| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Browser verliert Verbindung zum NetzWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.08.2014, 09:41
| #16 |
 |  Browser verliert Verbindung zum NetzCode:
ATTFilter OTL logfile created on: 23.08.2014 23:14:16 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Fledermausi\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17239) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,98 Gb Total Physical Memory | 5,79 Gb Available Physical Memory | 72,52% Memory free 13,98 Gb Paging File | 11,51 Gb Available in Paging File | 82,38% Paging File free Paging file location(s): C:\pagefile.sys 6142 6142 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 200,28 Gb Total Space | 120,24 Gb Free Space | 60,04% Space Free | Partition Type: NTFS Drive D: | 240,48 Gb Total Space | 240,35 Gb Free Space | 99,95% Space Free | Partition Type: NTFS Computer Name: PC | User Name: Fledermausi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014.08.23 23:12:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fledermausi\Desktop\OTL.exe PRC - [2013.12.23 21:38:58 | 000,358,968 | ---- | M] () -- C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe PRC - [2013.06.26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2013.06.26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011.11.22 16:09:34 | 000,101,544 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe PRC - [2011.06.10 19:49:10 | 002,255,360 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe PRC - [2011.03.13 19:59:18 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe PRC - [2010.08.17 23:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe PRC - [2009.11.02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe PRC - [2009.03.30 12:34:36 | 000,241,664 | ---- | M] () -- C:\Program Files (x86)\T-Mobile Internet Manager 03\AssistantServices.exe ========== Modules (No Company Name) ========== MOD - [2011.11.22 16:09:30 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll MOD - [2011.06.10 19:49:10 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll MOD - [2009.11.02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009.11.02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ========== Services (SafeList) ========== SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp) SRV:64bit: - [2014.07.25 15:00:25 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:64bit: - [2013.12.10 19:43:18 | 000,038,200 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2011.07.14 03:23:32 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2011.07.14 00:15:36 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2011.01.25 23:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent) SRV:64bit: - [2010.09.23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010.09.17 10:32:56 | 000,241,488 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService) SRV - [2014.07.17 07:42:17 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2013.12.23 21:38:58 | 000,358,968 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe -- (ALDITALKVerbindungsassistent_Service) SRV - [2013.12.10 19:43:20 | 002,409,272 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2013.12.10 19:43:18 | 000,030,520 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2013.09.11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2013.06.26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2013.06.26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2013.04.18 11:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2011.03.13 19:59:18 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent) SRV - [2011.03.13 19:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc) SRV - [2010.11.20 14:19:22 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2009.03.30 12:34:36 | 000,241,664 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\T-Mobile Internet Manager 03\AssistantServices.exe -- (UI Assistant Service) ========== Driver Services (SafeList) ========== DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV:64bit: - [2013.12.23 21:17:19 | 000,138,752 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet) DRV:64bit: - [2013.12.23 21:17:19 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2013.12.23 21:17:19 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV:64bit: - [2013.08.29 03:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2013.06.26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2013.06.26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2013.06.26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2013.06.26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2013.04.24 21:28:08 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6) DRV:64bit: - [2013.01.23 10:31:52 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:64bit: - [2013.01.23 10:31:52 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:64bit: - [2013.01.23 10:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2013.01.23 10:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2012.10.17 14:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.07.14 01:00:06 | 009,978,880 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.07.13 23:33:58 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.06.10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.06.07 00:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2011.03.13 19:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:64bit: - [2011.03.13 19:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:64bit: - [2011.03.13 19:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:64bit: - [2011.03.13 19:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:64bit: - [2011.03.13 19:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:64bit: - [2011.03.13 19:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:64bit: - [2011.03.13 19:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.07 20:22:46 | 002,228,736 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2011.01.18 11:16:46 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2010.12.31 12:30:10 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2010.11.29 10:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2010.11.20 15:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.04 12:52:54 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) DRV:64bit: - [2010.11.04 12:52:52 | 000,075,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) DRV:64bit: - [2010.09.23 09:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010.09.17 10:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm) DRV:64bit: - [2010.09.17 10:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi) DRV:64bit: - [2010.09.17 10:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon) DRV:64bit: - [2010.09.17 10:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr) DRV:64bit: - [2010.02.18 18:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2009.07.20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.01.12 10:13:12 | 000,150,784 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV:64bit: - [2009.01.04 18:30:08 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV:64bit: - [2009.01.04 18:30:08 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV:64bit: - [2008.10.29 17:35:44 | 000,011,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter) DRV:64bit: - [2008.05.24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2013.12.23 21:17:19 | 000,138,752 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2013.12.23 21:17:19 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2013.12.23 21:17:19 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2012.11.16 16:38:44 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2011.05.26 04:06:20 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009.07.03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/ IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local> ========== FireFox ========== FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: "false" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011.04.13 04:51:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.04.04 22:23:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.08.02 10:15:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.08.02 10:15:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.08.02 10:15:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.08.02 10:15:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.08.02 10:15:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.08.02 10:15:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.08.02 10:15:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.08.02 10:15:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.08.02 10:15:09 | 000,000,000 | ---D | M] [2013.12.29 20:11:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fledermausi\AppData\Roaming\mozilla\Extensions [2014.08.17 17:08:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fledermausi\AppData\Roaming\mozilla\Firefox\Profiles\1y2ugmmk.default-1354467891266\extensions [2013.11.17 20:31:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fledermausi\AppData\Roaming\mozilla\Firefox\Profiles\6cf4g4nz.default\extensions [2014.08.13 21:01:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2014.08.13 21:01:04 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Fledermausi\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer CHR - plugin: Native Client (Disabled) = C:\Users\Fledermausi\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Fledermausi\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll CHR - plugin: DivX VOD Helper Plug-in (Disabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll CHR - Extension: YouTube = C:\Users\Fledermausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\Fledermausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Google Mail = C:\Users\Fledermausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2014.08.15 22:42:08 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.) O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.) O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.) O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: facebook.com ([apps] https in Vertrauenswürdige Sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27B1199B-5D86-4782-A561-550E1C9003DD}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.) O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.) O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.) O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013.04.06 20:18:38 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2014.08.23 23:12:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Fledermausi\Desktop\OTL.exe [2014.08.20 07:14:00 | 002,347,384 | ---- | C] (ESET) -- C:\Users\Fledermausi\Desktop\esetsmartinstaller_deu.exe [2014.08.17 22:12:58 | 000,000,000 | ---D | C] -- C:\Users\Fledermausi\Desktop\FRST-OlderVersion [2014.08.17 18:05:42 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Fledermausi\Desktop\JRT.exe [2014.08.17 17:19:18 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll [2014.08.17 16:08:03 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2014.08.17 16:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware [2014.08.17 16:06:22 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys [2014.08.17 16:06:22 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys [2014.08.17 16:06:22 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2014.08.17 16:06:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ Malwarebytes Anti-Malware [2014.08.17 16:05:26 | 017,292,760 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Fledermausi\Desktop\mbam-setup-2.0.2.1012.exe [2014.08.17 15:38:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com [2014.08.17 15:38:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com [2014.08.17 15:32:30 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2014.08.15 22:51:50 | 000,415,232 | ---- | C] (Farbar) -- C:\Users\Fledermausi\Desktop\FSS.exe [2014.08.15 22:50:21 | 000,000,000 | ---D | C] -- C:\Windows\temp [2014.08.15 22:42:15 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2014.08.15 22:11:12 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2014.08.15 22:11:12 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2014.08.15 22:11:12 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2014.08.15 22:10:33 | 000,000,000 | ---D | C] -- C:\Qoobox [2014.08.15 22:09:56 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2014.08.15 22:07:05 | 005,571,320 | R--- | C] (Swearware) -- C:\Users\Fledermausi\Desktop\ComboFix.exe [2014.08.15 21:59:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group [2014.08.15 21:58:51 | 002,623,656 | ---- | C] (VS Revo Group Ltd.) -- C:\Users\Fledermausi\Desktop\revosetup95.exe [2014.08.15 07:02:50 | 000,401,920 | ---- | C] (Farbar) -- C:\Users\Fledermausi\Desktop\MiniToolBox.exe [2014.08.14 09:14:16 | 000,038,200 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2014.08.14 09:14:15 | 000,030,520 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll [2014.08.14 09:11:29 | 000,000,000 | -HSD | C] -- C:\Users\Fledermausi\AppData\Local\EmieUserList [2014.08.14 09:11:29 | 000,000,000 | -HSD | C] -- C:\Users\Fledermausi\AppData\Local\EmieSiteList [2014.08.14 09:11:05 | 000,035,640 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2014.08.14 09:11:02 | 000,026,936 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2014.08.14 09:11:02 | 000,022,328 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2014.08.14 09:10:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013 [2014.08.14 09:10:37 | 000,000,000 | ---D | C] -- C:\Users\Fledermausi\AppData\Roaming\TuneUp Software [2014.08.14 09:10:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013 [2014.08.14 09:09:45 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2014.08.14 09:09:29 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2014.08.14 09:09:29 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2014.08.02 10:15:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2014.07.27 15:24:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia [2014.07.27 15:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia [2014.07.27 15:22:40 | 000,026,112 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys [2014.07.27 15:22:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2014.08.23 23:12:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fledermausi\Desktop\OTL.exe [2014.08.23 15:44:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014.08.22 20:52:54 | 001,653,200 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014.08.22 20:52:54 | 000,711,546 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2014.08.22 20:52:54 | 000,666,344 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014.08.22 20:52:54 | 000,153,736 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2014.08.22 20:52:54 | 000,126,298 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014.08.22 07:02:20 | 000,018,512 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014.08.22 07:02:20 | 000,018,512 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014.08.21 23:03:44 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe [2014.08.21 23:03:31 | 000,276,600 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014.08.21 23:03:10 | 2131,529,727 | -HS- | M] () -- C:\hiberfil.sys [2014.08.21 06:22:11 | 000,854,417 | ---- | M] () -- C:\Users\Fledermausi\Desktop\SecurityCheck.exe [2014.08.20 07:14:43 | 002,347,384 | ---- | M] (ESET) -- C:\Users\Fledermausi\Desktop\esetsmartinstaller_deu.exe [2014.08.17 22:12:58 | 002,101,760 | ---- | M] (Farbar) -- C:\Users\Fledermausi\Desktop\FRST64.exe [2014.08.17 18:05:48 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Fledermausi\Desktop\JRT.exe [2014.08.17 17:17:00 | 001,361,671 | ---- | M] () -- C:\Users\Fledermausi\Desktop\adwcleaner_3.307.exe [2014.08.17 17:11:56 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2014.08.17 16:06:29 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2014.08.17 16:05:31 | 017,292,760 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Fledermausi\Desktop\mbam-setup-2.0.2.1012.exe [2014.08.17 15:38:57 | 000,002,161 | ---- | M] () -- C:\Users\Fledermausi\Desktop\Tweaking.com - Windows Repair (All in One).lnk [2014.08.17 15:37:27 | 009,522,632 | ---- | M] () -- C:\Users\Fledermausi\Desktop\tweaking.com_windows_repair_aio_setup.exe [2014.08.15 22:51:54 | 000,415,232 | ---- | M] (Farbar) -- C:\Users\Fledermausi\Desktop\FSS.exe [2014.08.15 22:42:08 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2014.08.15 22:41:16 | 000,001,351 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini [2014.08.15 22:07:16 | 005,571,320 | R--- | M] (Swearware) -- C:\Users\Fledermausi\Desktop\ComboFix.exe [2014.08.15 21:58:52 | 002,623,656 | ---- | M] (VS Revo Group Ltd.) -- C:\Users\Fledermausi\Desktop\revosetup95.exe [2014.08.15 07:02:51 | 000,401,920 | ---- | M] (Farbar) -- C:\Users\Fledermausi\Desktop\MiniToolBox.exe [2014.08.14 21:03:37 | 000,231,118 | ---- | M] () -- C:\Users\Fledermausi\Documents\TuneUp.jpg [2014.08.14 09:10:56 | 000,002,211 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2014.08.14 09:10:56 | 000,002,191 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2014.08.13 21:01:09 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2014.08.02 18:31:54 | 667,980,738 | ---- | M] () -- C:\Windows\MEMORY.DMP [2014.07.27 15:24:35 | 000,002,091 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2014.08.21 06:22:08 | 000,854,417 | ---- | C] () -- C:\Users\Fledermausi\Desktop\SecurityCheck.exe [2014.08.17 17:16:55 | 001,361,671 | ---- | C] () -- C:\Users\Fledermausi\Desktop\adwcleaner_3.307.exe [2014.08.17 16:06:29 | 000,001,104 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2014.08.17 15:38:57 | 000,002,161 | ---- | C] () -- C:\Users\Fledermausi\Desktop\Tweaking.com - Windows Repair (All in One).lnk [2014.08.17 15:36:27 | 009,522,632 | ---- | C] () -- C:\Users\Fledermausi\Desktop\tweaking.com_windows_repair_aio_setup.exe [2014.08.15 22:11:13 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2014.08.15 22:11:12 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2014.08.15 22:11:12 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2014.08.15 22:11:12 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2014.08.15 22:11:12 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2014.08.14 21:03:37 | 000,231,118 | ---- | C] () -- C:\Users\Fledermausi\Documents\TuneUp.jpg [2014.08.14 09:10:56 | 000,002,211 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2014.08.14 09:10:56 | 000,002,203 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk [2014.08.14 09:10:56 | 000,002,191 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2014.07.27 15:24:34 | 000,002,091 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk [2013.09.15 15:14:59 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini [2012.01.13 21:22:53 | 000,007,621 | ---- | C] () -- C:\Users\Fledermausi\AppData\Local\Resmon.ResmonCfg [2011.04.13 04:48:48 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.12.26 22:40:33 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\ALDITALKVerbindungsassistent [2012.04.18 22:13:40 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Amazon [2011.12.23 21:29:26 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\ASUS WebStorage [2012.01.05 23:21:35 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Auslogics [2011.12.24 09:09:16 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Avant Downloader [2013.06.09 20:41:33 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\ERS Game Studios [2013.06.07 12:07:03 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Nokia [2013.06.07 12:07:05 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Nokia Suite [2011.12.30 21:56:08 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Nuance [2014.08.14 22:06:00 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Opera [2012.04.08 11:52:36 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\PC Suite [2013.06.01 13:24:54 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Phantasmat_bf_se1 [2014.07.15 08:30:25 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\SoftGrid Client [2012.01.13 21:46:27 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\TP [2012.10.26 23:23:41 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\TS3Client [2012.09.17 21:23:02 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\ts3overlay [2014.08.14 09:10:37 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\TuneUp Software [2014.01.11 21:53:13 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Unity [2011.12.30 21:56:02 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Zeon ========== Purity Check ========== ========== Custom Scans ========== < HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers > "ProviderID0" = 1 "ProviderID1" = 2 "ProviderID2" = 3 "ProviderID3" = 4 "NextProviderID" = 5 "ProviderFileName0" = unimdm.tsp -- [2010.11.20 14:16:54 | 000,281,088 | ---- | M] (Microsoft Corporation) "ProviderFileName1" = kmddsp.tsp -- [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) "ProviderFileName2" = ndptsp.tsp -- [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) "ProviderFileName3" = hidphone.tsp -- [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) "NumProviders" = 4 < HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers /64 > "ProviderID0" = 1 "ProviderID1" = 2 "ProviderID2" = 3 "ProviderID3" = 4 "NextProviderID" = 6 "ProviderFileName0" = C:\Windows\SysNative\unimdm.tsp -- [2010.11.20 15:24:26 | 000,321,536 | ---- | M] (Microsoft Corporation) "ProviderFileName1" = C:\Windows\SysNative\kmddsp.tsp -- [2009.07.14 03:38:54 | 000,047,104 | ---- | M] (Microsoft Corporation) "ProviderFileName2" = C:\Windows\SysNative\ndptsp.tsp -- [2009.07.14 03:38:54 | 000,060,928 | ---- | M] (Microsoft Corporation) "ProviderFileName3" = C:\Windows\SysNative\hidphone.tsp -- [2009.07.14 03:38:54 | 000,038,912 | ---- | M] (Microsoft Corporation) "NumProviders" = 5 "ProviderID4" = 5 "ProviderFilename4" = xptzw7u9.tsp < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation /S /64 > "DisplayName" = @%systemroot%\system32\wkssvc.dll,-100 "Group" = NetworkProvider "ImagePath" = C:\Windows\SysNative\svchost.exe -- [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) "Description" = @%systemroot%\system32\wkssvc.dll,-101 "ObjectName" = NT AUTHORITY\NetworkService "ErrorControl" = 1 "Start" = 2 "Type" = 32 "DependOnService" = BowserMRxSmb10MRxSmb20NSI [binary data] "ServiceSidType" = 1 "RequiredPrivileges" = SeChangeNotifyPrivilegeSeImperson [Binary data over 200 bytes] "FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 C0 D4 01 00 00 00 00 00 00 00 00 00 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Linkage] "Bind" = \Device\Smb_Tcpip_{D479F624-31C9-4 [Binary data over 200 bytes] "Route" = "Smb" "Tcpip" "{D479F624-31C9-488D [Binary data over 200 bytes] "Export" = \Device\LanmanWorkstation_Smb_Tcpi [Binary data over 200 bytes] 64bit: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\NetworkProvider] "DeviceName" = \Device\LanmanRedirector "Name" = Microsoft Windows Network "DisplayName" = @%systemroot%\system32\wkssvc.dll,-102 "ProviderPath" = C:\Windows\SysNative\ntlanman.dll -- [2010.11.20 15:27:24 | 000,129,536 | ---- | M] (Microsoft Corporation) 64bit: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters] "ServiceDll" = C:\Windows\SysNative\wkssvc.dll -- [2010.11.20 15:27:30 | 000,118,784 | ---- | M] (Microsoft Corporation) "ServiceDllUnloadOnStop" = 1 "EnablePlainTextPassword" = 0 "EnableSecuritySignature" = 1 "RequireSecuritySignature" = 0 "OtherDomains" = [binary data] < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache /S /64 > < HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost > "netsvcs" = AeLookupSvcCertPropSvcSCPolicySv [Binary data over 200 bytes] "LocalService" = RemoteRegistryWinHttpAutoProxySvc [Binary data over 200 bytes] "LocalSystemNetworkRestricted" = NetmanAudioEndpointBuilderdot3sv [Binary data over 200 bytes] "LocalServiceNoNetwork" = PLA [binary data] -- [2010.11.20 14:20:56 | 001,508,864 | ---- | M] (Microsoft Corporation) "rpcss" = RpcSs [binary data] "LocalServiceNetworkRestricted" = AudioSrvBthHFSrvLmHostswscsvcWPCSvc [binary data] "LocalServiceAndNoImpersonation" = SSDPSRVupnphostSCardSvrTBSQWAVEwcncsvc [binary data] "DcomLaunch" = PowerPlugPlayDcomLaunch [binary data] "NetworkService" = CryptSvcDHCPTermServiceDNSCache [Binary data over 200 bytes] "imgsvc" = StiSvc [binary data] "wcssvc" = WcsPlugInService [binary data] -- [2009.07.14 03:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) "Update-Service-Installer-Service" = Update-Service-Installer-Service [binary data] "Update-Service" = Update-Service [binary data] "iissvcs" = w3svcwas [binary data] "apphost" = apphostsvc [binary data] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\iissvcs] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalService] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNoNetwork] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\netsvcs] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkService] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopHyperVAgent] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopPublishing] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wcssvc] < HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost /64 > "RPCSS" = RpcEptMapperRpcSs [binary data] "defragsvc" = C:\Windows\SysNative\defragsvc.dll -- [2009.07.14 03:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) "LocalSystemNetworkRestricted" = UxSmsWdiSystemHostNetmantrkwks [Binary data over 200 bytes] "LocalService" = nsiWdiServiceHostw32timeEventSy [Binary data over 200 bytes] "netsvcs" = AeLookupSvcCertPropSvcSCPolicySv [Binary data over 200 bytes] "WerSvcGroup" = C:\Windows\SysNative\wersvc.dll -- [2009.07.14 03:41:56 | 000,076,800 | ---- | M] (Microsoft Corporation) "LocalServiceNoNetwork" = DPSPLABFEmpssvcWwanSvc [binary data] "termsvcs" = TermService [binary data] "swprv" = C:\Windows\SysNative\swprv.dll -- [2009.07.14 03:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) "LocalServiceNetworkRestricted" = DHCPeventlogAudioSrvBthHFSrvLm [Binary data over 200 bytes] "LocalServicePeerNet" = PNRPSvcp2pimsvcp2psvcPnrpAutoReg [binary data] "NetworkServiceAndNoImpersonation" = KtmRm [binary data] "regsvc" = RemoteRegistry [binary data] "LocalServiceAndNoImpersonation" = SSDPSRVupnphostSCardSvrTBSfdre [Binary data over 200 bytes] "DcomLaunch" = PowerPlugPlayDcomLaunch [binary data] "NetworkServiceNetworkRestricted" = PolicyAgent [binary data] "NetworkService" = CryptSvcDHCPTermServiceDNSCache [Binary data over 200 bytes] "sdrsvc" = C:\Windows\SysNative\sdrsvc.dll -- [2010.11.20 15:27:26 | 000,170,496 | ---- | M] (Microsoft Corporation) "WbioSvcGroup" = C:\Windows\SysNative\WbioSrvc.dll -- [2009.07.14 03:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) "imgsvc" = StiSvc [binary data] "wcssvc" = C:\Windows\SysNative\WcsPlugInService.dll -- [2009.07.14 03:41:56 | 000,040,960 | ---- | M] (Microsoft Corporation) "AxInstSVGroup" = C:\Windows\SysNative\AxInstSV.dll -- [2010.11.20 15:25:46 | 000,114,688 | ---- | M] (Microsoft Corporation) "secsvcs" = WinDefend [binary data] "bthsvcs" = C:\Windows\SysNative\bthserv.dll -- [2009.07.14 03:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) "iissvcs" = w3svcwas [binary data] "apphost" = apphostsvc [binary data] "GPSvcGroup" = C:\Windows\SysNative\GPSvc.dll -- [2010.11.20 15:26:30 | 000,777,728 | ---- | M] (Microsoft Corporation) 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\AxInstSVGroup] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\defragsvc] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\GPSvcGroup] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\iissvcs] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalService] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNoNetwork] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\netsvcs] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkService] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopHyperVAgent] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopPublishing] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\SDRSVC] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\swprv] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wcssvc] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wercplsupport] < HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com > < HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com /64 > 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com\UpdateClient] < %SystemRoot%\system32\*.tsp > [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp [2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp [2010.11.20 14:16:54 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp < %SystemRoot%\system32\*.tsp /64 > [2009.07.14 03:38:54 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hidphone.tsp [2009.07.14 03:38:54 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kmddsp.tsp [2009.07.14 03:38:54 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ndptsp.tsp [2009.07.14 03:38:54 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\remotesp.tsp [2010.11.20 15:24:26 | 000,321,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp < C:\Windows\system32\*.dll /800 > [2012.08.23 13:15:57 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\aaclient.dll [2014.03.04 11:17:05 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\adprovider.dll [2013.08.29 03:48:17 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\advapi32.dll [2013.08.02 03:48:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll [2013.08.02 03:48:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll [2013.08.02 03:48:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll [2013.08.02 03:48:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll [2013.08.02 03:48:15 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll [2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll [2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll [2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll [2013.08.02 03:48:15 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll [2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll [2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll [2013.08.02 02:43:05 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll [2013.08.02 02:43:05 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll [2013.08.02 02:43:05 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll [2013.01.13 23:16:42 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.01.13 23:12:46 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.01.13 23:17:02 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.01.13 23:11:08 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.01.13 23:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.01.13 23:17:03 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.01.13 23:11:07 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.01.13 23:11:21 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll [2013.01.13 23:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll [2013.08.02 02:43:05 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll [2013.08.02 03:48:15 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\apisetschema.dll [2013.09.11 22:21:54 | 000,028,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\aspnet_counters.dll [2013.06.06 05:01:38 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\atmfd.dll [2013.06.06 05:01:26 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\system32\atmlib.dll [2014.06.03 11:29:40 | 001,805,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\authui.dll [2013.12.10 19:43:18 | 000,022,328 | ---- | M] (TuneUp Software) -- C:\Windows\system32\authuitu.dll [2012.07.04 23:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\browcli.dll [2014.03.04 11:17:06 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\capiprovider.dll [2013.05.13 05:08:06 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\certenc.dll [2014.03.04 11:17:07 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cngprovider.dll [2013.07.04 13:50:56 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\comctl32.dll [2014.05.30 09:52:30 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\credssp.dll [2013.10.04 03:56:25 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\credui.dll [2013.10.05 21:57:25 | 001,168,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\crypt32.dll [2013.05.10 05:20:54 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptdlg.dll [2013.07.09 06:46:31 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptnet.dll [2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptsvc.dll [2013.11.26 10:16:50 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d2d1.dll [2013.01.13 21:46:25 | 001,080,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10.dll [2013.01.13 22:08:43 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10core.dll [2013.01.13 21:54:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10level9.dll [2013.12.25 01:09:41 | 001,987,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10warp.dll [2013.01.13 21:48:47 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10_1.dll [2013.01.13 22:09:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10_1core.dll [2013.04.26 01:30:32 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d11.dll [2013.07.04 13:51:04 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\davclnt.dll [2013.06.06 06:50:56 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dciman32.dll [2012.10.09 19:40:31 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dhcpcore6.dll [2012.10.09 19:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dhcpcsvc6.dll [2014.03.04 11:17:08 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dimsroam.dll [2014.03.04 11:17:08 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpapiprovider.dll [2012.11.02 07:11:31 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpnet.dll [2013.04.10 01:34:01 | 001,247,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DWrite.dll [2013.01.13 22:20:31 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxgi.dll [2014.07.25 13:52:19 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll [2014.07.25 13:29:33 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll [2013.11.20 07:59:39 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\elshyph.dll [2013.06.06 06:51:29 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fontsub.dll [2013.10.12 04:01:25 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FWPUCLNT.DLL [2012.12.07 14:20:43 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gameux.dll [2014.07.16 04:46:24 | 000,311,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gdi32.dll [2012.08.21 14:01:20 | 000,106,928 | ---- | M] (GEAR Software Inc.) -- C:\Windows\system32\GEARAspi.dll [2013.11.20 07:59:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll [2014.07.01 00:14:53 | 000,008,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardres.dll [2013.11.20 07:59:28 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll [2014.07.25 12:09:19 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll [2014.08.01 01:16:34 | 000,307,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll [2014.07.25 14:33:08 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieetwproxystub.dll [2014.07.25 13:03:13 | 011,772,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll [2013.11.20 07:59:28 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll [2014.07.25 14:17:33 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll [2014.07.25 14:21:28 | 002,184,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll [2014.07.25 14:34:49 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll [2013.11.20 07:59:28 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll [2014.07.25 14:12:35 | 000,438,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll [2013.10.19 03:36:59 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imagehlp.dll [2013.11.20 07:59:28 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll [2014.03.09 23:47:43 | 000,099,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\infocardapi.dll [2013.11.20 07:59:28 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll [2014.02.04 04:00:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iologmsg.dll [2014.07.25 13:43:16 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\JavaScriptCollectionAgent.dll [2013.11.20 07:59:28 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll [2014.07.25 14:06:47 | 004,204,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll [2014.07.25 14:08:47 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9diag.dll [2013.11.20 07:59:28 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsIntl.dll [2014.07.25 14:18:49 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll [2014.07.09 03:31:41 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDBASH.DLL [2014.07.09 03:31:42 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDRU.DLL [2014.07.09 03:31:42 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDRU1.DLL [2014.07.09 03:31:42 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDTAT.DLL [2014.07.09 03:31:42 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDYAK.DLL [2014.05.30 09:52:36 | 000,550,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kerberos.dll [2014.03.04 11:16:17 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kernel32.dll [2014.03.04 11:16:18 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KernelBase.dll [2013.11.20 07:59:28 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll [2013.06.06 06:57:01 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\lpk.dll [2013.12.04 04:02:06 | 000,390,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msdrm.dll [2014.07.25 13:13:12 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll [2013.11.20 07:59:28 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll [2014.07.25 15:51:14 | 017,524,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll [2014.07.25 14:30:32 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MshtmlDac.dll [2014.07.25 13:34:04 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll [2013.11.20 07:59:28 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll [2014.07.25 13:07:10 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmlmedia.dll [2014.06.03 11:29:50 | 002,363,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msi.dll [2013.10.30 04:19:52 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msieftp.dll [2014.06.03 11:29:50 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msihnd.dll [2013.11.20 07:59:28 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll [2013.01.04 08:11:21 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msmpeg2vdec.dll [2014.07.25 13:36:30 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll [2012.08.23 15:47:20 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MsRdpWebAccess.dll [2012.08.23 10:19:01 | 004,916,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mstscax.dll [2014.05.30 09:52:40 | 000,259,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msv1_0.dll [2013.09.11 22:21:54 | 000,501,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcp110_clr0400.dll [2013.09.11 22:21:54 | 000,018,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcr100_clr0400.dll [2013.09.11 22:21:54 | 000,863,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcr110_clr0400.dll [2013.09.08 04:03:58 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mswsock.dll [2014.03.26 16:27:50 | 001,237,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml3.dll [2014.03.26 16:25:14 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml3r.dll [2014.03.26 16:27:50 | 001,389,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml6.dll [2014.03.26 16:25:14 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml6r.dll [2014.05.30 09:52:41 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncrypt.dll [2012.10.03 18:42:23 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncsi.dll [2012.07.04 23:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netapi32.dll [2012.10.03 18:42:24 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netcorehc.dll [2012.10.03 18:42:24 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netevent.dll [2013.10.12 04:03:08 | 000,656,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nshwfp.dll [2013.08.29 03:50:30 | 001,292,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntdll.dll [2014.03.04 11:17:19 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntvdm64.dll [2014.03.04 11:17:19 | 000,538,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\objsel.dll [2013.11.20 07:59:28 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll [2013.11.20 07:59:28 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll [2013.07.20 12:33:12 | 000,102,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll [2014.06.06 11:44:17 | 000,509,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qedit.dll [2012.08.23 13:12:17 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpendp_winip.dll [2014.07.14 03:40:58 | 000,664,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rpcrt4.dll [2014.05.30 09:52:45 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\schannel.dll [2013.10.12 04:03:31 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scrrun.dll [2013.12.04 04:03:08 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secproc.dll [2013.12.04 04:03:20 | 000,423,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secproc_isv.dll [2013.12.04 04:03:20 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secproc_ssp.dll [2013.12.04 04:03:20 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secproc_ssp_isv.dll [2014.06.05 16:26:58 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secur32.dll [2013.06.26 19:21:46 | 001,130,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sftldr_wow64.dll [2013.07.26 03:55:59 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shdocvw.dll [2014.06.25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shell32.dll [2013.10.04 03:58:50 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SmartcardCredentialProvider.dll [2014.06.05 16:25:49 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sspicli.dll [2012.09.26 00:47:43 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\synceng.dll [2013.08.29 03:50:16 | 000,619,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tdh.dll [2012.08.23 15:18:14 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tsgqec.dll [2014.05.30 09:52:49 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TSpkg.dll [2014.07.16 04:46:02 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tzres.dll [2013.01.13 21:53:14 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\UIAnimation.dll [2013.11.20 07:59:28 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll [2014.07.25 12:00:43 | 001,169,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll [2014.04.25 04:06:17 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\usp10.dll [2013.12.10 19:43:18 | 000,030,520 | ---- | M] (TuneUp Software) -- C:\Windows\system32\uxtuneup.dll [2014.07.25 14:34:03 | 000,455,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll [2013.12.23 21:17:20 | 001,490,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WdfCoInstaller01007.dll [2014.05.30 09:52:51 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wdigest.dll [2013.11.20 07:59:28 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll [2013.07.04 13:57:28 | 000,205,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WebClnt.dll [2014.01.29 04:06:47 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wer.dll [2013.04.26 06:55:21 | 000,492,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32spl.dll [2014.03.04 11:17:38 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wincredprovider.dll [2014.02.04 04:04:22 | 001,230,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WindowsCodecs.dll [2013.01.13 21:53:58 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WindowsCodecsExt.dll [2014.07.25 12:05:23 | 001,792,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll [2013.07.09 06:52:10 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wintrust.dll [2012.08.23 15:46:20 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wksprtPS.dll [2013.05.10 06:56:08 | 011,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmp.dll [2013.11.23 20:26:20 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMPhoto.dll [2013.05.10 06:56:15 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmploc.DLL [2013.07.25 10:57:27 | 001,620,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMVDECOD.DLL [2014.03.04 11:16:18 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wow32.dll [2012.12.07 14:26:17 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Wpc.dll [2014.05.14 18:23:38 | 000,581,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wuapi.dll [2014.05.14 18:17:10 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wudriver.dll [2014.05.14 18:23:42 | 000,036,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wups.dll [2014.05.14 09:23:04 | 000,179,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wuwebv.dll [2013.01.13 20:34:58 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XpsGdiConverter.dll [2013.01.13 19:26:42 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XpsPrint.dll [2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009.07.14 07:08:49 | 000,032,640 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT < C:\Windows\system32\*.dll /800 /64 > [2012.08.23 12:54:24 | 000,322,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2014.03.04 11:43:55 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll [2013.08.29 04:13:28 | 000,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll [2014.08.07 04:01:34 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll [2014.08.07 04:06:41 | 000,529,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll [2013.08.02 04:12:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013.08.02 04:12:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013.08.02 04:12:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013.08.02 04:12:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013.08.02 04:12:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013.08.02 04:12:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013.08.02 04:12:18 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013.08.02 04:12:19 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013.08.02 04:12:19 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013.08.02 04:12:19 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.08.02 04:12:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013.08.02 04:12:20 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013.08.02 04:12:20 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013.08.02 04:12:20 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013.08.02 04:12:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013.08.02 04:12:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013.01.13 22:35:18 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.01.13 22:32:07 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.01.13 22:35:31 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.01.13 22:31:41 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.01.13 22:31:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.01.13 22:35:31 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.01.13 22:31:40 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.01.13 22:31:48 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013.01.13 22:31:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013.08.02 04:12:20 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013.08.02 04:12:20 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll [2013.02.27 07:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appinfo.dll [2013.09.11 20:39:06 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aspnet_counters.dll [2013.06.06 05:30:53 | 000,368,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2013.06.06 07:47:21 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2014.06.03 12:02:12 | 001,941,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013.12.10 19:43:18 | 000,026,936 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2012.07.05 00:13:27 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012.07.05 00:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browser.dll [2014.03.04 11:43:55 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll [2013.01.23 10:31:52 | 000,166,912 | ---- | M] (Nokia) -- C:\Windows\SysNative\ccdcmbwux64.dll [2013.05.13 07:50:40 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll [2014.03.04 11:43:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll [2013.07.04 14:50:39 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll [2014.05.30 10:08:31 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\credssp.dll [2013.10.04 04:25:17 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll [2013.10.05 22:25:35 | 001,474,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2013.05.10 07:49:27 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll [2013.07.09 07:46:20 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsvc.dll [2013.08.02 04:12:47 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2013.11.23 00:48:21 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013.01.13 21:20:04 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013.01.13 21:38:21 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013.01.13 21:24:33 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013.12.25 00:48:32 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013.01.13 21:20:42 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013.01.13 21:38:39 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013.04.01 00:52:16 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013.07.04 14:50:46 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll [2013.06.06 07:49:07 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll [2012.10.09 20:17:13 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2012.10.09 20:17:13 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2014.03.04 11:43:56 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll [2014.03.04 11:43:56 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll [2012.11.02 07:59:11 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2013.04.03 00:51:57 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013.01.13 21:49:17 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2014.07.25 14:40:12 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2014.07.25 14:10:53 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.11.20 07:59:28 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.01.13 21:58:28 | 001,175,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FntCache.dll [2013.06.06 07:49:52 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2013.10.12 04:29:08 | 000,324,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL [2012.12.07 15:15:31 | 002,746,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2014.07.16 05:25:04 | 000,404,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll [2012.08.21 14:01:20 | 000,125,872 | ---- | M] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll [2013.11.20 07:59:28 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2014.07.01 00:24:50 | 000,008,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll [2013.11.20 07:59:28 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2014.07.25 12:17:47 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2014.08.01 01:41:41 | 000,348,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll [2014.07.25 16:01:41 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2014.07.25 15:28:35 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2014.07.25 13:23:30 | 013,547,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll [2013.11.20 07:59:27 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2014.07.25 15:10:00 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2014.07.25 15:25:32 | 002,774,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll [2014.07.25 15:30:30 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.11.20 07:59:28 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2014.07.25 15:03:50 | 000,598,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.10.12 04:29:21 | 000,859,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IKEEXT.DLL [2013.10.19 04:18:57 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2013.11.20 07:59:27 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2014.03.09 23:48:52 | 000,171,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll [2013.11.20 07:59:27 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2014.02.04 04:28:36 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll [2012.10.03 19:42:16 | 000,569,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iphlpsvc.dll [2014.07.25 14:28:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2013.11.20 07:59:27 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2014.07.25 14:28:15 | 005,824,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2014.07.25 14:59:28 | 000,758,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2013.11.20 07:59:28 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll [2014.07.25 15:11:32 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll [2014.07.09 04:03:22 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL [2014.07.09 04:03:23 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU.DLL [2014.07.09 04:03:23 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU1.DLL [2014.07.09 04:03:23 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAT.DLL [2014.07.09 04:03:23 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDYAK.DLL [2014.05.30 10:08:36 | 000,728,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kerberos.dll [2014.03.04 11:44:00 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2014.03.04 11:44:00 | 000,424,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013.11.20 07:59:27 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.06.06 07:50:51 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll [2014.06.05 16:45:15 | 001,460,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2013.04.01 08:03:35 | 000,078,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_AuthenticAMD.dll [2013.12.04 04:26:32 | 000,528,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll [2014.07.25 13:47:50 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.11.20 07:59:28 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll [2014.07.25 16:52:04 | 023,645,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll [2014.07.25 15:25:45 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2014.07.25 14:17:26 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.11.20 07:59:28 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2014.07.25 13:39:25 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2014.06.03 12:02:21 | 003,241,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2013.10.30 04:32:01 | 000,335,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll [2014.06.03 12:02:21 | 000,504,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll [2013.11.20 07:59:28 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.01.04 08:11:13 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2014.07.25 14:19:18 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2012.08.23 15:20:40 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll [2012.08.23 10:13:07 | 005,773,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2014.05.30 10:08:41 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msv1_0.dll [2013.09.11 20:39:06 | 000,614,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp110_clr0400.dll [2013.09.11 20:39:06 | 000,018,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100_clr0400.dll [2013.09.11 20:39:06 | 000,855,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr110_clr0400.dll [2013.09.08 04:27:14 | 000,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mswsock.dll [2014.03.26 16:44:48 | 001,882,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3.dll [2014.03.26 16:41:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2014.03.26 16:44:48 | 002,002,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6.dll [2014.03.26 16:41:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll [2014.05.30 10:08:41 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.10.03 19:44:16 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2012.07.05 00:16:43 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2012.10.03 19:44:17 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll [2012.10.03 19:44:17 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll [2012.10.03 19:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nlaapi.dll [2012.10.03 19:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nlasvc.dll [2013.01.23 10:31:52 | 000,057,856 | ---- | M] (Nokia) -- C:\Windows\SysNative\nmwcdclsX64.dll [2013.01.23 10:31:52 | 000,074,752 | ---- | M] (Nokia) -- C:\Windows\SysNative\nmwcdcoclsx64.dll [2013.10.12 04:30:42 | 000,830,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll [2013.08.29 04:16:35 | 001,732,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2014.03.04 11:44:03 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2014.03.04 11:44:03 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll [2013.11.20 07:59:27 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.11.20 07:59:27 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.07.20 12:33:08 | 000,124,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll [2014.06.06 12:10:34 | 000,624,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll [2014.05.08 11:32:11 | 003,178,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2012.08.23 12:51:14 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll [2014.05.08 11:32:11 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll [2012.08.23 16:13:11 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2014.07.14 04:02:45 | 001,216,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll [2013.08.28 03:12:33 | 000,461,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll [2014.05.30 10:08:47 | 000,340,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\schannel.dll [2013.10.12 04:31:04 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll [2013.12.04 04:27:16 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll [2013.12.04 04:27:33 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll [2013.12.04 04:27:33 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll [2013.12.04 04:27:33 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll [2014.04.12 04:19:37 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2013.06.26 19:21:46 | 001,777,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sftldr.dll [2013.07.26 04:24:56 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2014.06.25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\shell32.dll [2013.10.04 04:28:31 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll [2014.04.12 04:19:38 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2014.04.12 04:19:38 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012.09.26 00:46:17 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [2013.08.29 04:16:14 | 000,859,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll [2012.08.23 14:52:53 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2014.05.30 10:08:49 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TSpkg.dll [2012.08.23 15:06:58 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2012.08.23 15:40:56 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2014.07.16 05:23:41 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tzres.dll [2013.01.13 21:24:30 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013.11.20 07:59:28 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2014.07.25 12:26:58 | 001,431,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll [2014.04.25 04:34:59 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013.12.10 19:43:18 | 000,038,200 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2014.07.25 15:28:27 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.07.26 04:36:08 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2014.05.30 10:08:52 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wdigest.dll [2013.11.20 07:59:27 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webcheck.dll [2013.07.04 14:57:22 | 000,259,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WebClnt.dll [2014.01.29 04:32:18 | 000,484,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll [2013.04.26 07:51:36 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2014.03.04 11:44:20 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll [2014.02.04 04:32:22 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.01.13 21:25:04 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2014.07.25 12:52:06 | 002,266,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll [2013.08.02 04:14:57 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013.07.09 07:52:52 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012.08.23 15:17:54 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll [2013.05.10 07:56:33 | 014,631,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll [2013.11.23 19:47:34 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013.05.10 07:56:40 | 012,625,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL [2013.07.25 11:25:54 | 001,888,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2014.03.04 11:44:21 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2014.03.04 11:44:21 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2014.03.04 11:44:21 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012.12.07 15:20:16 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2014.05.14 18:23:38 | 000,700,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2014.05.14 18:23:46 | 002,477,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuaueng.dll [2014.05.14 18:21:04 | 002,620,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012.07.26 05:08:14 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2012.07.26 05:08:14 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2012.07.26 05:08:14 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFSvc.dll [2012.07.26 05:08:14 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2014.05.14 18:20:45 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2014.05.14 18:23:52 | 000,038,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2014.05.14 18:23:47 | 000,044,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2014.05.14 09:23:04 | 000,198,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2013.03.19 07:53:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2014.01.28 04:32:46 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwansvc.dll [2013.01.13 20:09:52 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013.01.13 19:05:09 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 240 bytes -> C:\ProgramData\Temp:0BBF232A @Alternate Data Stream - 235 bytes -> C:\ProgramData\Temp:2339C9FD < End of report > |
|
24.08.2014, 09:43
| #17 |
| | Browser verliert Verbindung zum NetzCode:
ATTFilter OTL logfile created on: 23.08.2014 23:14:16 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Fledermausi\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17239) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,98 Gb Total Physical Memory | 5,79 Gb Available Physical Memory | 72,52% Memory free 13,98 Gb Paging File | 11,51 Gb Available in Paging File | 82,38% Paging File free Paging file location(s): C:\pagefile.sys 6142 6142 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 200,28 Gb Total Space | 120,24 Gb Free Space | 60,04% Space Free | Partition Type: NTFS Drive D: | 240,48 Gb Total Space | 240,35 Gb Free Space | 99,95% Space Free | Partition Type: NTFS Computer Name: PC | User Name: Fledermausi | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014.08.23 23:12:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fledermausi\Desktop\OTL.exe PRC - [2013.12.23 21:38:58 | 000,358,968 | ---- | M] () -- C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe PRC - [2013.06.26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2013.06.26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011.11.22 16:09:34 | 000,101,544 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe PRC - [2011.06.10 19:49:10 | 002,255,360 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe PRC - [2011.03.13 19:59:18 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe PRC - [2010.08.17 23:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe PRC - [2009.11.02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe PRC - [2009.03.30 12:34:36 | 000,241,664 | ---- | M] () -- C:\Program Files (x86)\T-Mobile Internet Manager 03\AssistantServices.exe ========== Modules (No Company Name) ========== MOD - [2011.11.22 16:09:30 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll MOD - [2011.06.10 19:49:10 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll MOD - [2009.11.02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009.11.02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ========== Services (SafeList) ========== SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp) SRV:64bit: - [2014.07.25 15:00:25 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:64bit: - [2013.12.10 19:43:18 | 000,038,200 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2011.07.14 03:23:32 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2011.07.14 00:15:36 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2011.01.25 23:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent) SRV:64bit: - [2010.09.23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010.09.17 10:32:56 | 000,241,488 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService) SRV - [2014.07.17 07:42:17 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2013.12.23 21:38:58 | 000,358,968 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe -- (ALDITALKVerbindungsassistent_Service) SRV - [2013.12.10 19:43:20 | 002,409,272 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2013.12.10 19:43:18 | 000,030,520 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2013.09.11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2013.06.26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2013.06.26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2013.04.18 11:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2011.03.13 19:59:18 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent) SRV - [2011.03.13 19:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc) SRV - [2010.11.20 14:19:22 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2009.03.30 12:34:36 | 000,241,664 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\T-Mobile Internet Manager 03\AssistantServices.exe -- (UI Assistant Service) ========== Driver Services (SafeList) ========== DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV:64bit: - [2013.12.23 21:17:19 | 000,138,752 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet) DRV:64bit: - [2013.12.23 21:17:19 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard) DRV:64bit: - [2013.12.23 21:17:19 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV:64bit: - [2013.08.29 03:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2013.06.26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2013.06.26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2013.06.26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2013.06.26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2013.04.24 21:28:08 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6) DRV:64bit: - [2013.01.23 10:31:52 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:64bit: - [2013.01.23 10:31:52 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:64bit: - [2013.01.23 10:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2013.01.23 10:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2012.10.17 14:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.07.14 01:00:06 | 009,978,880 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.07.13 23:33:58 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.06.10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.06.07 00:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2011.03.13 19:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV:64bit: - [2011.03.13 19:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV:64bit: - [2011.03.13 19:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV:64bit: - [2011.03.13 19:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV:64bit: - [2011.03.13 19:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV:64bit: - [2011.03.13 19:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV:64bit: - [2011.03.13 19:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.07 20:22:46 | 002,228,736 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2011.01.18 11:16:46 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2010.12.31 12:30:10 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV:64bit: - [2010.11.29 10:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2010.11.20 15:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.04 12:52:54 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) DRV:64bit: - [2010.11.04 12:52:52 | 000,075,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) DRV:64bit: - [2010.09.23 09:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010.09.17 10:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm) DRV:64bit: - [2010.09.17 10:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi) DRV:64bit: - [2010.09.17 10:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon) DRV:64bit: - [2010.09.17 10:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr) DRV:64bit: - [2010.02.18 18:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2009.07.20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.01.12 10:13:12 | 000,150,784 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV:64bit: - [2009.01.04 18:30:08 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV:64bit: - [2009.01.04 18:30:08 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV:64bit: - [2008.10.29 17:35:44 | 000,011,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter) DRV:64bit: - [2008.05.24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2013.12.23 21:17:19 | 000,138,752 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ewusbnet.sys -- (ewusbnet) DRV - [2013.12.23 21:17:19 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2013.12.23 21:17:19 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV - [2012.11.16 16:38:44 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2011.05.26 04:06:20 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009.07.03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/ IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local> ========== FireFox ========== FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: "false" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011.04.13 04:51:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.04.04 22:23:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.08.02 10:15:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.08.02 10:15:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.08.02 10:15:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.08.02 10:15:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.08.02 10:15:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.08.02 10:15:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.08.02 10:15:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.08.02 10:15:09 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.08.02 10:15:09 | 000,000,000 | ---D | M] [2013.12.29 20:11:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fledermausi\AppData\Roaming\mozilla\Extensions [2014.08.17 17:08:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fledermausi\AppData\Roaming\mozilla\Firefox\Profiles\1y2ugmmk.default-1354467891266\extensions [2013.11.17 20:31:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fledermausi\AppData\Roaming\mozilla\Firefox\Profiles\6cf4g4nz.default\extensions [2014.08.13 21:01:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2014.08.13 21:01:04 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Fledermausi\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer CHR - plugin: Native Client (Disabled) = C:\Users\Fledermausi\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Fledermausi\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll CHR - plugin: DivX VOD Helper Plug-in (Disabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll CHR - Extension: YouTube = C:\Users\Fledermausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\Fledermausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Google Mail = C:\Users\Fledermausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2014.08.15 22:42:08 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.) O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.) O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.) O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: facebook.com ([apps] https in Vertrauenswürdige Sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27B1199B-5D86-4782-A561-550E1C9003DD}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.) O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.) O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.) O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013.04.06 20:18:38 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2014.08.23 23:12:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Fledermausi\Desktop\OTL.exe [2014.08.20 07:14:00 | 002,347,384 | ---- | C] (ESET) -- C:\Users\Fledermausi\Desktop\esetsmartinstaller_deu.exe [2014.08.17 22:12:58 | 000,000,000 | ---D | C] -- C:\Users\Fledermausi\Desktop\FRST-OlderVersion [2014.08.17 18:05:42 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Fledermausi\Desktop\JRT.exe [2014.08.17 17:19:18 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll [2014.08.17 16:08:03 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2014.08.17 16:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware [2014.08.17 16:06:22 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys [2014.08.17 16:06:22 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys [2014.08.17 16:06:22 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2014.08.17 16:06:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ Malwarebytes Anti-Malware [2014.08.17 16:05:26 | 017,292,760 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Fledermausi\Desktop\mbam-setup-2.0.2.1012.exe [2014.08.17 15:38:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com [2014.08.17 15:38:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com [2014.08.17 15:32:30 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2014.08.15 22:51:50 | 000,415,232 | ---- | C] (Farbar) -- C:\Users\Fledermausi\Desktop\FSS.exe [2014.08.15 22:50:21 | 000,000,000 | ---D | C] -- C:\Windows\temp [2014.08.15 22:42:15 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2014.08.15 22:11:12 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2014.08.15 22:11:12 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2014.08.15 22:11:12 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2014.08.15 22:10:33 | 000,000,000 | ---D | C] -- C:\Qoobox [2014.08.15 22:09:56 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2014.08.15 22:07:05 | 005,571,320 | R--- | C] (Swearware) -- C:\Users\Fledermausi\Desktop\ComboFix.exe [2014.08.15 21:59:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group [2014.08.15 21:58:51 | 002,623,656 | ---- | C] (VS Revo Group Ltd.) -- C:\Users\Fledermausi\Desktop\revosetup95.exe [2014.08.15 07:02:50 | 000,401,920 | ---- | C] (Farbar) -- C:\Users\Fledermausi\Desktop\MiniToolBox.exe [2014.08.14 09:14:16 | 000,038,200 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2014.08.14 09:14:15 | 000,030,520 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll [2014.08.14 09:11:29 | 000,000,000 | -HSD | C] -- C:\Users\Fledermausi\AppData\Local\EmieUserList [2014.08.14 09:11:29 | 000,000,000 | -HSD | C] -- C:\Users\Fledermausi\AppData\Local\EmieSiteList [2014.08.14 09:11:05 | 000,035,640 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2014.08.14 09:11:02 | 000,026,936 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2014.08.14 09:11:02 | 000,022,328 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2014.08.14 09:10:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013 [2014.08.14 09:10:37 | 000,000,000 | ---D | C] -- C:\Users\Fledermausi\AppData\Roaming\TuneUp Software [2014.08.14 09:10:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013 [2014.08.14 09:09:45 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2014.08.14 09:09:29 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2014.08.14 09:09:29 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2014.08.02 10:15:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2014.07.27 15:24:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia [2014.07.27 15:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia [2014.07.27 15:22:40 | 000,026,112 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys [2014.07.27 15:22:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2014.08.23 23:12:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fledermausi\Desktop\OTL.exe [2014.08.23 15:44:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014.08.22 20:52:54 | 001,653,200 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014.08.22 20:52:54 | 000,711,546 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2014.08.22 20:52:54 | 000,666,344 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014.08.22 20:52:54 | 000,153,736 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2014.08.22 20:52:54 | 000,126,298 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014.08.22 07:02:20 | 000,018,512 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014.08.22 07:02:20 | 000,018,512 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014.08.21 23:03:44 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe [2014.08.21 23:03:31 | 000,276,600 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014.08.21 23:03:10 | 2131,529,727 | -HS- | M] () -- C:\hiberfil.sys [2014.08.21 06:22:11 | 000,854,417 | ---- | M] () -- C:\Users\Fledermausi\Desktop\SecurityCheck.exe [2014.08.20 07:14:43 | 002,347,384 | ---- | M] (ESET) -- C:\Users\Fledermausi\Desktop\esetsmartinstaller_deu.exe [2014.08.17 22:12:58 | 002,101,760 | ---- | M] (Farbar) -- C:\Users\Fledermausi\Desktop\FRST64.exe [2014.08.17 18:05:48 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Fledermausi\Desktop\JRT.exe [2014.08.17 17:17:00 | 001,361,671 | ---- | M] () -- C:\Users\Fledermausi\Desktop\adwcleaner_3.307.exe [2014.08.17 17:11:56 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2014.08.17 16:06:29 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2014.08.17 16:05:31 | 017,292,760 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Fledermausi\Desktop\mbam-setup-2.0.2.1012.exe [2014.08.17 15:38:57 | 000,002,161 | ---- | M] () -- C:\Users\Fledermausi\Desktop\Tweaking.com - Windows Repair (All in One).lnk [2014.08.17 15:37:27 | 009,522,632 | ---- | M] () -- C:\Users\Fledermausi\Desktop\tweaking.com_windows_repair_aio_setup.exe [2014.08.15 22:51:54 | 000,415,232 | ---- | M] (Farbar) -- C:\Users\Fledermausi\Desktop\FSS.exe [2014.08.15 22:42:08 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2014.08.15 22:41:16 | 000,001,351 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini [2014.08.15 22:07:16 | 005,571,320 | R--- | M] (Swearware) -- C:\Users\Fledermausi\Desktop\ComboFix.exe [2014.08.15 21:58:52 | 002,623,656 | ---- | M] (VS Revo Group Ltd.) -- C:\Users\Fledermausi\Desktop\revosetup95.exe [2014.08.15 07:02:51 | 000,401,920 | ---- | M] (Farbar) -- C:\Users\Fledermausi\Desktop\MiniToolBox.exe [2014.08.14 21:03:37 | 000,231,118 | ---- | M] () -- C:\Users\Fledermausi\Documents\TuneUp.jpg [2014.08.14 09:10:56 | 000,002,211 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2014.08.14 09:10:56 | 000,002,191 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2014.08.13 21:01:09 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2014.08.02 18:31:54 | 667,980,738 | ---- | M] () -- C:\Windows\MEMORY.DMP [2014.07.27 15:24:35 | 000,002,091 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2014.08.21 06:22:08 | 000,854,417 | ---- | C] () -- C:\Users\Fledermausi\Desktop\SecurityCheck.exe [2014.08.17 17:16:55 | 001,361,671 | ---- | C] () -- C:\Users\Fledermausi\Desktop\adwcleaner_3.307.exe [2014.08.17 16:06:29 | 000,001,104 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2014.08.17 15:38:57 | 000,002,161 | ---- | C] () -- C:\Users\Fledermausi\Desktop\Tweaking.com - Windows Repair (All in One).lnk [2014.08.17 15:36:27 | 009,522,632 | ---- | C] () -- C:\Users\Fledermausi\Desktop\tweaking.com_windows_repair_aio_setup.exe [2014.08.15 22:11:13 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2014.08.15 22:11:12 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2014.08.15 22:11:12 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2014.08.15 22:11:12 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2014.08.15 22:11:12 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2014.08.14 21:03:37 | 000,231,118 | ---- | C] () -- C:\Users\Fledermausi\Documents\TuneUp.jpg [2014.08.14 09:10:56 | 000,002,211 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2014.08.14 09:10:56 | 000,002,203 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk [2014.08.14 09:10:56 | 000,002,191 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2014.07.27 15:24:34 | 000,002,091 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk [2013.09.15 15:14:59 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini [2012.01.13 21:22:53 | 000,007,621 | ---- | C] () -- C:\Users\Fledermausi\AppData\Local\Resmon.ResmonCfg [2011.04.13 04:48:48 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.12.26 22:40:33 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\ALDITALKVerbindungsassistent [2012.04.18 22:13:40 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Amazon [2011.12.23 21:29:26 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\ASUS WebStorage [2012.01.05 23:21:35 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Auslogics [2011.12.24 09:09:16 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Avant Downloader [2013.06.09 20:41:33 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\ERS Game Studios [2013.06.07 12:07:03 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Nokia [2013.06.07 12:07:05 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Nokia Suite [2011.12.30 21:56:08 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Nuance [2014.08.14 22:06:00 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Opera [2012.04.08 11:52:36 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\PC Suite [2013.06.01 13:24:54 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Phantasmat_bf_se1 [2014.07.15 08:30:25 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\SoftGrid Client [2012.01.13 21:46:27 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\TP [2012.10.26 23:23:41 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\TS3Client [2012.09.17 21:23:02 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\ts3overlay [2014.08.14 09:10:37 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\TuneUp Software [2014.01.11 21:53:13 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Unity [2011.12.30 21:56:02 | 000,000,000 | ---D | M] -- C:\Users\Fledermausi\AppData\Roaming\Zeon ========== Purity Check ========== ========== Custom Scans ========== < HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers > "ProviderID0" = 1 "ProviderID1" = 2 "ProviderID2" = 3 "ProviderID3" = 4 "NextProviderID" = 5 "ProviderFileName0" = unimdm.tsp -- [2010.11.20 14:16:54 | 000,281,088 | ---- | M] (Microsoft Corporation) "ProviderFileName1" = kmddsp.tsp -- [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) "ProviderFileName2" = ndptsp.tsp -- [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) "ProviderFileName3" = hidphone.tsp -- [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) "NumProviders" = 4 < HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers /64 > "ProviderID0" = 1 "ProviderID1" = 2 "ProviderID2" = 3 "ProviderID3" = 4 "NextProviderID" = 6 "ProviderFileName0" = C:\Windows\SysNative\unimdm.tsp -- [2010.11.20 15:24:26 | 000,321,536 | ---- | M] (Microsoft Corporation) "ProviderFileName1" = C:\Windows\SysNative\kmddsp.tsp -- [2009.07.14 03:38:54 | 000,047,104 | ---- | M] (Microsoft Corporation) "ProviderFileName2" = C:\Windows\SysNative\ndptsp.tsp -- [2009.07.14 03:38:54 | 000,060,928 | ---- | M] (Microsoft Corporation) "ProviderFileName3" = C:\Windows\SysNative\hidphone.tsp -- [2009.07.14 03:38:54 | 000,038,912 | ---- | M] (Microsoft Corporation) "NumProviders" = 5 "ProviderID4" = 5 "ProviderFilename4" = xptzw7u9.tsp < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation /S /64 > "DisplayName" = @%systemroot%\system32\wkssvc.dll,-100 "Group" = NetworkProvider "ImagePath" = C:\Windows\SysNative\svchost.exe -- [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) "Description" = @%systemroot%\system32\wkssvc.dll,-101 "ObjectName" = NT AUTHORITY\NetworkService "ErrorControl" = 1 "Start" = 2 "Type" = 32 "DependOnService" = BowserMRxSmb10MRxSmb20NSI [binary data] "ServiceSidType" = 1 "RequiredPrivileges" = SeChangeNotifyPrivilegeSeImperson [Binary data over 200 bytes] "FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 C0 D4 01 00 00 00 00 00 00 00 00 00 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Linkage] "Bind" = \Device\Smb_Tcpip_{D479F624-31C9-4 [Binary data over 200 bytes] "Route" = "Smb" "Tcpip" "{D479F624-31C9-488D [Binary data over 200 bytes] "Export" = \Device\LanmanWorkstation_Smb_Tcpi [Binary data over 200 bytes] 64bit: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\NetworkProvider] "DeviceName" = \Device\LanmanRedirector "Name" = Microsoft Windows Network "DisplayName" = @%systemroot%\system32\wkssvc.dll,-102 "ProviderPath" = C:\Windows\SysNative\ntlanman.dll -- [2010.11.20 15:27:24 | 000,129,536 | ---- | M] (Microsoft Corporation) 64bit: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters] "ServiceDll" = C:\Windows\SysNative\wkssvc.dll -- [2010.11.20 15:27:30 | 000,118,784 | ---- | M] (Microsoft Corporation) "ServiceDllUnloadOnStop" = 1 "EnablePlainTextPassword" = 0 "EnableSecuritySignature" = 1 "RequireSecuritySignature" = 0 "OtherDomains" = [binary data] < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache /S /64 > < HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost > "netsvcs" = AeLookupSvcCertPropSvcSCPolicySv [Binary data over 200 bytes] "LocalService" = RemoteRegistryWinHttpAutoProxySvc [Binary data over 200 bytes] "LocalSystemNetworkRestricted" = NetmanAudioEndpointBuilderdot3sv [Binary data over 200 bytes] "LocalServiceNoNetwork" = PLA [binary data] -- [2010.11.20 14:20:56 | 001,508,864 | ---- | M] (Microsoft Corporation) "rpcss" = RpcSs [binary data] "LocalServiceNetworkRestricted" = AudioSrvBthHFSrvLmHostswscsvcWPCSvc [binary data] "LocalServiceAndNoImpersonation" = SSDPSRVupnphostSCardSvrTBSQWAVEwcncsvc [binary data] "DcomLaunch" = PowerPlugPlayDcomLaunch [binary data] "NetworkService" = CryptSvcDHCPTermServiceDNSCache [Binary data over 200 bytes] "imgsvc" = StiSvc [binary data] "wcssvc" = WcsPlugInService [binary data] -- [2009.07.14 03:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) "Update-Service-Installer-Service" = Update-Service-Installer-Service [binary data] "Update-Service" = Update-Service [binary data] "iissvcs" = w3svcwas [binary data] "apphost" = apphostsvc [binary data] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\iissvcs] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalService] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNoNetwork] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\netsvcs] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkService] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopHyperVAgent] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopPublishing] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wcssvc] < HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost /64 > "RPCSS" = RpcEptMapperRpcSs [binary data] "defragsvc" = C:\Windows\SysNative\defragsvc.dll -- [2009.07.14 03:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) "LocalSystemNetworkRestricted" = UxSmsWdiSystemHostNetmantrkwks [Binary data over 200 bytes] "LocalService" = nsiWdiServiceHostw32timeEventSy [Binary data over 200 bytes] "netsvcs" = AeLookupSvcCertPropSvcSCPolicySv [Binary data over 200 bytes] "WerSvcGroup" = C:\Windows\SysNative\wersvc.dll -- [2009.07.14 03:41:56 | 000,076,800 | ---- | M] (Microsoft Corporation) "LocalServiceNoNetwork" = DPSPLABFEmpssvcWwanSvc [binary data] "termsvcs" = TermService [binary data] "swprv" = C:\Windows\SysNative\swprv.dll -- [2009.07.14 03:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) "LocalServiceNetworkRestricted" = DHCPeventlogAudioSrvBthHFSrvLm [Binary data over 200 bytes] "LocalServicePeerNet" = PNRPSvcp2pimsvcp2psvcPnrpAutoReg [binary data] "NetworkServiceAndNoImpersonation" = KtmRm [binary data] "regsvc" = RemoteRegistry [binary data] "LocalServiceAndNoImpersonation" = SSDPSRVupnphostSCardSvrTBSfdre [Binary data over 200 bytes] "DcomLaunch" = PowerPlugPlayDcomLaunch [binary data] "NetworkServiceNetworkRestricted" = PolicyAgent [binary data] "NetworkService" = CryptSvcDHCPTermServiceDNSCache [Binary data over 200 bytes] "sdrsvc" = C:\Windows\SysNative\sdrsvc.dll -- [2010.11.20 15:27:26 | 000,170,496 | ---- | M] (Microsoft Corporation) "WbioSvcGroup" = C:\Windows\SysNative\WbioSrvc.dll -- [2009.07.14 03:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) "imgsvc" = StiSvc [binary data] "wcssvc" = C:\Windows\SysNative\WcsPlugInService.dll -- [2009.07.14 03:41:56 | 000,040,960 | ---- | M] (Microsoft Corporation) "AxInstSVGroup" = C:\Windows\SysNative\AxInstSV.dll -- [2010.11.20 15:25:46 | 000,114,688 | ---- | M] (Microsoft Corporation) "secsvcs" = WinDefend [binary data] "bthsvcs" = C:\Windows\SysNative\bthserv.dll -- [2009.07.14 03:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) "iissvcs" = w3svcwas [binary data] "apphost" = apphostsvc [binary data] "GPSvcGroup" = C:\Windows\SysNative\GPSvc.dll -- [2010.11.20 15:26:30 | 000,777,728 | ---- | M] (Microsoft Corporation) 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\AxInstSVGroup] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\defragsvc] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\GPSvcGroup] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\iissvcs] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalService] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNoNetwork] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\netsvcs] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkService] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopHyperVAgent] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopPublishing] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\SDRSVC] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\swprv] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wcssvc] 64bit: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wercplsupport] < HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com > < HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com /64 > 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com\UpdateClient] < %SystemRoot%\system32\*.tsp > [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp [2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp [2010.11.20 14:16:54 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp < %SystemRoot%\system32\*.tsp /64 > [2009.07.14 03:38:54 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hidphone.tsp [2009.07.14 03:38:54 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kmddsp.tsp [2009.07.14 03:38:54 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ndptsp.tsp [2009.07.14 03:38:54 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\remotesp.tsp [2010.11.20 15:24:26 | 000,321,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp < C:\Windows\system32\*.dll /800 > [2012.08.23 13:15:57 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\aaclient.dll [2014.03.04 11:17:05 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\adprovider.dll [2013.08.29 03:48:17 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\advapi32.dll [2013.08.02 03:48:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll [2013.08.02 03:48:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll [2013.08.02 03:48:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll [2013.08.02 03:48:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll [2013.08.02 03:48:15 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll [2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll [2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll [2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll [2013.08.02 03:48:15 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll [2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll [2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll [2013.08.02 02:43:05 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll [2013.08.02 02:43:05 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll [2013.08.02 02:43:05 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll [2013.01.13 23:16:42 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.01.13 23:12:46 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.01.13 23:17:02 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.01.13 23:11:08 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.01.13 23:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.01.13 23:17:03 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.01.13 23:11:07 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.01.13 23:11:21 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll [2013.01.13 23:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll [2013.08.02 02:43:05 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll [2013.08.02 03:48:15 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\apisetschema.dll [2013.09.11 22:21:54 | 000,028,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\aspnet_counters.dll [2013.06.06 05:01:38 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\atmfd.dll [2013.06.06 05:01:26 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\system32\atmlib.dll [2014.06.03 11:29:40 | 001,805,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\authui.dll [2013.12.10 19:43:18 | 000,022,328 | ---- | M] (TuneUp Software) -- C:\Windows\system32\authuitu.dll [2012.07.04 23:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\browcli.dll [2014.03.04 11:17:06 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\capiprovider.dll [2013.05.13 05:08:06 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\certenc.dll [2014.03.04 11:17:07 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cngprovider.dll [2013.07.04 13:50:56 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\comctl32.dll [2014.05.30 09:52:30 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\credssp.dll [2013.10.04 03:56:25 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\credui.dll [2013.10.05 21:57:25 | 001,168,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\crypt32.dll [2013.05.10 05:20:54 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptdlg.dll [2013.07.09 06:46:31 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptnet.dll [2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptsvc.dll [2013.11.26 10:16:50 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d2d1.dll [2013.01.13 21:46:25 | 001,080,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10.dll [2013.01.13 22:08:43 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10core.dll [2013.01.13 21:54:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10level9.dll [2013.12.25 01:09:41 | 001,987,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10warp.dll [2013.01.13 21:48:47 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10_1.dll [2013.01.13 22:09:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10_1core.dll [2013.04.26 01:30:32 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d11.dll [2013.07.04 13:51:04 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\davclnt.dll [2013.06.06 06:50:56 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dciman32.dll [2012.10.09 19:40:31 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dhcpcore6.dll [2012.10.09 19:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dhcpcsvc6.dll [2014.03.04 11:17:08 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dimsroam.dll [2014.03.04 11:17:08 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpapiprovider.dll [2012.11.02 07:11:31 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpnet.dll [2013.04.10 01:34:01 | 001,247,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DWrite.dll [2013.01.13 22:20:31 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxgi.dll [2014.07.25 13:52:19 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll [2014.07.25 13:29:33 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll [2013.11.20 07:59:39 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\elshyph.dll [2013.06.06 06:51:29 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fontsub.dll [2013.10.12 04:01:25 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FWPUCLNT.DLL [2012.12.07 14:20:43 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gameux.dll [2014.07.16 04:46:24 | 000,311,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gdi32.dll [2012.08.21 14:01:20 | 000,106,928 | ---- | M] (GEAR Software Inc.) -- C:\Windows\system32\GEARAspi.dll [2013.11.20 07:59:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll [2014.07.01 00:14:53 | 000,008,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardres.dll [2013.11.20 07:59:28 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll [2014.07.25 12:09:19 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll [2014.08.01 01:16:34 | 000,307,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll [2014.07.25 14:33:08 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieetwproxystub.dll [2014.07.25 13:03:13 | 011,772,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll [2013.11.20 07:59:28 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll [2014.07.25 14:17:33 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll [2014.07.25 14:21:28 | 002,184,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll [2014.07.25 14:34:49 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll [2013.11.20 07:59:28 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll [2014.07.25 14:12:35 | 000,438,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll [2013.10.19 03:36:59 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imagehlp.dll [2013.11.20 07:59:28 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll [2014.03.09 23:47:43 | 000,099,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\infocardapi.dll [2013.11.20 07:59:28 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll [2014.02.04 04:00:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iologmsg.dll [2014.07.25 13:43:16 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\JavaScriptCollectionAgent.dll [2013.11.20 07:59:28 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll [2014.07.25 14:06:47 | 004,204,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll [2014.07.25 14:08:47 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9diag.dll [2013.11.20 07:59:28 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsIntl.dll [2014.07.25 14:18:49 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll [2014.07.09 03:31:41 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDBASH.DLL [2014.07.09 03:31:42 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDRU.DLL [2014.07.09 03:31:42 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDRU1.DLL [2014.07.09 03:31:42 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDTAT.DLL [2014.07.09 03:31:42 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDYAK.DLL [2014.05.30 09:52:36 | 000,550,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kerberos.dll [2014.03.04 11:16:17 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kernel32.dll [2014.03.04 11:16:18 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KernelBase.dll [2013.11.20 07:59:28 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll [2013.06.06 06:57:01 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\lpk.dll [2013.12.04 04:02:06 | 000,390,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msdrm.dll [2014.07.25 13:13:12 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll [2013.11.20 07:59:28 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll [2014.07.25 15:51:14 | 017,524,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll [2014.07.25 14:30:32 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MshtmlDac.dll [2014.07.25 13:34:04 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll [2013.11.20 07:59:28 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll [2014.07.25 13:07:10 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmlmedia.dll [2014.06.03 11:29:50 | 002,363,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msi.dll [2013.10.30 04:19:52 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msieftp.dll [2014.06.03 11:29:50 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msihnd.dll [2013.11.20 07:59:28 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll [2013.01.04 08:11:21 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msmpeg2vdec.dll [2014.07.25 13:36:30 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll [2012.08.23 15:47:20 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MsRdpWebAccess.dll [2012.08.23 10:19:01 | 004,916,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mstscax.dll [2014.05.30 09:52:40 | 000,259,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msv1_0.dll [2013.09.11 22:21:54 | 000,501,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcp110_clr0400.dll [2013.09.11 22:21:54 | 000,018,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcr100_clr0400.dll [2013.09.11 22:21:54 | 000,863,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcr110_clr0400.dll [2013.09.08 04:03:58 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mswsock.dll [2014.03.26 16:27:50 | 001,237,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml3.dll [2014.03.26 16:25:14 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml3r.dll [2014.03.26 16:27:50 | 001,389,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml6.dll [2014.03.26 16:25:14 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml6r.dll [2014.05.30 09:52:41 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncrypt.dll [2012.10.03 18:42:23 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncsi.dll [2012.07.04 23:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netapi32.dll [2012.10.03 18:42:24 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netcorehc.dll [2012.10.03 18:42:24 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netevent.dll [2013.10.12 04:03:08 | 000,656,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nshwfp.dll [2013.08.29 03:50:30 | 001,292,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntdll.dll [2014.03.04 11:17:19 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntvdm64.dll [2014.03.04 11:17:19 | 000,538,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\objsel.dll [2013.11.20 07:59:28 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll [2013.11.20 07:59:28 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll [2013.07.20 12:33:12 | 000,102,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll [2014.06.06 11:44:17 | 000,509,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qedit.dll [2012.08.23 13:12:17 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpendp_winip.dll [2014.07.14 03:40:58 | 000,664,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rpcrt4.dll [2014.05.30 09:52:45 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\schannel.dll [2013.10.12 04:03:31 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scrrun.dll [2013.12.04 04:03:08 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secproc.dll [2013.12.04 04:03:20 | 000,423,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secproc_isv.dll [2013.12.04 04:03:20 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secproc_ssp.dll [2013.12.04 04:03:20 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secproc_ssp_isv.dll [2014.06.05 16:26:58 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secur32.dll [2013.06.26 19:21:46 | 001,130,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sftldr_wow64.dll [2013.07.26 03:55:59 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shdocvw.dll [2014.06.25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shell32.dll [2013.10.04 03:58:50 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SmartcardCredentialProvider.dll [2014.06.05 16:25:49 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sspicli.dll [2012.09.26 00:47:43 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\synceng.dll [2013.08.29 03:50:16 | 000,619,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tdh.dll [2012.08.23 15:18:14 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tsgqec.dll [2014.05.30 09:52:49 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TSpkg.dll [2014.07.16 04:46:02 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tzres.dll [2013.01.13 21:53:14 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\UIAnimation.dll [2013.11.20 07:59:28 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll [2014.07.25 12:00:43 | 001,169,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll [2014.04.25 04:06:17 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\usp10.dll [2013.12.10 19:43:18 | 000,030,520 | ---- | M] (TuneUp Software) -- C:\Windows\system32\uxtuneup.dll [2014.07.25 14:34:03 | 000,455,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll [2013.12.23 21:17:20 | 001,490,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WdfCoInstaller01007.dll [2014.05.30 09:52:51 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wdigest.dll [2013.11.20 07:59:28 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll [2013.07.04 13:57:28 | 000,205,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WebClnt.dll [2014.01.29 04:06:47 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wer.dll [2013.04.26 06:55:21 | 000,492,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32spl.dll [2014.03.04 11:17:38 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wincredprovider.dll [2014.02.04 04:04:22 | 001,230,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WindowsCodecs.dll [2013.01.13 21:53:58 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WindowsCodecsExt.dll [2014.07.25 12:05:23 | 001,792,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll [2013.07.09 06:52:10 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wintrust.dll [2012.08.23 15:46:20 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wksprtPS.dll [2013.05.10 06:56:08 | 011,410,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmp.dll [2013.11.23 20:26:20 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMPhoto.dll [2013.05.10 06:56:15 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmploc.DLL [2013.07.25 10:57:27 | 001,620,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMVDECOD.DLL [2014.03.04 11:16:18 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wow32.dll [2012.12.07 14:26:17 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Wpc.dll [2014.05.14 18:23:38 | 000,581,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wuapi.dll [2014.05.14 18:17:10 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wudriver.dll [2014.05.14 18:23:42 | 000,036,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wups.dll [2014.05.14 09:23:04 | 000,179,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wuwebv.dll [2013.01.13 20:34:58 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XpsGdiConverter.dll [2013.01.13 19:26:42 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XpsPrint.dll [2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2009.07.14 07:08:49 | 000,032,640 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT < C:\Windows\system32\*.dll /800 /64 > [2012.08.23 12:54:24 | 000,322,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2014.03.04 11:43:55 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll [2013.08.29 04:13:28 | 000,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll [2014.08.07 04:01:34 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll [2014.08.07 04:06:41 | 000,529,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll [2013.08.02 04:12:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013.08.02 04:12:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013.08.02 04:12:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013.08.02 04:12:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013.08.02 04:12:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013.08.02 04:12:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013.08.02 04:12:18 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013.08.02 04:12:19 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013.08.02 04:12:19 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013.08.02 04:12:19 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.08.02 04:12:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013.08.02 04:12:20 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013.08.02 04:12:20 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013.08.02 04:12:20 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013.08.02 04:12:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013.08.02 04:12:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013.01.13 22:35:18 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.01.13 22:32:07 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.01.13 22:35:31 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.01.13 22:31:41 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.01.13 22:31:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.01.13 22:35:31 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.01.13 22:31:40 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.01.13 22:31:48 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013.01.13 22:31:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013.08.02 04:12:20 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013.08.02 04:12:20 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll [2013.02.27 07:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appinfo.dll [2013.09.11 20:39:06 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aspnet_counters.dll [2013.06.06 05:30:53 | 000,368,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2013.06.06 07:47:21 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2014.06.03 12:02:12 | 001,941,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013.12.10 19:43:18 | 000,026,936 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2012.07.05 00:13:27 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012.07.05 00:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browser.dll [2014.03.04 11:43:55 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll [2013.01.23 10:31:52 | 000,166,912 | ---- | M] (Nokia) -- C:\Windows\SysNative\ccdcmbwux64.dll [2013.05.13 07:50:40 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll [2014.03.04 11:43:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll [2013.07.04 14:50:39 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll [2014.05.30 10:08:31 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\credssp.dll [2013.10.04 04:25:17 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll [2013.10.05 22:25:35 | 001,474,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2013.05.10 07:49:27 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll [2013.07.09 07:46:20 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsvc.dll [2013.08.02 04:12:47 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2013.11.23 00:48:21 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013.01.13 21:20:04 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013.01.13 21:38:21 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013.01.13 21:24:33 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013.12.25 00:48:32 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013.01.13 21:20:42 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013.01.13 21:38:39 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013.04.01 00:52:16 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013.07.04 14:50:46 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll [2013.06.06 07:49:07 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll [2012.10.09 20:17:13 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2012.10.09 20:17:13 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2014.03.04 11:43:56 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll [2014.03.04 11:43:56 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll [2012.11.02 07:59:11 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2013.04.03 00:51:57 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013.01.13 21:49:17 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2014.07.25 14:40:12 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2014.07.25 14:10:53 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.11.20 07:59:28 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.01.13 21:58:28 | 001,175,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FntCache.dll [2013.06.06 07:49:52 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2013.10.12 04:29:08 | 000,324,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL [2012.12.07 15:15:31 | 002,746,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2014.07.16 05:25:04 | 000,404,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll [2012.08.21 14:01:20 | 000,125,872 | ---- | M] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll [2013.11.20 07:59:28 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2014.07.01 00:24:50 | 000,008,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll [2013.11.20 07:59:28 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2014.07.25 12:17:47 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2014.08.01 01:41:41 | 000,348,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll [2014.07.25 16:01:41 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2014.07.25 15:28:35 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2014.07.25 13:23:30 | 013,547,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll [2013.11.20 07:59:27 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2014.07.25 15:10:00 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2014.07.25 15:25:32 | 002,774,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll [2014.07.25 15:30:30 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.11.20 07:59:28 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2014.07.25 15:03:50 | 000,598,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.10.12 04:29:21 | 000,859,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IKEEXT.DLL [2013.10.19 04:18:57 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2013.11.20 07:59:27 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2014.03.09 23:48:52 | 000,171,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll [2013.11.20 07:59:27 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2014.02.04 04:28:36 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll [2012.10.03 19:42:16 | 000,569,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iphlpsvc.dll [2014.07.25 14:28:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2013.11.20 07:59:27 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2014.07.25 14:28:15 | 005,824,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2014.07.25 14:59:28 | 000,758,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2013.11.20 07:59:28 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll [2014.07.25 15:11:32 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll [2014.07.09 04:03:22 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL [2014.07.09 04:03:23 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU.DLL [2014.07.09 04:03:23 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU1.DLL [2014.07.09 04:03:23 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAT.DLL [2014.07.09 04:03:23 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDYAK.DLL [2014.05.30 10:08:36 | 000,728,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kerberos.dll [2014.03.04 11:44:00 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2014.03.04 11:44:00 | 000,424,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013.11.20 07:59:27 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.06.06 07:50:51 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll [2014.06.05 16:45:15 | 001,460,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2013.04.01 08:03:35 | 000,078,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_AuthenticAMD.dll [2013.12.04 04:26:32 | 000,528,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll [2014.07.25 13:47:50 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.11.20 07:59:28 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll [2014.07.25 16:52:04 | 023,645,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll [2014.07.25 15:25:45 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2014.07.25 14:17:26 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.11.20 07:59:28 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2014.07.25 13:39:25 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2014.06.03 12:02:21 | 003,241,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2013.10.30 04:32:01 | 000,335,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll [2014.06.03 12:02:21 | 000,504,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll [2013.11.20 07:59:28 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.01.04 08:11:13 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2014.07.25 14:19:18 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2012.08.23 15:20:40 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll [2012.08.23 10:13:07 | 005,773,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2014.05.30 10:08:41 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msv1_0.dll [2013.09.11 20:39:06 | 000,614,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp110_clr0400.dll [2013.09.11 20:39:06 | 000,018,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100_clr0400.dll [2013.09.11 20:39:06 | 000,855,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr110_clr0400.dll [2013.09.08 04:27:14 | 000,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mswsock.dll [2014.03.26 16:44:48 | 001,882,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3.dll [2014.03.26 16:41:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2014.03.26 16:44:48 | 002,002,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6.dll [2014.03.26 16:41:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll [2014.05.30 10:08:41 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.10.03 19:44:16 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2012.07.05 00:16:43 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2012.10.03 19:44:17 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll [2012.10.03 19:44:17 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll [2012.10.03 19:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nlaapi.dll [2012.10.03 19:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nlasvc.dll [2013.01.23 10:31:52 | 000,057,856 | ---- | M] (Nokia) -- C:\Windows\SysNative\nmwcdclsX64.dll [2013.01.23 10:31:52 | 000,074,752 | ---- | M] (Nokia) -- C:\Windows\SysNative\nmwcdcoclsx64.dll [2013.10.12 04:30:42 | 000,830,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll [2013.08.29 04:16:35 | 001,732,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2014.03.04 11:44:03 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2014.03.04 11:44:03 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll [2013.11.20 07:59:27 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.11.20 07:59:27 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.07.20 12:33:08 | 000,124,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll [2014.06.06 12:10:34 | 000,624,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll [2014.05.08 11:32:11 | 003,178,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2012.08.23 12:51:14 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll [2014.05.08 11:32:11 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll [2012.08.23 16:13:11 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2014.07.14 04:02:45 | 001,216,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll [2013.08.28 03:12:33 | 000,461,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll [2014.05.30 10:08:47 | 000,340,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\schannel.dll [2013.10.12 04:31:04 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll [2013.12.04 04:27:16 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll [2013.12.04 04:27:33 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll [2013.12.04 04:27:33 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll [2013.12.04 04:27:33 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll [2014.04.12 04:19:37 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2013.06.26 19:21:46 | 001,777,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sftldr.dll [2013.07.26 04:24:56 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2014.06.25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\shell32.dll [2013.10.04 04:28:31 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll [2014.04.12 04:19:38 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2014.04.12 04:19:38 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012.09.26 00:46:17 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [2013.08.29 04:16:14 | 000,859,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll [2012.08.23 14:52:53 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2014.05.30 10:08:49 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TSpkg.dll [2012.08.23 15:06:58 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2012.08.23 15:40:56 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2014.07.16 05:23:41 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tzres.dll [2013.01.13 21:24:30 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013.11.20 07:59:28 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2014.07.25 12:26:58 | 001,431,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll [2014.04.25 04:34:59 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013.12.10 19:43:18 | 000,038,200 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2014.07.25 15:28:27 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.07.26 04:36:08 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2014.05.30 10:08:52 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wdigest.dll [2013.11.20 07:59:27 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webcheck.dll [2013.07.04 14:57:22 | 000,259,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WebClnt.dll [2014.01.29 04:32:18 | 000,484,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll [2013.04.26 07:51:36 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2014.03.04 11:44:20 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll [2014.02.04 04:32:22 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.01.13 21:25:04 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2014.07.25 12:52:06 | 002,266,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll [2013.08.02 04:14:57 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013.07.09 07:52:52 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012.08.23 15:17:54 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll [2013.05.10 07:56:33 | 014,631,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll [2013.11.23 19:47:34 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013.05.10 07:56:40 | 012,625,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL [2013.07.25 11:25:54 | 001,888,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2014.03.04 11:44:21 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2014.03.04 11:44:21 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2014.03.04 11:44:21 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012.12.07 15:20:16 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2014.05.14 18:23:38 | 000,700,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2014.05.14 18:23:46 | 002,477,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuaueng.dll [2014.05.14 18:21:04 | 002,620,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012.07.26 05:08:14 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2012.07.26 05:08:14 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2012.07.26 05:08:14 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFSvc.dll [2012.07.26 05:08:14 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2014.05.14 18:20:45 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2014.05.14 18:23:52 | 000,038,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2014.05.14 18:23:47 | 000,044,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2014.05.14 09:23:04 | 000,198,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2013.03.19 07:53:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2014.01.28 04:32:46 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwansvc.dll [2013.01.13 20:09:52 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013.01.13 19:05:09 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 240 bytes -> C:\ProgramData\Temp:0BBF232A @Alternate Data Stream - 235 bytes -> C:\ProgramData\Temp:2339C9FD < End of report > |
|
24.08.2014, 09:44
| #18 |
| | Browser verliert Verbindung zum NetzCode:
ATTFilter OTL Extras logfile created on: 23.08.2014 23:14:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Fledermausi\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 5,79 Gb Available Physical Memory | 72,52% Memory free
13,98 Gb Paging File | 11,51 Gb Available in Paging File | 82,38% Paging File free
Paging file location(s): C:\pagefile.sys 6142 6142 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200,28 Gb Total Space | 120,24 Gb Free Space | 60,04% Space Free | Partition Type: NTFS
Drive D: | 240,48 Gb Total Space | 240,35 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
Computer Name: PC | User Name: Fledermausi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{197605C0-7DBF-4455-9660-A51DCC96FF7C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{24DEBD69-7F44-4A10-B925-9E68E6EE45EA}" = lport=138 | protocol=17 | dir=in | app=system |
"{2845A796-2BC6-4448-A5E6-EEC4911CB8BE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2B4F7EF5-7541-465E-A0D2-692042562CD8}" = rport=139 | protocol=6 | dir=out | app=system |
"{2BB12D37-6A06-44F7-A3C4-0614CC899BE3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3706E249-E95F-411E-8318-4BE8C4F16E98}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3ABB2E71-E73C-4458-8E4A-CE36809D236C}" = lport=139 | protocol=6 | dir=in | app=system |
"{3AF83777-0503-4804-ACBC-0DD872EA27F9}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{42CFAA97-D7DE-4F6F-84E7-024E48B51921}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{49D8655B-A4CA-464A-AA6E-282E60B6ED90}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary |
"{583F9218-19BD-4984-B01B-7E6E49C7ABB4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6A4A011A-D1FF-46AB-9506-283253646CA2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{6EA5C6C7-7A00-41AF-9C2A-67594A5703BE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6F92DD61-2CB2-480B-9C2F-7539C24B1E73}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6FF48A32-AED0-4D72-8200-71DE71C07F28}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{71F15A49-EF21-4543-96E9-32CA10863315}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{72A4AA98-93C1-4D83-968D-4557E42CCA52}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{89F0DF14-0523-4E95-94FA-5DD70B599650}" = rport=10243 | protocol=6 | dir=out | app=system |
"{90245CF3-6C1D-4618-AC3B-A2FF94213027}" = lport=2869 | protocol=6 | dir=in | app=system |
"{912B23F7-09D8-4D73-A532-F84486DA188E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9B5684C9-E88E-4031-912F-4177A10F9D9D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9B9C9544-1CCF-4B54-A57A-64B2A3E5FD83}" = lport=445 | protocol=6 | dir=in | app=system |
"{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary |
"{AB86B5EC-F9DC-4EC5-88AE-D7495EDEC442}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B2805406-F995-40A1-B38D-7D2DAE9EDDEC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B827E1C7-5A7A-484C-9653-2FE388A8B888}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{C0CF5121-031F-4C38-8F74-7270F2ABCE25}" = rport=137 | protocol=17 | dir=out | app=system |
"{C20808B0-D719-49C5-9F77-6AAD917EAF8C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C489B40B-4726-4E94-B644-55116F95FF9B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D4BA4959-A7D0-45F9-AB7F-9FEDD115B884}" = rport=445 | protocol=6 | dir=out | app=system |
"{D786485F-E991-4292-8DA9-61956E0E7764}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E796B0D4-5872-475C-805F-CFCDF0278079}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EF692112-8753-45F7-82C0-75E67EA5ED65}" = lport=137 | protocol=17 | dir=in | app=system |
"{FDB0FB7B-4F19-490B-A0A2-FBC31E5E5EBB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FE670E5D-AD8D-4994-8D27-E4E8171C2CEA}" = rport=138 | protocol=17 | dir=out | app=system |
"{FEA623A3-C907-42BB-AFDB-B73D5024A8CA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0119A447-037F-4715-8CF9-92462043D28D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{088F1F2F-9406-489D-81A9-F3F203289C9A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0D34C0D2-08BE-4E37-97FC-FFCE687F625F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0F099630-2E39-442B-8801-F1A25B824A53}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1AD92EA6-42DF-4E26-AD17-CDCB74D677E1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2426A360-0249-4148-864B-19FF4A896197}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{25BDD843-A815-48A8-A216-66D065687049}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{265F878A-4168-4AF8-A139-90A0766B240B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{35DE46E8-45A2-4A1D-A128-0190DBDDD91E}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{3BC06B5B-58A9-4580-9B28-198232BEEFEE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3D45FFE2-C381-4859-91EB-FD645D9E1AC8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{40271D90-A418-46A2-B34B-40F1905E95A1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{50D76052-134E-46DB-AF8E-63827F883C0F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{58F9D68E-2653-470F-B556-7DF7314CC1CA}" = protocol=17 | dir=in | app=c:\program files (x86)\alditalkverbindungsassistent\alditalkverbindungsassistent.exe |
"{59DB5037-B489-454D-A210-E46549A7A613}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{61AD2680-BE69-43CC-81E4-A8E847EF7CC3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{685045E8-2960-485B-930F-DC048047978F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6F7FE735-E57D-4886-AB80-5E43A1A9BFBA}" = protocol=6 | dir=in | app=c:\program files (x86)\alditalkverbindungsassistent\alditalkverbindungsassistent.exe |
"{79F3D49F-1911-4488-B65A-144CDD3F8406}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7FD9979A-B12C-4E9F-A637-EEE0ED76F2AA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{80F913DC-0DDB-4B65-88D0-8D48AA744FFE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{90211805-1550-4099-8CC3-C68509E02FB3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{95B6F671-1808-4071-B73C-59FD9CB89F7D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{98C42DCF-DD85-490E-A417-CE371AC247E8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9F66C7EE-BF1D-4070-89CA-29FBB9F19BA7}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{AB14F042-7060-44AC-973C-E0FDD81975BA}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{AE0CE0ED-208E-478E-8D56-861D02DDC441}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B0710216-A5D4-48F0-A1EB-A1BAED68412C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B33C5BEF-CCCD-4186-B20A-B18FDC719E58}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B35B747B-112A-4117-9A11-F05CDCA80599}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B56C429C-3336-45E3-A0DB-8AABED101C36}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{C77A529C-04B6-4467-8AD9-5A0D280DB5F1}" = protocol=17 | dir=in | app=c:\users\fledermausi\appdata\local\google\chrome\application\chrome.exe |
"{CB34DAB9-F137-4F7C-9F5D-B6BDA93A6D79}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D40645BC-3B40-46BB-9A3B-15A6A8A41FEE}" = protocol=6 | dir=in | app=c:\program files (x86)\t-mobile internet manager 03\uimain.exe |
"{DD00C2DB-7A6B-494B-A3BD-40142AC0C629}" = protocol=17 | dir=in | app=c:\program files (x86)\t-mobile internet manager 03\uimain.exe |
"{E2FA3B14-405E-4CDE-9056-6EF1F0F6071B}" = protocol=6 | dir=out | app=system |
"{E3EF2C42-8EBF-4BD9-A8BB-A3D3A4EE6685}" = protocol=6 | dir=in | app=c:\users\fledermausi\appdata\local\google\chrome\application\chrome.exe |
"{E53D9717-ECAC-48EE-B0FE-4D79F2FED47A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E7DB733B-3441-43E5-A09A-EAFA597C162F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EA1B51C7-7BAD-4723-98C0-DF0A916E155F}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{F802ECA3-86BB-470B-9F3E-3D002E51F2F8}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0F696557-180C-4813-A754-5D43969B0691}" = Windows Live Family Safety
"{11D96381-C349-60F6-6E95-013D80B6B68B}" = AMD Fuel
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{169C77B7-69C9-4648-9DD0-72B152AF269F}" = Windows Live Family Safety
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C4C0E06-5E82-FEF7-7A35-6ED0FBA91307}" = AMD Media Foundation Decoders
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{289809B1-078A-49F3-83D0-7E51715B3915}" = Windows Live Family Safety
"{3946328A-5B3A-434C-A22B-64CF6652FBAD}" = Windows Live Family Safety
"{401C50F6-B443-43EE-8F27-A80DB19B03FD}" = Windows Live Family Safety
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7734509D-A1F7-4A5E-AF9D-77CD17AE41AF}" = Windows Live Family Safety
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{9210D7A2-DC28-43F6-92F9-E6CD4C729F7B}" = Windows Live Family Safety
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B22C8566-D522-4B40-A7AF-525F5A70D832}" = Windows Live Family Safety
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CB7935EF-43EE-4C0F-AC02-B0E4DD5DAC17}" = Windows Live Family Safety
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E17025A7-39B6-375E-8F1E-20637D19549C}" = AMD Catalyst Install Manager
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"{FE4BE0BD-1EDB-4D24-9614-847B3C472887}" = Windows Live Family Safety
"{FF91D913-0F96-E8B4-7F24-138D64AEE63A}" = ccc-utility64
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"Elantech" = ETDWare PS/2-X64 8.0.5.1_WHQL
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{122833F6-D27B-4FF9-9243-D30964E2E7DF}" = Internet Explorer
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A10EA04-AF48-AB19-DE2B-0F7ABF174B22}" = CCC Help Finnish
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1AC6E8CB-B022-A7E1-66DA-E063B6CEC373}" = CCC Help Polish
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373274-977E-413C-A4DE-DC0F8E80C429}" = Nokia Connectivity Cable Driver
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{29AFBD5C-71A8-DA79-508C-53E040EE3E71}" = CCC Help Italian
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36BFE02C-3247-EC65-5B79-C31CA8A2EA6B}" = CCC Help Chinese Traditional
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3993DD42-0739-7DCB-CB1E-512A1D0287B6}" = CCC Help Portuguese
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D06DD4B-2D97-CB62-1639-66995969E0F7}" = CCC Help Chinese Standard
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{40D1F76D-FD54-6FF9-8A83-E2B6849FF755}" = CCC Help Korean
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4C699616-D8EA-9E2F-0246-68E0298A9081}" = CCC Help German
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{50B8CA72-98FD-21A1-3448-601998D44C1D}" = CCC Help Swedish
"{55C6CD22-E3A4-4937-CFFB-C7E11FA6A5A3}" = CCC Help Dutch
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{56050D82-138B-D911-CE56-DC4783CAA22C}" = CCC Help English
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{615AA928-1427-735E-C728-55AF614CD3DA}" = Catalyst Control Center Profiles Mobile
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{62D16CB8-4DD5-0314-2AD7-C3C2BCADC234}" = CCC Help Thai
"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69424C7F-B6CA-8786-E0CA-89D5915C9486}" = CCC Help Turkish
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E5E0E1B-FADA-9749-80F6-03A0A7967FEC}" = CCC Help Danish
"{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71296ABE-826A-2D27-9FD0-503F39A4D7ED}" = CCC Help Japanese
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8150221C-8F7E-4997-AD4E-AFDEE7F4B410}" = Wireless Console 3
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A11EFE0E-A256-C423-223F-4808E88024DB}" = CCC Help Greek
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9868A83-9D72-2F2D-F549-A5BD46891987}" = CCC Help Norwegian
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = T-Mobile Internet Manager 03
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2A07D8D-71DB-4929-9154-2D8A198F0FDA}" = CCC Help Spanish
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C10C5955-9E14-A895-BF90-29388B133FEA}" = CCC Help Russian
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C9440B47-2604-44EC-DA52-46DB4FA946ED}" = CCC Help French
"{CA234488-A4E4-FE20-DEF4-D68C43ACACA2}" = CCC Help Czech
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}" = Atheros Client Installation Program
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DA9FD67B-0AAF-C83D-E2AC-C7D296FA0FE4}" = Catalyst Control Center Localization All
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE6698C9-53D4-67FB-2A2B-67CB1DEF89E5}" = AMD VISION Engine Control Center
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EDB188F5-D8E8-42EE-89E0-F212DA48CB81}" = Nokia Suite
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F8857969-C550-C462-1785-DB5523AE133C}" = CCC Help Hungarian
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FDB51A10-A57D-29AB-90D1-3EEE29BD388F}" = Catalyst Control Center InstallProxy
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"ALDITALKVerbindungsassistent" = ALDI TALK Verbindungsassistent
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"Asus Vibe2.0" = AsusVibe2.0
"BFGC" = Big Fish Games: Game Manager
"BFG-Phantasmat" = Phantasmat
"BFG-Phantasmat - Eisiger Gipfel" = Phantasmat: Eisiger Gipfel
"DivX Setup" = DivX-Setup
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.0.2.1012
"Mozilla Firefox 31.0 (x86 de)" = Mozilla Firefox 31.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"Tweaking.com - Windows Repair (All in One)" = Tweaking.com - Windows Repair (All in One)
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Video Player" = Video Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 20.08.2014 01:14:43 | Computer Name = PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Fledermausi\Desktop\esetsmartinstaller_deu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 20.08.2014 01:14:44 | Computer Name = PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Fledermausi\Desktop\esetsmartinstaller_deu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 20.08.2014 14:50:00 | Computer Name = PC | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed:
Error - 20.08.2014 14:50:59 | Computer Name = PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Fledermausi\Desktop\esetsmartinstaller_deu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 20.08.2014 14:51:01 | Computer Name = PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Fledermausi\Desktop\esetsmartinstaller_deu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 20.08.2014 14:51:26 | Computer Name = PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Fledermausi\Desktop\esetsmartinstaller_deu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 21.08.2014 00:19:11 | Computer Name = PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 21.08.2014 03:23:44 | Computer Name = PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\Users\fledermausi\Desktop\esetsmartinstaller_deu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 22.08.2014 01:01:40 | Computer Name = PC | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed:
Error - 22.08.2014 01:05:41 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5310,
Zeitstempel: 0x53c75e91 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247,
Zeitstempel: 0x521ea8e7 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce753 ID des fehlerhaften
Prozesses: 0xb08 Startzeit der fehlerhaften Anwendung: 0x01cfbd839a06c38e Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: f5fbc4aa-29b9-11e4-98ce-14dae9e918f8
[ System Events ]
Error - 18.08.2014 03:20:37 | Computer Name = PC | Source = DCOM | ID = 10010
Description =
Error - 18.08.2014 03:20:37 | Computer Name = PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection erreicht.
Error - 18.08.2014 11:02:03 | Computer Name = PC | Source = DCOM | ID = 10010
Description =
Error - 21.08.2014 17:01:59 | Computer Name = PC | Source = DCOM | ID = 10010
Description =
< End of report >
|
|
24.08.2014, 10:26
| #19 |
| /// the machine /// TB-Ausbilder    | Browser verliert Verbindung zum NetzFixen mit OTL
Code:
ATTFilter :reg
[HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers]
"ProviderFilename4"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
"Update-Service-Installer-Service"=-
"Update-Service" ==-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com]
:files
C:\Windows\system32\xptzw7u9.tsp
C:\Windows\SysNative\xptzw7u9.tsp
C:\Windows\System32\d3dysi3ti.dll
C:\Windows\SysWOW64\d3dysi3ti.dll
Frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.08.2014, 16:39
| #20 |
| | Browser verliert Verbindung zum NetzCode:
ATTFilter ========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers\\ProviderFilename4 not found.
Registry value HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\\Update-Service-Installer-Service deleted successfully.
Registry value HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\\Update-Service deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com\ not found.
========== FILES ==========
File\Folder C:\Windows\system32\xptzw7u9.tsp not found.
File\Folder C:\Windows\SysNative\xptzw7u9.tsp not found.
C:\Windows\System32\d3dysi3ti.dll moved successfully.
File\Folder C:\Windows\SysWOW64\d3dysi3ti.dll not found.
OTL by OldTimer - Version 3.2.69.0 log created on 08252014_164631
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 03
Ran by Fledermausi (administrator) on PC on 25-08-2014 16:48:41
Running from C:\Users\Fledermausi\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
() C:\Program Files (x86)\T-Mobile Internet Manager 03\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [192520 2010-10-12] (Trend Micro Inc.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2278504 2011-10-14] (Realtek Semiconductor)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2255360 2011-06-10] (ASUS)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Fledermausi\AppData\Roaming\Mozilla\Firefox\Profiles\1y2ugmmk.default-1354467891266
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension [2011-04-13]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-04-04]
Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "hxxp://www.awesomehp.com/?type=hp&ts=1392644801&from=tugs&uid=ST9500325AS_S2W42XLMXXXXS2W42XLM"
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (YouTube) - C:\Users\Fledermausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-10]
CHR Extension: (Google-Suche) - C:\Users\Fledermausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-10]
CHR Extension: (Google Mail) - C:\Users\Fledermausi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-10]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2013-12-23] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-07-14] (Advanced Micro Devices, Inc.) [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488 2010-09-17] (Trend Micro Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2409272 2013-12-10] (TuneUp Software)
R2 UI Assistant Service; C:\Program Files (x86)\T-Mobile Internet Manager 03\AssistantServices.exe [241664 2009-03-30] () [File not signed]
S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [138752 2013-12-23] (Huawei Technologies Co., Ltd.)
S3 ewusbnet; C:\Windows\SysWOW64\DRIVERS\ewusbnet.sys [138752 2013-12-23] (Huawei Technologies Co., Ltd.)
S3 ew_hwusbdev; C:\Windows\SysWOW64\DRIVERS\ew_hwusbdev.sys [117248 2013-12-23] (Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [121600 2013-12-23] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-25 16:46 - 2014-08-25 16:46 - 00000000 ____D () C:\_OTL
2014-08-23 23:39 - 2014-08-23 23:39 - 00094146 _____ () C:\Users\Fledermausi\Desktop\Extras.Txt
2014-08-23 23:38 - 2014-08-23 23:38 - 00221904 _____ () C:\Users\Fledermausi\Desktop\OTL.Txt
2014-08-23 23:12 - 2014-08-23 23:12 - 00602112 _____ (OldTimer Tools) C:\Users\Fledermausi\Desktop\OTL.exe
2014-08-21 06:22 - 2014-08-21 06:22 - 00854417 _____ () C:\Users\Fledermausi\Desktop\SecurityCheck.exe
2014-08-20 07:14 - 2014-08-20 07:14 - 02347384 _____ (ESET) C:\Users\Fledermausi\Desktop\esetsmartinstaller_deu.exe
2014-08-17 22:38 - 2014-08-22 20:57 - 00044160 _____ () C:\Users\Fledermausi\Desktop\Addition.txt
2014-08-17 22:13 - 2014-08-25 16:50 - 00013520 _____ () C:\Users\Fledermausi\Desktop\FRST.txt
2014-08-17 22:12 - 2014-08-25 16:48 - 00000000 ____D () C:\Users\Fledermausi\Desktop\FRST-OlderVersion
2014-08-17 22:11 - 2014-08-17 22:11 - 00000631 _____ () C:\Users\Fledermausi\Desktop\JRT.txt
2014-08-17 18:05 - 2014-08-17 18:05 - 01016261 _____ (Thisisu) C:\Users\Fledermausi\Desktop\JRT.exe
2014-08-17 18:03 - 2014-08-17 18:03 - 00003533 _____ () C:\Users\Fledermausi\Desktop\AdwCleaner[S2].txt
2014-08-17 17:19 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-17 17:16 - 2014-08-17 17:17 - 01361671 _____ () C:\Users\Fledermausi\Desktop\adwcleaner_3.307.exe
2014-08-17 17:15 - 2014-08-17 17:15 - 00008974 _____ () C:\Users\Fledermausi\Desktop\mbam.txt
2014-08-17 16:08 - 2014-08-17 17:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-17 16:06 - 2014-08-17 16:06 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-17 16:06 - 2014-08-17 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-17 16:06 - 2014-08-17 16:06 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-17 16:06 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-17 16:06 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-17 16:06 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-17 16:05 - 2014-08-17 16:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Fledermausi\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-17 15:38 - 2014-08-17 15:38 - 00002161 _____ () C:\Users\Fledermausi\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-08-17 15:38 - 2014-08-17 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-08-17 15:38 - 2014-08-17 15:38 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-08-17 15:36 - 2014-08-17 15:37 - 09522632 _____ () C:\Users\Fledermausi\Desktop\tweaking.com_windows_repair_aio_setup.exe
2014-08-16 15:53 - 2014-08-16 15:53 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-08-15 22:52 - 2014-08-15 22:52 - 00002750 _____ () C:\Users\Fledermausi\Desktop\FSS.txt
2014-08-15 22:51 - 2014-08-15 22:51 - 00415232 _____ (Farbar) C:\Users\Fledermausi\Desktop\FSS.exe
2014-08-15 22:50 - 2014-08-15 22:50 - 00021641 _____ () C:\ComboFix.txt
2014-08-15 22:11 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-15 22:11 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-15 22:11 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-15 22:11 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-15 22:11 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-15 22:11 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-15 22:11 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-15 22:11 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-15 22:10 - 2014-08-15 22:50 - 00000000 ____D () C:\Qoobox
2014-08-15 22:09 - 2014-08-15 22:46 - 00000000 ____D () C:\Windows\erdnt
2014-08-15 22:07 - 2014-08-15 22:07 - 05571320 ____R (Swearware) C:\Users\Fledermausi\Desktop\ComboFix.exe
2014-08-15 21:59 - 2014-08-15 21:59 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-15 21:58 - 2014-08-15 21:58 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Fledermausi\Desktop\revosetup95.exe
2014-08-15 07:06 - 2014-08-15 07:15 - 00043076 _____ () C:\Users\Fledermausi\Desktop\Result.txt
2014-08-15 07:02 - 2014-08-15 07:02 - 00401920 _____ (Farbar) C:\Users\Fledermausi\Desktop\MiniToolBox.exe
2014-08-14 23:52 - 2014-08-14 23:52 - 02100224 _____ (Farbar) C:\Users\Fledermausi\Downloads\FRST64.exe
2014-08-14 09:14 - 2013-12-10 19:43 - 00038200 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2014-08-14 09:14 - 2013-12-10 19:43 - 00030520 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2014-08-14 09:11 - 2014-08-14 09:11 - 00000000 __SHD () C:\Users\Fledermausi\AppData\Local\EmieUserList
2014-08-14 09:11 - 2014-08-14 09:11 - 00000000 __SHD () C:\Users\Fledermausi\AppData\Local\EmieSiteList
2014-08-14 09:11 - 2013-12-10 19:43 - 00035640 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-08-14 09:11 - 2013-12-10 19:43 - 00026936 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-08-14 09:11 - 2013-12-10 19:43 - 00022328 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2014-08-14 09:10 - 2014-08-14 09:14 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2013
2014-08-14 09:10 - 2014-08-14 09:10 - 00002211 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2014-08-14 09:10 - 2014-08-14 09:10 - 00002203 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
2014-08-14 09:10 - 2014-08-14 09:10 - 00002191 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2014-08-14 09:10 - 2014-08-14 09:10 - 00000000 ____D () C:\Users\Fledermausi\AppData\Roaming\TuneUp Software
2014-08-14 09:10 - 2014-08-14 09:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
2014-08-14 09:09 - 2014-08-14 21:04 - 00000000 __SHD () C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2014-08-14 09:09 - 2014-08-14 09:14 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-08-14 09:07 - 2014-08-14 09:08 - 28181408 _____ (TuneUp Software) C:\Users\Fledermausi\Downloads\TuneUpUtilities2013_de-DE.exe
2014-08-13 21:09 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 21:09 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 21:09 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 21:09 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 21:09 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 21:09 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 21:08 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 21:08 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:43 - 2014-08-13 20:43 - 00244408 _____ () C:\Users\Fledermausi\Downloads\Firefox Setup Stub 31.0.exe
2014-08-13 08:20 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 08:20 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 08:20 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 08:20 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 08:20 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 08:20 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 08:20 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 08:20 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 08:20 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 08:20 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 08:20 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 08:20 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 08:20 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 08:20 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 08:20 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 08:20 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 08:20 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 08:20 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 08:20 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 08:20 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 08:20 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 08:20 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 08:20 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 08:20 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 08:20 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 08:20 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 08:20 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 08:20 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 08:20 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 08:20 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 08:20 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 08:20 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 08:20 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 08:20 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 08:20 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 08:20 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 08:20 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 08:20 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 08:20 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 08:20 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 08:20 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 08:20 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 08:20 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 08:20 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 08:19 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 08:19 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 08:19 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 08:19 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 08:19 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 08:19 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 08:19 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 08:19 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 08:19 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 08:19 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 08:19 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 08:19 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 08:16 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 08:16 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 08:16 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 08:16 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 08:16 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 08:16 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 08:16 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 08:16 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 08:16 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 08:16 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 08:16 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 08:16 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 08:11 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 08:11 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 08:11 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 08:11 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 08:11 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 08:11 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 08:11 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 08:10 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 08:02 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 08:02 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 07:59 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 07:59 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 07:54 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 07:54 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 07:51 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 07:51 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-13 07:51 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 07:39 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 07:39 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-02 18:32 - 2014-08-02 18:32 - 00275272 _____ () C:\Windows\Minidump\080214-42728-01.dmp
2014-08-02 10:15 - 2014-08-13 21:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-01 07:43 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 07:43 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 07:43 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 07:43 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 07:42 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 07:42 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-01 07:42 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 07:42 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-01 07:42 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 07:42 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-01 07:41 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 07:41 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-01 07:41 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-01 07:41 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-27 15:24 - 2014-07-27 15:24 - 00002091 _____ () C:\Users\Public\Desktop\Nokia Suite.lnk
2014-07-27 15:24 - 2014-07-27 15:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
2014-07-27 15:22 - 2014-07-27 15:22 - 00000000 ____D () C:\Program Files (x86)\PC Connectivity Solution
2014-07-27 15:22 - 2012-10-17 14:53 - 00026112 _____ (Nokia) C:\Windows\system32\Drivers\pccsmcfdx64.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-25 16:50 - 2014-08-17 22:13 - 00013520 _____ () C:\Users\Fledermausi\Desktop\FRST.txt
2014-08-25 16:48 - 2014-08-17 22:12 - 00000000 ____D () C:\Users\Fledermausi\Desktop\FRST-OlderVersion
2014-08-25 16:48 - 2013-12-21 22:52 - 02103296 _____ (Farbar) C:\Users\Fledermausi\Desktop\FRST64.exe
2014-08-25 16:48 - 2013-11-18 15:19 - 00000000 ____D () C:\FRST
2014-08-25 16:46 - 2014-08-25 16:46 - 00000000 ____D () C:\_OTL
2014-08-25 14:39 - 2011-11-02 02:00 - 01066645 _____ () C:\Windows\WindowsUpdate.log
2014-08-25 11:58 - 2009-07-14 06:51 - 00124377 _____ () C:\Windows\setupact.log
2014-08-25 10:52 - 2013-12-15 16:45 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{44ACDA38-7963-4853-9E46-5FFBC543F332}
2014-08-25 10:04 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-25 10:04 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-25 09:50 - 2011-02-19 06:24 - 00711546 _____ () C:\Windows\system32\perfh007.dat
2014-08-25 09:50 - 2011-02-19 06:24 - 00153736 _____ () C:\Windows\system32\perfc007.dat
2014-08-25 09:50 - 2009-07-14 07:13 - 01653200 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-24 22:52 - 2014-03-01 09:13 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-24 22:52 - 2014-03-01 09:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-24 18:31 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-23 23:39 - 2014-08-23 23:39 - 00094146 _____ () C:\Users\Fledermausi\Desktop\Extras.Txt
2014-08-23 23:38 - 2014-08-23 23:38 - 00221904 _____ () C:\Users\Fledermausi\Desktop\OTL.Txt
2014-08-23 23:12 - 2014-08-23 23:12 - 00602112 _____ (OldTimer Tools) C:\Users\Fledermausi\Desktop\OTL.exe
2014-08-22 20:57 - 2014-08-17 22:38 - 00044160 _____ () C:\Users\Fledermausi\Desktop\Addition.txt
2014-08-22 07:05 - 2012-01-06 23:17 - 00000000 ____D () C:\Users\Fledermausi\AppData\Local\CrashDumps
2014-08-21 23:03 - 2011-12-23 20:30 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-08-21 23:03 - 2011-04-13 03:39 - 00748432 _____ () C:\Windows\PFRO.log
2014-08-21 23:03 - 2009-07-14 06:45 - 00276600 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-21 09:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-21 06:22 - 2014-08-21 06:22 - 00854417 _____ () C:\Users\Fledermausi\Desktop\SecurityCheck.exe
2014-08-20 07:14 - 2014-08-20 07:14 - 02347384 _____ (ESET) C:\Users\Fledermausi\Desktop\esetsmartinstaller_deu.exe
2014-08-17 22:11 - 2014-08-17 22:11 - 00000631 _____ () C:\Users\Fledermausi\Desktop\JRT.txt
2014-08-17 18:05 - 2014-08-17 18:05 - 01016261 _____ (Thisisu) C:\Users\Fledermausi\Desktop\JRT.exe
2014-08-17 18:03 - 2014-08-17 18:03 - 00003533 _____ () C:\Users\Fledermausi\Desktop\AdwCleaner[S2].txt
2014-08-17 17:49 - 2013-11-17 21:07 - 00000000 ____D () C:\AdwCleaner
2014-08-17 17:49 - 2011-12-23 20:30 - 00000000 ____D () C:\Users\Fledermausi
2014-08-17 17:17 - 2014-08-17 17:16 - 01361671 _____ () C:\Users\Fledermausi\Desktop\adwcleaner_3.307.exe
2014-08-17 17:15 - 2014-08-17 17:15 - 00008974 _____ () C:\Users\Fledermausi\Desktop\mbam.txt
2014-08-17 17:11 - 2014-08-17 16:08 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-17 17:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-08-17 16:06 - 2014-08-17 16:06 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-17 16:06 - 2014-08-17 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-17 16:06 - 2014-08-17 16:06 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-17 16:06 - 2013-11-24 15:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-17 16:05 - 2014-08-17 16:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Fledermausi\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-17 15:38 - 2014-08-17 15:38 - 00002161 _____ () C:\Users\Fledermausi\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-08-17 15:38 - 2014-08-17 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-08-17 15:38 - 2014-08-17 15:38 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-08-17 15:37 - 2014-08-17 15:36 - 09522632 _____ () C:\Users\Fledermausi\Desktop\tweaking.com_windows_repair_aio_setup.exe
2014-08-16 15:53 - 2014-08-16 15:53 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-08-15 22:52 - 2014-08-15 22:52 - 00002750 _____ () C:\Users\Fledermausi\Desktop\FSS.txt
2014-08-15 22:51 - 2014-08-15 22:51 - 00415232 _____ (Farbar) C:\Users\Fledermausi\Desktop\FSS.exe
2014-08-15 22:50 - 2014-08-15 22:50 - 00021641 _____ () C:\ComboFix.txt
2014-08-15 22:50 - 2014-08-15 22:10 - 00000000 ____D () C:\Qoobox
2014-08-15 22:50 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-15 22:46 - 2014-08-15 22:09 - 00000000 ____D () C:\Windows\erdnt
2014-08-15 22:42 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-15 22:41 - 2011-11-02 02:31 - 00001351 _____ () C:\Windows\system32\ServiceFilter.ini
2014-08-15 22:36 - 2013-12-23 21:17 - 00000000 ____D () C:\Program Files (x86)\ALDITALKVerbindungsassistent
2014-08-15 22:24 - 2011-12-23 20:30 - 00000000 ____D () C:\Users\Fledermausi\AppData\Local\VirtualStore
2014-08-15 22:07 - 2014-08-15 22:07 - 05571320 ____R (Swearware) C:\Users\Fledermausi\Desktop\ComboFix.exe
2014-08-15 21:59 - 2014-08-15 21:59 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-15 21:58 - 2014-08-15 21:58 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Fledermausi\Desktop\revosetup95.exe
2014-08-15 07:15 - 2014-08-15 07:06 - 00043076 _____ () C:\Users\Fledermausi\Desktop\Result.txt
2014-08-15 07:02 - 2014-08-15 07:02 - 00401920 _____ (Farbar) C:\Users\Fledermausi\Desktop\MiniToolBox.exe
2014-08-15 00:02 - 2013-11-18 15:21 - 00043407 _____ () C:\Users\Fledermausi\Downloads\Addition.txt
2014-08-15 00:02 - 2013-11-18 15:19 - 00046190 _____ () C:\Users\Fledermausi\Downloads\FRST.txt
2014-08-14 23:52 - 2014-08-14 23:52 - 02100224 _____ (Farbar) C:\Users\Fledermausi\Downloads\FRST64.exe
2014-08-14 22:06 - 2013-05-13 15:53 - 00000000 ____D () C:\Users\Fledermausi\AppData\Roaming\Opera
2014-08-14 22:06 - 2013-05-13 15:53 - 00000000 ____D () C:\Users\Fledermausi\AppData\Local\Opera
2014-08-14 22:06 - 2013-05-13 15:53 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-08-14 21:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-14 21:04 - 2014-08-14 09:09 - 00000000 __SHD () C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2014-08-14 21:04 - 2012-04-04 21:00 - 00000000 ____D () C:\Users\Fledermausi\AppData\Local\Downloaded Installations
2014-08-14 09:14 - 2014-08-14 09:10 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2013
2014-08-14 09:14 - 2014-08-14 09:09 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-08-14 09:11 - 2014-08-14 09:11 - 00000000 __SHD () C:\Users\Fledermausi\AppData\Local\EmieUserList
2014-08-14 09:11 - 2014-08-14 09:11 - 00000000 __SHD () C:\Users\Fledermausi\AppData\Local\EmieSiteList
2014-08-14 09:10 - 2014-08-14 09:10 - 00002211 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2014-08-14 09:10 - 2014-08-14 09:10 - 00002203 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
2014-08-14 09:10 - 2014-08-14 09:10 - 00002191 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2014-08-14 09:10 - 2014-08-14 09:10 - 00000000 ____D () C:\Users\Fledermausi\AppData\Roaming\TuneUp Software
2014-08-14 09:10 - 2014-08-14 09:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
2014-08-14 09:08 - 2014-08-14 09:07 - 28181408 _____ (TuneUp Software) C:\Users\Fledermausi\Downloads\TuneUpUtilities2013_de-DE.exe
2014-08-14 07:18 - 2011-11-02 02:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2014-08-14 07:18 - 2011-04-13 04:47 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-08-13 21:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 21:34 - 2013-08-16 06:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 21:18 - 2011-12-29 00:03 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 21:08 - 2014-05-02 09:34 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 21:01 - 2014-08-02 10:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-13 21:01 - 2014-05-28 22:20 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-13 21:01 - 2014-05-28 22:20 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-13 21:01 - 2014-05-28 22:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-13 20:43 - 2014-08-13 20:43 - 00244408 _____ () C:\Users\Fledermausi\Downloads\Firefox Setup Stub 31.0.exe
2014-08-07 04:06 - 2014-08-13 07:39 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 07:39 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 09:20 - 2012-04-12 21:47 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-03 21:21 - 2012-12-02 23:23 - 00323072 ___SH () C:\Users\Fledermausi\Downloads\Thumbs.db
2014-08-02 18:32 - 2014-08-02 18:32 - 00275272 _____ () C:\Windows\Minidump\080214-42728-01.dmp
2014-08-02 18:32 - 2013-05-26 10:03 - 00000000 ____D () C:\Windows\Minidump
2014-08-02 18:31 - 2013-05-26 10:03 - 667980738 _____ () C:\Windows\MEMORY.DMP
2014-08-01 23:43 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-01 01:41 - 2014-08-13 08:20 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-13 08:20 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-27 15:25 - 2012-01-15 20:34 - 00000000 ____D () C:\ProgramData\Nokia
2014-07-27 15:24 - 2014-07-27 15:24 - 00002091 _____ () C:\Users\Public\Desktop\Nokia Suite.lnk
2014-07-27 15:24 - 2014-07-27 15:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
2014-07-27 15:22 - 2014-07-27 15:22 - 00000000 ____D () C:\Program Files (x86)\PC Connectivity Solution
2014-07-27 15:22 - 2011-11-02 02:26 - 00034400 _____ () C:\Windows\DPINST.LOG
2014-07-27 15:21 - 2012-01-15 20:31 - 00000000 ____D () C:\Program Files (x86)\Nokia
Some content of TEMP:
====================
C:\Users\Fledermausi\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-23 23:58
==================== End Of Log ============================
--- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-08-2014 03
Ran by Fledermausi at 2014-08-25 16:51:19
Running from C:\Users\Fledermausi\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Trend Micro Titanium Internet Security (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AS: Trend Micro Titanium Internet Security (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
ALDI TALK Verbindungsassistent (HKLM-x32\...\ALDITALKVerbindungsassistent) (Version: ALDI TALK 4.0 - ALDI TALK Verbindungsassistent)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD APP SDK Runtime (Version: 2.5.709.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{E17025A7-39B6-375E-8F1E-20637D19549C}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2011.0713.1830.31376 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.60713.1822 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0713.1830.31376 - Advanced Micro Devices, Inc.) Hidden
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.19 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0036 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK)
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.3 - Auslogics Software Pty Ltd)
Big Fish Games: Game Manager (HKLM-x32\...\BFGC) (Version: 3.0.1.60 - )
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
Catalyst Control Center InstallProxy (x32 Version: 2011.0713.1830.31376 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0713.1830.31376 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0713.1830.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.0713.1830.31376 - Advanced Micro Devices, Inc.) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 26.0.1410.43 - Google Inc.)
Internet Explorer (x32 Version: 9 - Microsoft Corporation) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Phantasmat (HKLM-x32\...\BFG-Phantasmat) (Version: - )
Phantasmat: Eisiger Gipfel (HKLM-x32\...\BFG-Phantasmat - Eisiger Gipfel) (Version: - )
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.9 - TeamSpeak Systems GmbH)
T-Mobile Internet Manager 03 (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE)
Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.0 - Trend Micro Inc.)
Trend Micro Titanium Internet Security (Version: 3.00 - Trend Micro Inc.) Hidden
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.4000.179 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.4000.179 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.179 - TuneUp Software) Hidden
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.8.6 - Tweaking.com)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Player (HKCU\...\Video Player) (Version: - ) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Wireless Console 3 (HKLM-x32\...\{8150221C-8F7E-4997-AD4E-AFDEE7F4B410}) (Version: 3.0.21 - ASUS)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
06-08-2014 05:02:44 Windows Update
09-08-2014 07:13:10 Windows Update
13-08-2014 05:38:49 Windows Update
13-08-2014 19:07:18 Windows Update
14-08-2014 05:17:16 Removed WinFlash
14-08-2014 07:09:48 TuneUp Utilities 2013 wird installiert
15-08-2014 20:04:33 Revo Uninstaller's restore point - Revo Uninstaller 1.95
20-08-2014 05:19:54 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-08-15 22:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1D0363F7-C6D5-4B35-8502-62F9F8F93C22} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {3500F683-03B2-4807-A7B5-43CC16A82B4C} - System32\Tasks\{FE8BDCBC-070F-487D-95F5-B5EFD4752810} => Firefox.exe
Task: {4660038F-B102-42CD-B9DC-9BAF8D0EB76B} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-11-22] (ASUS)
Task: {57239D67-D825-4D02-BF5E-CBE699013276} - System32\Tasks\{F14E6073-D53F-493E-BADE-0C8085F1EB8A} => C:\Program Files (x86)\T-Mobile Internet Manager 03\UIMain.exe [2009-03-30] ()
Task: {6681E171-2D72-42E1-B4F6-F6A19E23349E} - System32\Tasks\{9C1F2DAE-CFD9-4E97-BD2B-4EDD965D9F2D} => C:\Program Files (x86)\T-Mobile Internet Manager 03\UIMain.exe [2009-03-30] ()
Task: {881B1628-399F-41B5-B8AD-6AB14D1C08E3} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2013-12-10] (TuneUp Software)
Task: {8A97CF35-18BB-4424-B313-F6D1CC9A7C51} - System32\Tasks\{C04DCFBA-660D-493A-AE73-C292F993C53A} => C:\Program Files (x86)\T-Mobile Internet Manager 03\UIMain.exe [2009-03-30] ()
Task: {A78300CD-9724-43EE-B32B-D462F4FFE1DC} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {E6F92773-C2D6-4110-94F7-E2E36894450A} - System32\Tasks\{A94CC77D-AA8A-4F3B-B0B8-AC06E6803C65} => Firefox.exe
Task: {EDA4AD14-6965-40B0-A4EC-D14BA747ECA3} - System32\Tasks\{3DBE8DD1-59D6-4C69-B07E-35FB6A30776A} => C:\Program Files (x86)\Uniblue\SystemTweaker\systemtweaker.exe
Task: {F339B65C-58B7-498C-8755-F17B91A2ECE7} - System32\Tasks\{4BF2DDF6-F7B0-4625-BD16-EC9DB0E6635C} => C:\Program Files (x86)\T-Mobile Internet Manager 03\UIMain.exe [2009-03-30] ()
==================== Loaded Modules (whitelisted) =============
2013-12-23 21:17 - 2013-12-23 21:38 - 00358968 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
2011-07-14 03:23 - 2011-07-14 03:23 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-12-10 19:45 - 2013-12-10 19:45 - 00753464 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll
2011-04-13 04:51 - 2010-09-17 10:52 - 00047104 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
2011-04-13 04:51 - 2010-09-17 10:52 - 00042496 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
2011-12-23 21:31 - 2009-03-30 12:34 - 00241664 _____ () C:\Program Files (x86)\T-Mobile Internet Manager 03\AssistantServices.exe
2010-02-28 03:33 - 2010-02-28 03:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2011-11-22 16:09 - 2011-11-22 16:09 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2011-06-10 19:49 - 2011-06-10 19:49 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:0BBF232A
AlternateDataStreams: C:\ProgramData\Temp:2339C9FD
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\Windows\pss\AsusVibeLauncher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DATAMNGR => C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: ETDCtrl => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Fledermausi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HControlUser => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: Nuance PDF Reader-reminder => "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
MSCONFIG\startupreg: PCSpeedUp => C:\Program Files (x86)\PC Beschleunigen\PCSUNotifier.exe
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Setwallpaper => c:\programdata\SetWallpaper.cmd
MSCONFIG\startupreg: SonicMasterTray => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Trend Micro Titanium => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"
MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\T-Mobile Internet Manager 03\UIExec.exe"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: VizorHtmlDialog.exe => "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
==================== Faulty Device Manager Devices =============
Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/24/2014 10:34:02 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (08/22/2014 07:05:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5310, Zeitstempel: 0x53c75e91
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0xb08
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (08/22/2014 07:01:40 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (08/21/2014 09:23:44 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/21/2014 06:19:11 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/20/2014 08:51:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/20/2014 08:51:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/20/2014 08:50:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/20/2014 08:50:00 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (08/20/2014 07:14:44 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (08/24/2014 04:25:44 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/21/2014 11:01:59 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/18/2014 05:02:03 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/18/2014 09:20:37 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.
Error: (08/18/2014 09:20:37 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
Error: (08/24/2014 10:34:02 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (08/22/2014 07:05:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.531053c75e91ntdll.dll6.1.7601.18247521ea8e7c0000374000ce753b0801cfbd839a06c38eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SysWOW64\ntdll.dllf5fbc4aa-29b9-11e4-98ce-14dae9e918f8
Error: (08/22/2014 07:01:40 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (08/21/2014 09:23:44 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\fledermausi\Desktop\esetsmartinstaller_deu.exe
Error: (08/21/2014 06:19:11 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (08/20/2014 08:51:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Fledermausi\Desktop\esetsmartinstaller_deu.exe
Error: (08/20/2014 08:51:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Fledermausi\Desktop\esetsmartinstaller_deu.exe
Error: (08/20/2014 08:50:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Fledermausi\Desktop\esetsmartinstaller_deu.exe
Error: (08/20/2014 08:50:00 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (08/20/2014 07:14:44 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Fledermausi\Desktop\esetsmartinstaller_deu.exe
CodeIntegrity Errors:
===================================
Date: 2014-08-15 22:36:21.218
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-08-15 22:36:20.648
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-05-04 23:26:40.166
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-04 23:25:57.137
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-04 23:25:21.124
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-04 23:24:55.523
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-04 23:24:33.604
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-04 23:24:03.972
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-04 23:23:34.479
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-04 23:23:04.219
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD E-450 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 20%
Total physical RAM: 8171.71 MB
Available physical RAM: 6487.56 MB
Total Pagefile: 14311.89 MB
Available Pagefile: 12594.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:200.28 GB) (Free:119.79 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:240.48 GB) (Free:240.35 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B2A0A341)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=200.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=240.5 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
|
26.08.2014, 15:39
| #21 |
| /// the machine /// TB-Ausbilder | Browser verliert Verbindung zum Netz Noch Probleme?
__________________ --> Browser verliert Verbindung zum Netz |
|
26.08.2014, 21:28
| #22 |
| | Browser verliert Verbindung zum Netz Jepp, Problem besteht immer noch... |
|
27.08.2014, 16:10
| #23 |
| /// the machine /// TB-Ausbilder | Browser verliert Verbindung zum Netz Alle Browser?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.08.2014, 19:27
| #24 |
| | Browser verliert Verbindung zum Netz Ja, habe gerade mal alle durchgetestet (Chrome, Firefox und IE). |
|
28.08.2014, 08:40
| #25 |
| /// the machine /// TB-Ausbilder | Browser verliert Verbindung zum Netz Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool Setze einen Haken bei folgenden Einträgen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.08.2014, 19:54
| #26 |
| | Browser verliert Verbindung zum NetzCode:
ATTFilter MiniToolBox by Farbar Version: 21-07-2014
Ran by Fledermausi (administrator) on 28-08-2014 at 20:53:37
Running from "C:\Users\Fledermausi\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows-IP-Konfiguration
Der DNS-Aufl�sungscache konnte nicht geleert werden: Beim Ausf�hren der Funktion ist ein Fehler aufgetreten.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Atheros AR9002WB-1NG Wireless Network Adapter = Drahtlosnetzwerkverbindung (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth-Netzwerkverbindung (Hardware not present)
Microsoft Virtual WiFi Miniport Adapter = Drahtlosnetzwerkverbindung 2 (Hardware not present)
Realtek PCIe GBE Family Controller = LAN-Verbindung (Media disconnected)
# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4
reset
popd
# Ende der IPv4-Konfiguration
Windows-IP-Konfiguration
Hostname . . . . . . . . . . . . : PC
Prim�res DNS-Suffix . . . . . . . :
Knotentyp . . . . . . . . . . . . : Hybrid
IP-Routing aktiviert . . . . . . : Nein
WINS-Proxy aktiviert . . . . . . : Nein
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung:
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Atheros AR9002WB-1NG Wireless Network Adapter
Physikalische Adresse . . . . . . : 74-DE-2B-82-75-51
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::95f9:9b8c:1e6b:7df0%13(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.0.103(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Lease erhalten. . . . . . . . . . : Donnerstag, 28. August 2014 08:54:48
Lease l�uft ab. . . . . . . . . . : Donnerstag, 4. September 2014 14:23:51
Standardgateway . . . . . . . . . : 192.168.0.1
DHCP-Server . . . . . . . . . . . : 192.168.0.1
DHCPv6-IAID . . . . . . . . . . . : 326426155
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-16-42-43-20-14-DA-E9-E9-18-F8
DNS-Server . . . . . . . . . . . : 192.168.0.1
NetBIOS �ber TCP/IP . . . . . . . : Aktiviert
Ethernet-Adapter LAN-Verbindung:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix: Speedport_W_503V_Typ_C
Beschreibung. . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physikalische Adresse . . . . . . : 14-DA-E9-E9-18-F8
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Tunneladapter isatap.{97B67636-85A6-4934-8DAD-D20B25D548D7}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter Teredo Tunneling Pseudo-Interface:
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
IPv6-Adresse. . . . . . . . . . . : 2001:0:9d38:90d7:103a:60d:3f57:ff98(Bevorzugt)
Verbindungslokale IPv6-Adresse . : fe80::103a:60d:3f57:ff98%16(Bevorzugt)
Standardgateway . . . . . . . . . : ::
NetBIOS �ber TCP/IP . . . . . . . : Deaktiviert
Server: UnKnown
Address: 192.168.0.1
Name: google.com
Addresses: 2a00:1450:400a:807::1004
109.193.193.49
109.193.193.35
109.193.193.29
109.193.193.25
109.193.193.44
109.193.193.50
109.193.193.45
109.193.193.40
109.193.193.30
109.193.193.54
109.193.193.34
109.193.193.24
109.193.193.55
109.193.193.59
109.193.193.20
109.193.193.39
Ping wird ausgef�hrt f�r google.com [109.193.193.30] mit 32 Bytes Daten:
Antwort von 109.193.193.30: Bytes=32 Zeit=14ms TTL=59
Antwort von 109.193.193.30: Bytes=32 Zeit=15ms TTL=59
Ping-Statistik f�r 109.193.193.30:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 14ms, Maximum = 15ms, Mittelwert = 14ms
Server: UnKnown
Address: 192.168.0.1
Name: yahoo.com
Addresses: 98.139.183.24
98.138.253.109
206.190.36.45
Ping wird ausgef�hrt f�r yahoo.com [98.138.253.109] mit 32 Bytes Daten:
Antwort von 98.138.253.109: Bytes=32 Zeit=157ms TTL=50
Antwort von 98.138.253.109: Bytes=32 Zeit=159ms TTL=50
Ping-Statistik f�r 98.138.253.109:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 157ms, Maximum = 159ms, Mittelwert = 158ms
Ping wird ausgef�hrt f�r 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Ping-Statistik f�r 127.0.0.1:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
===========================================================================
Schnittstellenliste
13...74 de 2b 82 75 51 ......Atheros AR9002WB-1NG Wireless Network Adapter
11...14 da e9 e9 18 f8 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
IPv4-Routentabelle
===========================================================================
Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.103 25
127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 306
127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 306
127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
192.168.0.0 255.255.255.0 Auf Verbindung 192.168.0.103 281
192.168.0.103 255.255.255.255 Auf Verbindung 192.168.0.103 281
192.168.0.255 255.255.255.255 Auf Verbindung 192.168.0.103 281
224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 306
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.0.103 281
255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.0.103 281
===========================================================================
St�ndige Routen:
Keine
IPv6-Routentabelle
===========================================================================
Aktive Routen:
If Metrik Netzwerkziel Gateway
16 58 ::/0 Auf Verbindung
1 306 ::1/128 Auf Verbindung
16 58 2001::/32 Auf Verbindung
16 306 2001:0:9d38:90d7:103a:60d:3f57:ff98/128
Auf Verbindung
13 281 fe80::/64 Auf Verbindung
16 306 fe80::/64 Auf Verbindung
16 306 fe80::103a:60d:3f57:ff98/128
Auf Verbindung
13 281 fe80::95f9:9b8c:1e6b:7df0/128
Auf Verbindung
1 306 ff00::/8 Auf Verbindung
16 306 ff00::/8 Auf Verbindung
13 281 ff00::/8 Auf Verbindung
===========================================================================
St�ndige Routen:
Keine
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (08/26/2014 10:21:33 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (08/24/2014 10:34:02 AM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (08/22/2014 07:05:41 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5310, Zeitstempel: 0x53c75e91
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0xb08
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (08/22/2014 07:01:40 AM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (08/21/2014 09:23:44 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/21/2014 06:19:11 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/20/2014 08:51:26 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/20/2014 08:51:01 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/20/2014 08:50:59 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/20/2014 08:50:00 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
System errors:
=============
Error: (08/28/2014 08:52:07 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/27/2014 07:00:35 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Arbeitsstationsdienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (08/27/2014 07:00:35 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Arbeitsstationsdienst erreicht.
Error: (08/26/2014 11:42:42 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/24/2014 04:25:44 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/21/2014 11:01:59 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/18/2014 05:02:03 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/18/2014 09:20:37 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.
Error: (08/18/2014 09:20:37 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
Error: (08/26/2014 10:21:33 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (08/24/2014 10:34:02 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (08/22/2014 07:05:41 AM) (Source: Application Error)(User: )
Description: plugin-container.exe31.0.0.531053c75e91ntdll.dll6.1.7601.18247521ea8e7c0000374000ce753b0801cfbd839a06c38eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SysWOW64\ntdll.dllf5fbc4aa-29b9-11e4-98ce-14dae9e918f8
Error: (08/22/2014 07:01:40 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (08/21/2014 09:23:44 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\fledermausi\Desktop\esetsmartinstaller_deu.exe
Error: (08/21/2014 06:19:11 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (08/20/2014 08:51:26 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Fledermausi\Desktop\esetsmartinstaller_deu.exe
Error: (08/20/2014 08:51:01 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Fledermausi\Desktop\esetsmartinstaller_deu.exe
Error: (08/20/2014 08:50:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Fledermausi\Desktop\esetsmartinstaller_deu.exe
Error: (08/20/2014 08:50:00 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:
CodeIntegrity Errors:
===================================
Date: 2014-08-15 22:36:21.218
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-08-15 22:36:20.648
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-05-04 23:26:40.166
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-04 23:25:57.137
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-04 23:25:21.124
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-04 23:24:55.523
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-04 23:24:33.604
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-04 23:24:03.972
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-04 23:23:34.479
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-05-04 23:23:04.219
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
=========================== Installed Programs ============================
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
ALDI TALK Verbindungsassistent (HKLM-x32\...\ALDITALKVerbindungsassistent) (Version: ALDI TALK 4.0 - ALDI TALK Verbindungsassistent)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD APP SDK Runtime (Version: 2.5.709.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{E17025A7-39B6-375E-8F1E-20637D19549C}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2011.0713.1830.31376 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.60713.1822 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0713.1830.31376 - Advanced Micro Devices, Inc.) Hidden
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.19 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0036 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK)
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.3 - Auslogics Software Pty Ltd)
Big Fish Games: Game Manager (HKLM-x32\...\BFGC) (Version: 3.0.1.60 - )
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
Catalyst Control Center InstallProxy (x32 Version: 2011.0713.1830.31376 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0713.1830.31376 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0713.1830.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.0713.1829.31376 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.0713.1830.31376 - Advanced Micro Devices, Inc.) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 26.0.1410.43 - Google Inc.)
Internet Explorer (x32 Version: 9 - Microsoft Corporation) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Phantasmat (HKLM-x32\...\BFG-Phantasmat) (Version: - )
Phantasmat: Eisiger Gipfel (HKLM-x32\...\BFG-Phantasmat - Eisiger Gipfel) (Version: - )
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.9 - TeamSpeak Systems GmbH)
T-Mobile Internet Manager 03 (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE)
Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.0 - Trend Micro Inc.)
Trend Micro Titanium Internet Security (Version: 3.00 - Trend Micro Inc.) Hidden
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.4000.179 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.4000.179 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.179 - TuneUp Software) Hidden
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.8.6 - Tweaking.com)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Player (HKCU\...\Video Player) (Version: - )
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - ?????????? ??????????) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ???? (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ??? (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Wireless Console 3 (HKLM-x32\...\{8150221C-8F7E-4997-AD4E-AFDEE7F4B410}) (Version: 3.0.21 - ASUS)
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se?? (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
S?????? f?t???af??? t?? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
???????? ?????????? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
????? Windows Live (x32 Version: 15.4.3502.0922 - ?????????? ??????????) Hidden
?????????? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ??????????? (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
?????? ??????? ?? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
??? ActiveX ?? Windows Live Mesh ???? ??????? ??????? (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
???? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ??????? (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
???? ??? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
??????? Windows Live Mesh ActiveX ??? (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
========================= Memory info: ===================================
Percentage of memory in use: 22%
Total physical RAM: 8171.71 MB
Available physical RAM: 6351.45 MB
Total Pagefile: 14311.89 MB
Available Pagefile: 12333.06 MB
Total Virtual: 4095.88 MB
Available Virtual: 3986.82 MB
========================= Partitions: =====================================
1 Drive c: (OS) (Fixed) (Total:200.28 GB) (Free:120.44 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:240.48 GB) (Free:240.35 GB) NTFS
========================= Users: ========================================
Benutzerkonten fr \\PC
Administrator Fledermausi Gast
Der Befehl wurde erfolgreich ausgefhrt.
========================= Minidump Files ==================================
No minidump file found
**** End of log ****
|
|
29.08.2014, 12:38
| #27 |
| /// the machine /// TB-Ausbilder | Browser verliert Verbindung zum Netz Setz mal bitte nen Google DNS. How to Switch to OpenDNS or Google DNS to Speed Up Web Browsing
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.08.2014, 07:49
| #28 |
| | Browser verliert Verbindung zum Netz Okay, habe ich gemacht. Ich bin aber erst am Dienstag Abend wieder am WLAN, weiß dann also erst, ob es was gebracht hat. Ich geb dann Bescheid. Grüßle |
|
30.08.2014, 07:58
| #29 |
| /// the machine /// TB-Ausbilder | Browser verliert Verbindung zum Netz ok.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.09.2014, 08:24
| #30 |
| | Browser verliert Verbindung zum Netz Hmmm, gestern Abend und heute Morgen kein einziger Ausfall, ich wollte schon Erfolgsmeldung abgeben. Aber jetzt ist es wieder ganz schlimm. Merkwürdig... Seit ich das geschrieben habe, geht es wieder. Der verarscht mich doch, der Laptop... |
|
Textbox. 
Linear-Darstellung
