] () -- C:\windows\System32\systemsf.ebd [2013/11/27 20:15:04 | 000,010,429 | ---- | C] () -- C:\windows\System32\ScavengeSpace.xml [2013/11/27 20:14:54 | 000,105,559 | ---- | C] () -- C:\windows\System32\RacRules.xml [2013/11/27 20:05:04 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013/11/27 19:17:36 | 000,002,185 | ---- | C] () -- C:\Users\Public\Desktop\avast! SafeZone.lnk [2013/11/27 18:09:21 | 000,001,409 | ---- | C] () -- C:\Users\tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013/11/27 17:55:34 | 000,000,316 | ---- | C] () -- C:\windows\tasks\GlaryInitialize 4.job [2013/11/27 17:25:45 | 000,001,222 | ---- | C] () -- C:\Users\tom\Desktop\Revo Uninstaller.lnk [2013/11/27 17:19:34 | 000,178,304 | ---- | C] () -- C:\windows\System32\drivers\aswVmm.sys [2013/11/27 17:19:34 | 000,049,944 | ---- | C] () -- C:\windows\System32\drivers\aswRvrt.sys [2013/11/27 17:11:39 | 000,000,003 | ---- | C] () -- C:\windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2013/11/27 17:10:38 | 000,000,003 | ---- | C] () -- C:\windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2013/11/27 17:03:02 | 000,001,098 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013/11/27 17:03:00 | 000,001,094 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2010/09/10 14:17:55 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2013/12/04 16:30:30 | 000,000,000 | ---D | M] -- C:\Users\frk\AppData\Roaming\AVAST Software [2013/11/27 17:21:45 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\AVAST Software [2013/12/08 17:01:10 | 000,000,000 | ---D | M] -- C:\Users\tom\AppData\Roaming\GlarySoft ========== Purity Check ========== < End of report > |
|
11.12.2013, 08:24
| #23 |
| | win mediaplayer startet nicht! infiziert? es war zu gross um es zusammen zu posten (zippen schaffe ich ja nicht) hier das 2. file extras.txt mit den "ERROR" am ende Code:
ATTFilter OTL Extras logfile created on: 12/11/2013 7:28:44 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tom\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
2.99 Gb Total Physical Memory | 1.93 Gb Available Physical Memory | 64.46% Memory free
5.98 Gb Paging File | 4.64 Gb Available in Paging File | 77.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 180.26 Gb Total Space | 102.42 Gb Free Space | 56.82% Space Free | Partition Type: NTFS
Drive D: | 270.40 Gb Total Space | 208.61 Gb Free Space | 77.15% Space Free | Partition Type: NTFS
Computer Name: TOM-PC | User Name: tom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-2339853823-2107313754-116825072-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2E213CE3-A987-436F-8AC5-5BFC4B31A8ED}" = lport=2869 | protocol=6 | dir=in | app=system |
"{74F726A6-4B2F-4815-8CCB-7E5B316A5CCE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{75810129-7AF2-4C64-B4A3-B849655BF5FF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{79B3F8E5-CDA8-4DF2-8FF5-E697D9AF4CF8}" = lport=10243 | protocol=6 | dir=in | app=system |
"{956F3C19-A80B-45E4-A152-DD51A69F0892}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9E4E80E9-4935-4424-9DD2-0382C0CE4C04}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BCFBBC19-0873-45EC-9677-211DCD1ED401}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{C2DDF5F0-C04D-42A2-81DE-DAB1E0F783D8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E222E2FC-B0BF-4BBE-AC4F-22467E5E151B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{EA555E11-C076-4B2F-979F-570A44AB4E35}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F5361EF9-8D22-4B57-946F-AB0FDDE4AED6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FC7B0766-115F-4E8A-9D56-CEB5B5AE9C0E}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{191F1F5F-2FD3-4590-B902-F49117C9CFBF}" = protocol=6 | dir=out | app=system |
"{211FAB08-B0B2-416C-ABBD-8064A46129CC}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{21A07498-8D89-4041-AEA8-75B3582070C1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2DDAEA0D-CA6E-477F-8AB0-93323D94E92A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{49096A43-2BB4-4585-8E26-6CE3F8584362}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4AC32B37-C946-4036-A619-295F33B2480C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{50AD84C6-CB9F-4960-975D-204E09E70424}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{5F49EFBF-032D-4919-A232-665306DE2FA8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{73A89CE8-C770-4A9C-AA94-515609E7CA3D}" = dir=in | app=c:\program files\cyberlink\powerdvd8\powerdvd8.exe |
"{7783EE7C-D77D-4F68-B365-A5FC0E0AFC12}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{80C9F179-B944-44E3-BEA7-40BF6D283195}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{849973C5-5384-4703-A5EC-B174F225BA25}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{853A75A0-2A3D-4CE9-8165-65A9D922E612}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{946F2294-D85E-4BD6-80A2-915EB1139BE5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9834C646-CCCA-4C03-AEE5-9BC59ECDD8DD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9A67AB94-51DE-437D-9D12-AF57C2CC1B2C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9CABBD3D-D6AE-4574-9300-A36CA24992CA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B2B2CE2C-E1AE-42D3-997B-68B2256A0C05}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C607B7F9-57D4-495B-8BE1-6B7326407409}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D5403191-4F17-420D-B925-9E29DC34D3EA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E43EE227-D8E3-441B-A848-D5687CF39D72}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E9E582DE-FAE1-447E-B84F-1D11F45A5E85}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{ED24A079-F048-42A3-A9EE-D631F5493D93}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F0FD7F4A-3A16-41EC-9241-8C5531E69F81}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0A353130-D22C-41DD-8C67-1B02A05F2CE0}" = Samsung Support Center
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{34B76DCB-BF7C-440F-B058-C84172C1E338}" = Easy Network Manager
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Überwachungstool für die Intel® Turbo-Boost-Technik
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EED7541-55F8-4DC6-B9CD-28762D71310E}" = Samsung R-Series
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6317BB68-0331-355B-864F-A92A26952B22}" = Microsoft .NET Framework 4.5.1 (ITA)
"{63eafc52-b963-4297-a7eb-d412944e7065}_is1" = Game Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}" = BatteryLifeExtender
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036" = Microsoft .NET Framework 4.5.1 (Français)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040" = Microsoft .NET Framework 4.5.1 (Italiano)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9E871D09-064D-3BC9-963B-3AB8ABE1273D}" = Microsoft .NET Framework 4.5.1 (DEU)
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C507986C-A83D-3F09-9099-5E1AF20BE648}" = Microsoft .NET Framework 4.5.1 (FRA)
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2BC3383-F000-410C-A038-3846ADBE8D90}" = REALTEK Wireless LAN Software
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"755087041320E005CB1E8A67C5C55A260EB81B90" = Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407)
"7-Zip" = 7-Zip 9.20
"A6A8668C0A13640CA28FE2A7D9654BE4AE478B13" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Avast" = avast! Internet Security
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"CCleaner" = CCleaner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"NVIDIA Drivers" = NVIDIA Drivers
"Revo Uninstaller" = Revo Uninstaller 1.95
"Security Task Manager" = Security Task Manager 1.8g
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.1.1
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12/10/2013 5:32:05 AM | Computer Name = tom-PC | Source = VSS | ID = 8194
Description =
Error - 12/10/2013 9:51:02 AM | Computer Name = tom-PC | Source = Windows Search Service | ID = 9000
Description =
Error - 12/10/2013 9:51:02 AM | Computer Name = tom-PC | Source = Windows Search Service | ID = 7040
Description =
Error - 12/10/2013 9:51:02 AM | Computer Name = tom-PC | Source = Windows Search Service | ID = 9002
Description =
Error - 12/10/2013 9:51:02 AM | Computer Name = tom-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 12/10/2013 9:51:02 AM | Computer Name = tom-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 12/10/2013 9:51:02 AM | Computer Name = tom-PC | Source = Windows Search Service | ID = 3028
Description =
Error - 12/10/2013 9:51:02 AM | Computer Name = tom-PC | Source = Windows Search Service | ID = 3058
Description =
Error - 12/10/2013 9:51:02 AM | Computer Name = tom-PC | Source = Windows Search Service | ID = 7010
Description =
Error - 12/10/2013 9:51:02 AM | Computer Name = tom-PC | Source = Windows Search Service | ID = 7042
Description =
[ OSession Events ]
Error - 12/2/2013 5:51:56 PM | Computer Name = tom-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 12/2/2013 5:52:08 PM | Computer Name = tom-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 12/3/2013 9:46:01 AM | Computer Name = tom-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 26
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 12/10/2013 7:06:40 AM | Computer Name = tom-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 12/10/2013 7:06:41 AM | Computer Name = tom-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 12/10/2013 7:10:07 AM | Computer Name = tom-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR5 gefunden.
Error - 12/10/2013 7:10:08 AM | Computer Name = tom-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR5 gefunden.
Error - 12/10/2013 8:11:13 AM | Computer Name = tom-PC | Source = DCOM | ID = 10005
Description =
Error - 12/10/2013 9:49:50 AM | Computer Name = tom-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?10.?12.?2013 um 14:39:26 unerwartet heruntergefahren.
Error - 12/10/2013 9:50:14 AM | Computer Name = tom-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Rezip" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 12/10/2013 9:51:02 AM | Computer Name = tom-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-1073473535.
Error - 12/10/2013 9:51:05 AM | Computer Name = tom-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
Neustart des Diensts.
Error - 12/11/2013 2:15:20 AM | Computer Name = tom-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Rezip" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
< End of report >
|
|
11.12.2013, 13:18
| #24 |
| /// the machine /// TB-Ausbilder | win mediaplayer startet nicht! infiziert? Das sind nur die Meldungen, die OTL beim Windows Eventviewer abfrägt. Kannste meist ignorieren. Da ist auch speziell in deinem Fall nix aussagekräftiges dabei. Recovery ist gesichert gegen Befall  Und Schädlinge seh ich keine in den Logs.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.12.2013, 13:28
| #25 |
| | win mediaplayer startet nicht! infiziert? Hi, Na das sieht dann ja nicht uebel aus, ist Foxyt reader ist eine gute alternative zu adobe, Oder hast du einen besseren vorschlag..? Bedanke mich im voraus mit netten gruessen tomfroland |
|
12.12.2013, 09:23
| #26 |
| /// the machine /// TB-Ausbilder | win mediaplayer startet nicht! infiziert? Nö, Foxit ist schon gut
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.12.2013, 05:58
| #27 |
| | win mediaplayer startet nicht! infiziert? Hi schrauber, Nun scheint mein Lp wieder in ordnng zu sein; keine fehlermeldung mehr und alle programme funktionieren. Konnte auch den rest von adobe entfernen. Habe win firewall deactiviert und nun ist nur die firewall von avast security aktiv. ( bezahlte version) Ob ich auch panda AV aktiviert lassen soll, das ist meine letzte FRAGE an dich. Ich habe durch deine unterstuetzung und den ganzen aufwand sehr viel gelernt und werde nun vorsichtiger mit den downloads und internet umgehen. Bedanke mich mal sehr und verbleibe mfg tomfroland  ps.: avira und panda aktiv lassen? |
|
14.12.2013, 08:06
| #28 | |
| /// the machine /// TB-Ausbilder | win mediaplayer startet nicht! infiziert?Zitat:
Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.12.2013, 17:16
| #29 |
| | win mediaplayer startet nicht! infiziert? hi schrauber, ich poste ein log das mir verdächtig vorkommt, bitte kannst du dir das mal ansehen vielen dank und freundliche grüße tomfroland Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 22:23:32, on 15.12.2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16428) Boot mode: Normal Running processes: C:\windows\system32\taskhost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Secunia\PSI\psi_tray.exe C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\windows\system32\taskhost.exe C:\windows\system32\taskeng.exe C:\Users\tom\Downloads\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6B748CED5DA4980FA14AE9B32F53519F] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKUS\S-1-5-21-2339853823-2107313754-116825072-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2339853823-2107313754-116825072-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Partner Service - Unknown owner - C:\ProgramData\Partner\Partner.exe (file missing) O23 - Service: Rezip - Unknown owner - C:\windows\SYSTEM32\Rezip.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- End of file - 8105 bytes Code:
ATTFilter Runscanner logfile hxxp://www.runscanner.net * = signed file - = file not found General info ------------ Computer name : TOM-PC Creation time : 12/15/2013 3:51:46 PM Hosts <> 127.0.0.1 : 0 Hosts file location : %SystemRoot%\System32\drivers\etc IE version : 9.11.9600.16476 OS : Windows 7 Home Premium OS Build : 7601 OS SP : Service Pack 1 RunScanner Version : 2.0.0.60 User Language : Deutsch (Österreich) User rights : Administrator Windows folder : C:\windows Running processes ----------------- * C:\Windows\System32\services.exe (Microsoft Corporation) * C:\Windows\System32\taskeng.exe (Microsoft Corporation) * C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) * C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software) * C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) * C:\Windows\System32\csrss.exe (Microsoft Corporation) * C:\Windows\System32\csrss.exe (Microsoft Corporation) * C:\Windows\System32\dwm.exe (Microsoft Corporation) * C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.) * C:\Windows\System32\taskhost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\svchost.exe (Microsoft Corporation) * C:\Windows\System32\lsass.exe (Microsoft Corporation) * C:\Windows\System32\lsm.exe (Microsoft Corporation) * C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) * C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) * C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) * C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) * C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) * C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) * C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) * C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) C:\Windows\System32\Rezip.exe * C:\Program Files\CyberLink\Shared files\RichVideo.exe * C:\Users\tom\Downloads\runscanner20060.exe (Runscanner.net) * C:\Program Files\Secunia\PSI\psia.exe (Secunia) * C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia) * C:\Program Files\Secunia\PSI\sua.exe (Secunia) * C:\Windows\System32\spoolsv.exe (Microsoft Corporation) * C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) * C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) * C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) * C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Synaptics Incorporated) * C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) * C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software) * C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software) * C:\Program Files\Panda USB Vaccine\USBVaccine.exe (Panda Security) * C:\windows\system32\audiodg.exe (Microsoft Corporation) * C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) * C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.) * C:\Windows\System32\winlogon.exe (Microsoft Corporation) * C:\Windows\explorer.exe (Microsoft Corporation) * C:\Windows\System32\smss.exe (Microsoft Corporation) * C:\Windows\System32\wininit.exe (Microsoft Corporation) * C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation) Unrated items ------------- 002 * C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) 002 * C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) 005 * C:\PROGRA~1\Secunia\PSI\psi_tray.exe (Secunia) 006 * C:\PROGRA~1\Secunia\PSI\psi_tray.exe (Secunia) 010 * C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (.NET Runtime Optimization Service) 010 * C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe® Flash® Player Update Service 11.9 r900) 010 * C:\Program Files\AVAST Software\Avast\afwServ.exe (avast! firewall service) 010 * C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe ( Malwarebytes Anti-Malware ) 010 * C:\windows\system32\nvvsvc.exe (NVIDIA Driver Helper Service, Version 327.02) 010 * C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Settings Update Manager) 010 C:\windows\SYSTEM32\Rezip.exe (Rezip.exe) 010 * C:\Program Files\Secunia\PSI\PSIA.exe (Secunia PSI Agent) 010 * C:\Program Files\Secunia\PSI\sua.exe (Secunia Update Agent) 010 * C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Spybot-S&D 2 Background update service) 010 * C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Spybot-S&D 2 Scanner Service) 010 * C:\windows\System32\uxtuneup.dll (TuneUp Theme Extension) 010 * C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Utilities Service) 010 * C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Windows Security Center integration.) 011 * C:\windows\system32\drivers\aswRvrt.sys (aswRvrt.sys) 011 * C:\windows\system32\drivers\aswVmm.sys (aswVmm.sys) 011 * C:\windows\system32\drivers\aswFsBlk.sys (avast! File System Access Blocking Driver) 011 * C:\windows\system32\drivers\aswMonFlt.sys (avast! File System Minifilter for Windows 2003/Vista) 011 * C:\windows\system32\drivers\aswNdis2.sys (avast! Filtering NDIS driver) 011 * C:\windows\system32\drivers\aswKbd.sys (avast! Keyboard Filter Driver) 011 * C:\windows\system32\drivers\aswSP.sys (avast! self protection module) 011 * C:\windows\system32\drivers\aswTdi.sys (avast! TDI Filter Driver) 011 * C:\windows\system32\drivers\aswRdr.sys (avast! TDI Redirect Driver) 011 * C:\windows\system32\drivers\aswSnx.sys (avast! Virtualization Driver) 011 * C:\windows\system32\drivers\mbam.sys (MBAMProtector) 011 * C:\windows\system32\drivers\nvhda32v.sys (NVIDIA HDMI Audio Driver) 011 * C:\windows\system32\DRIVERS\nvlddmkm.sys (nvlddmkm) 011 * C:\windows\system32\DRIVERS\psi_mf_x86.sys (Secunia PSI Driver) 011 * C:\windows\system32\DRIVERS\TurboB.sys (TurboB.sys) 031 * C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} 035 * C:\Program Files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe (Google Inc.) {8A69D345-D564-463c-AFF1-A69D9E530F96} 041 * C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} 042 GUID / CLSID not found {CCA281CA-C863-46ef-9331-5C8D4460577F} 042 GUID / CLSID not found {2670000A-7350-4f3c-8081-5663EE0C6C49} 042 GUID / CLSID not found {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} 042 GUID / CLSID not found {92780B25-18CC-41C8-B9BE-3C9C571A8263} 052 * C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} 060 GUID / CLSID not found {E6FB5E20-DE35-11CF-9C87-00AA005127ED} 061 C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000} 061 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24} 061 * C:\Program Files\NVIDIA Corporation\Display\nvui.dll (NVIDIA Corporation) {A70C977A-BF00-412C-90B7-034C51DA2439} 061 * C:\windows\system32\nvshext.dll (NVIDIA Corporation) {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} 061 * C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll (Safer-Networking Ltd.) {44176360-2BBF-4EC1-93CE-384B8681A0BC} 061 * C:\Program Files\TuneUp Utilities 2012\DseShExt-x86.dll (TuneUp Software) {4838CD50-7E5D-4811-9B17-C47A85539F28} 061 * C:\Program Files\TuneUp Utilities 2012\SDShelEx-win32.dll (TuneUp Software) {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} 061 * C:\windows\System32\uxtuneup.dll (TuneUp Software) {44440D00-FF19-4AFC-B765-9A0970567D97} 062 GUID / CLSID not found {F9DB5320-233E-11D1-9F84-707F02C10627} 063 * C:\windows\system32\sdnclean.exe (Safer Networking Limited) 065 gamepack.exe : C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) 065 skype.exe : C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software) 073 Adobe Flash Player Updater.job : C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) 104 GUID / CLSID not found {C345E174-3E87-4F41-A01C-B066A90A49B4} 105 Bild an &Bluetooth-Gerät senden... : C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm 105 Nach Microsoft E&xel exportieren : res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 105 Seite an &Bluetooth-Gerät senden... : C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm 145 * C:\windows\system32\drivers\aswKbd.sys (AVAST Software) 173 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24} 173 * C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll (Foxit Corporation) {A94757A0-0226-426F-B4F1-4DF381C630D3} 173 * C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll (Safer-Networking Ltd.) {44176360-2BBF-4EC1-93CE-384B8681A0BC} 173 * C:\Program Files\TuneUp Utilities 2012\SDShelEx-win32.dll (TuneUp Software) {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} 221 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24} 221 * C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll (Foxit Corporation) {A94757A0-0226-426F-B4F1-4DF381C630D3} 221 * C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll (Safer-Networking Ltd.) {44176360-2BBF-4EC1-93CE-384B8681A0BC} 221 * C:\Program Files\TuneUp Utilities 2012\SDShelEx-win32.dll (TuneUp Software) {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} 223 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24} 223 * C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3} 225 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24} 225 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24} 225 * C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3} 225 * C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3} 225 * C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll (Safer-Networking Ltd.) {44176360-2BBF-4EC1-93CE-384B8681A0BC} 225 * C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll (Safer-Networking Ltd.) {44176360-2BBF-4EC1-93CE-384B8681A0BC} 227 C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000} 227 * C:\Program Files\TuneUp Utilities 2012\DseShExt-x86.dll (TuneUp Software) {4838CD50-7E5D-4811-9B17-C47A85539F28} 227 * C:\Program Files\TuneUp Utilities 2012\SDShelEx-win32.dll (TuneUp Software) {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} 229 * C:\windows\system32\nvshext.dll (NVIDIA Corporation) {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} 231 GUID / CLSID not found PDF Column Info 241 * C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) {472083B0-C522-11CF-8763-00608CC02F24} 251 C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov) {23170F69-40C1-278A-1000-000100020000} Missing files ------------- 010 C:\ProgramData\Partner\Partner.exe 011 C:\Users\tom\AppData\Local\Temp\catchme.sys 032 rdpclip 067 SDWinLogon.dll Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x86
Ran by tom on 14.12.2013 at 21:57:25,13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\kt_bho_dll.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\kt_bho.kettlebho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\kt_bho.kettlebho.1
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.12.2013 at 21:59:11,52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ich will ja nicht lästig sein, doch eben hab ich einen scan mit Sophos Anti Rootkit gemacht und da wurden 127 hidden files (meist in der Avast sandbox) und 2 hidden Einträge in der Registry gefunden. leider finde ich keine log.txt und kann daher nur davon so berichten was halten sie davon mfg tomfroland Geändert von tomfroland (15.12.2013 um 15:45 Uhr) |
|
16.12.2013, 10:02
| #30 | |
| /// the machine /// TB-Ausbilder | win mediaplayer startet nicht! infiziert?Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu win mediaplayer startet nicht! infiziert? |
| administrator, adobe, antivirus, avast, browser, computer, explorer, fehler, finds, firewall, infiziert, installation, mediaplayer def., mp3, nicht installiert, nvidia, pdf, realtek, registry, scan, security, services.exe, software, svchost.exe, tcp, temp, trustedinstaller, udp, winlogon.exe |
Linear-Darstellung
