| |
| |||||||
Log-Analyse und Auswertung: Auswertung OTL ErgebnisWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
17.11.2014, 12:20
| #1 |
| |  Auswertung OTL Ergebnis Folgende Symptome hat mein Rechner: Immer laut am Arbeiten, obwohl nur ein Leerlaufprozess im Task Manager angezeigt wird (allerdings bei 30% bei einem 2,6 GH Quadcore). Ich bitte um eine Auswertung meines OTL-Files. Vielen Dank!OTL Logfile: OTL Logfile: Code:
ATTFilter OTL logfile created on: 17.11.2014 11:32:09 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users XXX 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17420) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 57,06% Memory free 11,72 Gb Paging File | 8,79 Gb Available in Paging File | 75,04% Paging File free Paging file location(s): c:\pagefile.sys 8000 8000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 918,32 Gb Total Space | 818,50 Gb Free Space | 89,13% Space Free | Partition Type: NTFS Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days OTL logfile created on: 17.11.2014 11:32:09 - Run 1 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17420) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 57,06% Memory free 11,72 Gb Paging File | 8,79 Gb Available in Paging File | 75,04% Paging File free Paging file location(s): c:\pagefile.sys 8000 8000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 918,32 Gb Total Space | 818,50 Gb Free Space | 89,13% Space Free | Partition Type: NTFS Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days ========== Processes (SafeList) ========== PRC - C:\Users\\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Users\\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) PRC - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe (Comodo Security Solutions, Inc.) PRC - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.) PRC - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe () PRC - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedadssvc.exe (AdTrustMedia) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE () PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell) PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS) PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (SoftThinks - Dell) PRC - C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe (Sensible Vision ) PRC - C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision ) PRC - C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe (Sensible Vision ) PRC - C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe () PRC - C:\Program Files (x86)\DELL\DELLOSD\DELLOSD.exe (DELL COMPUTER INC.) PRC - C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe () PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd) PRC - C:\Program Files (x86)\Atheros Direct Connect\DCDhcpService.exe (Atheros Communication Inc.) PRC - C:\Program Files (x86)\Atheros Direct Connect\DCWpaSupplicant.exe (Atheros Communications, Inc.) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\DELL\DELLOSD\FastUserSwitching.exe () PRC - C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe (Chicony) PRC - C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.) PRC - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (Nuance Communications, Inc.) PRC - C:\Program Files (x86)\Nuance\PaperPort\NuanceWDS.exe (Nuance Communications, Inc.) PRC - C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe () ========== Modules (No Company Name) ========== MOD - c:\users\o~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpeo2fay.dll () MOD - C:\Users\\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9c41049a9716f9c34e8dfad27ac45153\System.WorkflowServices.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\26e521624e8e8c879ac83245694d809a\System.ServiceModel.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\3063abda312516739bc808360071bad9\System.Xml.Linq.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\e3641fa3359f37ad12c84183ce765093\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\11295b4ad79dbeadee6c83ae45a8a07f\System.IdentityModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b1e0939384cc320d6ac7b8921ccc2877\System.Runtime.Serialization.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\0d51a457c4cb85cd5ae8439094387ad3\System.ServiceModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\da4175d4363c1bcecb984a44cd53664f\SMDiagnostics.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b22741531a2850c807656d0298a96bd\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b4001d722e320fa42cd87b04b5249b2d\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1f539baa94516139240877cb6afd72c2\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3d4f835b8078dacc8d5da623e2c3f0ee\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll () MOD - C:\Users\\AppData\Roaming\Dropbox\bin\libcef.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE () MOD - C:\Windows\SysWOW64\FAIEExtension.dll () MOD - C:\Windows\SysWOW64\FAib.dll () MOD - C:\Windows\SysWOW64\FACrashRpt.dll () MOD - C:\Program Files (x86)\DELL\DELLOSD\MediaButtons.exe () MOD - C:\Program Files (x86)\DELL\DELLOSD\FastUserSwitching.exe () MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll () MOD - C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe () ========== Services (SafeList) ========== SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (CLPSLauncher) -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe (Comodo Security Solutions, Inc.) SRV - (GeekBuddyRSP) -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.) SRV - (DragonUpdater) -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe () SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (CmdAgent) -- C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe (COMODO) SRV - (cmdvirth) -- C:\Programme\COMODO\COMODO Internet Security\cmdvirth.exe (COMODO) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (OpenVPNService) -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe () SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS) SRV - (FAService) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe (Sensible Vision ) SRV - (Dell WMI Service) -- C:\Program Files (x86)\DELL\DELLOSD\DellOSDService.exe () SRV - (DCDhcpService) -- C:\Program Files (x86)\Atheros Direct Connect\DCDhcpService.exe (Atheros Communication Inc.) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (OSDSvc) -- C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe (Chicony) SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions) SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions) SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.) SRV - (PDFProFiltSrvPP) -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (Nuance Communications, Inc.) SRV - (BrYNSvc) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (AERTFilters) -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (CFRMD) -- C:\Windows\SysNative\drivers\CFRMD.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (cmderd) -- C:\Windows\SysNative\drivers\cmderd.sys (COMODO) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project) DRV:64bit: - (DRHMSR64) -- C:\Windows\SysNative\drivers\DRHMSR64.sys () DRV:64bit: - (DRHARD64) -- C:\Windows\SysNative\drivers\DRHARD64.sys (Licensed for Gebhard Software) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc60.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (SynthVid) -- C:\Windows\SysNative\drivers\VMBusVideoM.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (AF9035BDA) -- C:\Windows\SysNative\drivers\AF15BDA.sys (ITETech ) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (FACAP) -- C:\Windows\SysNative\drivers\facap.sys (Sensible Vision ) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (DRHMSR64) -- C:\Windows\SysWOW64\drivers\DRHMSR64.sys () DRV - (DRHARD64) -- C:\Windows\SysWOW64\drivers\DRHARD64.sys (Licensed for Gebhard Software) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1530557571-3670826322-1770252739-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USSMB/8 IE - HKU\S-1-5-21-1530557571-3670826322-1770252739-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=EACE00FF7E81BC8A&affID=125036&tsp=5031 IE - HKU\S-1-5-21-1530557571-3670826322-1770252739-1000\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} IE - HKU\S-1-5-21-1530557571-3670826322-1770252739-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR IE - HKU\S-1-5-21-1530557571-3670826322-1770252739-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=EACE00FF7E81BC8A&affID=125036&tsp=5031 IE - HKU\S-1-5-21-1530557571-3670826322-1770252739-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = IE - HKU\S-1-5-21-1530557571-3670826322-1770252739-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb128/?search={searchTerms}&loc=IB_DS&a=6OyWTjcKgI&i=26 IE - HKU\S-1-5-21-1530557571-3670826322-1770252739-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1 FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fassoxpcom@sensiblevision.com: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2012.01.25 07:04:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2013.10.10 20:20:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\cliqz@cliqz.com: C:\Users\Olav Kittel\AppData\Roaming\Mozilla\Firefox\Profiles\u9tra0dx.default-1362061992689\extensions\cliqz@cliqz.com FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.22 13:27:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\\AppData\Roaming\mozilla\Extensions [2014.11.17 09:06:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\\AppData\Roaming\mozilla\Firefox\Profiles\u9tra0dx.default-1362061992689\extensions [2014.10.31 00:29:06 | 000,804,284 | ---- | M] () (No name found) -- C:\Users\\AppData\Roaming\mozilla\firefox\profiles\u9tra0dx.default-1362061992689\extensions\cliqz@cliqz.com.xpi [2014.11.17 09:06:16 | 000,537,103 | ---- | M] () (No name found) -- C:\Users\\AppData\Roaming\mozilla\firefox\profiles\u9tra0dx.default-1362061992689\extensions\PrivDog@AdTrustMedia.com.xpi [2014.09.15 15:27:50 | 000,000,663 | ---- | M] () -- C:\Users\\AppData\Roaming\mozilla\firefox\profiles\u9tra0dx.default-1362061992689\searchplugins\google-images.xml [2014.09.15 15:27:50 | 000,002,307 | ---- | M] () -- C:\Users\\AppData\Roaming\mozilla\firefox\profiles\u9tra0dx.default-1362061992689\searchplugins\google-maps.xml [2013.10.10 20:23:43 | 000,001,302 | ---- | M] () -- C:\Users\\AppData\Roaming\mozilla\firefox\profiles\u9tra0dx.default-1362061992689\searchplugins\searchgol.xml [2014.09.15 12:49:41 | 000,001,497 | ---- | M] () -- C:\Users\\AppData\Roaming\mozilla\firefox\profiles\u9tra0dx.default-1362061992689\searchplugins\zonealarm.xml [2014.11.10 23:03:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2014.11.10 23:03:03 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014.11.10 23:03:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2014.11.10 23:03:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision ) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2:64bit: - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) O2:64bit: - BHO: (PrivDog Extension) - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Programme\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll (AdTrustMedia) O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision ) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O2 - BHO: (PrivDog Extension) - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll (AdTrustMedia) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL (TerraTec Electronic GmbH) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Programme\COMODO\COMODO Internet Security\CisTray.exe (COMODO) O4:64bit: - HKLM..\Run: [DCHostUI] C:\Program Files (x86)\Atheros Direct Connect\P2PUIMain.exe (Atheros Communication) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.) O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd) O4 - HKLM..\Run: [DELLOSD] C:\Program Files (x86)\DELL\DELLOSD\FastUserSwitching.exe () O4 - HKLM..\Run: [FAStartup] File not found O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision ) O4 - HKLM..\Run: [IndexSearch] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [PPort12reminder] C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [PrivDogService] C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedadssvc.exe (AdTrustMedia) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions) O4 - HKLM..\Run: [tvncontrol] C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1530557571-3670826322-1770252739-1000..\Run: [Spotify Web Helper] C:\Users\\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4:64bit: - HKLM..\RunOnce: [000_TmTdiUninstall] C:\Windows\TmNSCIns.dll (Trend Micro Inc.) O4 - HKU\.DEFAULT..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f File not found O4 - HKU\.DEFAULT..\RunOnce: [panda2_0dn_XP] reg.exe delete "HKCU\Software\panda2_0dn" /f File not found O4 - HKU\.DEFAULT..\RunOnce: [panda4_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda4_0dn" /f File not found O4 - HKU\.DEFAULT..\RunOnce: [panda4_0dn_XP] reg.exe delete "HKCU\Software\panda4_0dn" /f File not found O4 - HKU\.DEFAULT..\RunOnce: [panda4_1dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda4_1dn" /f File not found O4 - HKU\.DEFAULT..\RunOnce: [panda4_1dn_XP] reg.exe delete "HKCU\Software\panda4_1dn" /f File not found O4 - HKU\S-1-5-18..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f File not found O4 - HKU\S-1-5-18..\RunOnce: [panda2_0dn_XP] reg.exe delete "HKCU\Software\panda2_0dn" /f File not found O4 - HKU\S-1-5-18..\RunOnce: [panda4_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda4_0dn" /f File not found O4 - HKU\S-1-5-18..\RunOnce: [panda4_0dn_XP] reg.exe delete "HKCU\Software\panda4_0dn" /f File not found O4 - HKU\S-1-5-18..\RunOnce: [panda4_1dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda4_1dn" /f File not found O4 - HKU\S-1-5-18..\RunOnce: [panda4_1dn_XP] reg.exe delete "HKCU\Software\panda4_1dn" /f File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: MaxGPOScriptWait = 600 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm () O9:64bit: - Extra Button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Programme\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll (AdTrustMedia) O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) O9 - Extra Button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.15\trustedads.dll (AdTrustMedia) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0) O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0) O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{100AE6A7-F79A-420F-99ED-4A8F51EC851D}: DhcpNameServer = 192.168.6.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63D4CB5F-1673-4605-A2EB-DF7F0A26EFD2}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63D4CB5F-1673-4605-A2EB-DF7F0A26EFD2}: NameServer = 156.154.70.25,156.154.71.25 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB19C772-F366-4F50-BD84-1F13B492EBBE}: NameServer = 156.154.70.25,156.154.71.25 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll (Sensible Vision ) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 360 Days ========== [2014.11.17 11:30:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\\Desktop\OTL.exe [2014.11.17 10:10:38 | 000,000,000 | ---D | C] -- C:\Users\\Documents\Files [2014.11.17 10:07:42 | 000,000,000 | -H-D | C] -- C:\VTRoot [2014.11.17 09:30:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\COMODO [2014.11.17 09:22:04 | 000,525,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll [2014.11.17 09:22:04 | 000,232,272 | ---- | C] (Trend Micro Inc.) -- C:\Windows\TmNSCIns.dll [2014.11.17 09:06:15 | 000,000,000 | --SD | C] -- C:\ProgramData\Shared Space [2014.11.17 09:05:45 | 000,000,000 | ---D | C] -- C:\Program Files\AdTrustMedia [2014.11.17 09:05:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AdTrustMedia [2014.11.17 09:05:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Adtrustmedia [2014.11.17 09:05:37 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO [2014.11.17 09:05:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo [2014.11.17 09:05:31 | 000,000,000 | ---D | C] -- C:\Users\Olav Kittel\AppData\Local\Comodo [2014.11.17 09:05:29 | 000,057,096 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll [2014.11.17 09:05:29 | 000,048,392 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll [2014.11.17 09:05:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo [2014.11.17 09:05:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader [2014.11.17 09:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo [2014.11.12 09:40:07 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2014.11.12 09:40:07 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2014.11.12 09:40:07 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2014.11.12 09:40:07 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2014.11.12 09:40:07 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll [2014.11.12 09:40:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2014.11.12 09:40:07 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2014.11.12 09:40:07 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2014.11.12 09:40:07 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2014.11.12 09:40:06 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2014.11.12 09:40:06 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2014.11.12 09:40:06 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2014.11.12 09:40:05 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2014.11.12 09:40:05 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2014.11.12 09:40:05 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2014.11.12 09:40:05 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2014.11.12 09:40:05 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2014.11.12 09:40:05 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2014.11.12 09:40:05 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2014.11.12 09:40:05 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2014.11.12 09:40:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2014.11.12 09:40:04 | 002,124,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2014.11.12 09:40:04 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2014.11.12 09:40:03 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2014.11.12 09:40:03 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2014.11.12 09:40:03 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2014.11.12 09:40:03 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2014.11.12 09:40:03 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll [2014.11.12 09:40:02 | 006,040,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2014.11.12 09:40:02 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2014.11.12 09:40:02 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2014.11.12 09:40:02 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2014.11.12 09:40:02 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2014.11.12 09:40:01 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2014.11.12 09:40:01 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2014.11.12 09:39:43 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll [2014.11.12 09:39:43 | 000,304,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll [2014.11.12 09:39:43 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll [2014.11.12 09:39:42 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2014.11.12 09:39:42 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll [2014.11.12 09:39:42 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll [2014.11.12 09:39:42 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll [2014.11.12 09:39:42 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll [2014.11.12 09:34:50 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL [2014.11.12 09:34:50 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL [2014.11.12 09:34:50 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll [2014.11.12 09:34:50 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll [2014.11.12 09:34:50 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll [2014.11.12 09:34:50 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll [2014.11.12 09:34:50 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll [2014.11.12 09:34:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2014.11.12 09:34:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2014.11.12 09:34:49 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2014.11.12 09:34:37 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2014.11.12 09:34:37 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2014.11.12 09:34:35 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2014.11.12 09:34:33 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2014.11.10 23:03:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2014.10.17 20:26:15 | 000,000,000 | ---D | C] -- C:\Users\\Documents\Z teaching ressources [2014.10.17 19:32:45 | 000,000,000 | ---D | C] -- C:\Users\\Documents\Z English Ressources [2014.10.15 15:51:03 | 001,943,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll [2014.10.15 15:51:03 | 001,131,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll [2014.10.15 15:51:03 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll [2014.10.15 15:51:03 | 000,156,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll [2014.10.15 15:51:03 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll [2014.10.15 15:51:03 | 000,073,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll [2014.10.15 15:50:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDYAK.DLL [2014.10.15 15:50:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDYAK.DLL [2014.10.15 15:50:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAT.DLL [2014.10.15 15:50:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAT.DLL [2014.10.15 15:50:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU1.DLL [2014.10.15 15:50:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL [2014.10.15 15:50:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU1.DLL [2014.10.15 15:50:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU.DLL [2014.10.15 15:50:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU.DLL [2014.10.15 15:50:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL [2014.10.15 15:50:52 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll [2014.10.15 15:50:52 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll [2014.10.15 15:50:52 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll [2014.10.15 15:50:52 | 000,744,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll [2014.10.15 15:50:51 | 014,632,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll [2014.10.15 15:50:51 | 004,120,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll [2014.10.15 15:50:50 | 000,782,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll [2014.10.15 15:50:50 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll [2014.10.15 15:50:48 | 011,411,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll [2014.10.15 15:50:44 | 003,208,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2014.10.15 15:50:44 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll [2014.10.15 15:50:41 | 005,551,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2014.10.15 15:50:41 | 003,970,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2014.10.15 15:50:41 | 001,574,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2014.10.15 15:50:41 | 000,693,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2014.10.15 15:50:41 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll [2014.10.15 15:50:41 | 000,619,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2014.10.15 15:50:41 | 000,616,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2014.10.15 15:50:41 | 000,532,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2014.10.15 15:50:41 | 000,457,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll [2014.10.15 15:50:41 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll [2014.10.15 15:50:41 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2014.10.15 15:50:40 | 003,914,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2014.10.15 15:50:40 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2014.10.15 15:50:40 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2014.10.15 15:50:40 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll [2014.10.15 15:50:40 | 001,005,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll [2014.10.15 15:50:40 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2014.10.15 15:50:40 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll [2014.10.15 15:50:40 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll [2014.10.15 15:50:40 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll [2014.10.15 15:50:40 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsp.dll [2014.10.15 15:50:39 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL [2014.10.15 15:50:39 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL [2014.10.15 15:50:39 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll [2014.10.15 15:50:39 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll [2014.10.15 15:50:39 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll [2014.10.15 15:50:39 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe [2014.10.15 15:50:39 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll [2014.10.15 15:50:39 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll [2014.10.15 15:50:39 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe [2014.10.15 15:50:39 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll [2014.10.15 15:50:39 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll [2014.10.15 15:50:39 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll [2014.10.15 15:50:39 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe [2014.10.15 15:50:39 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll [2014.10.15 15:50:39 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll [2014.10.15 15:50:39 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe [2014.10.15 15:50:39 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe [2014.10.15 15:50:39 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe [2014.10.15 15:50:39 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe [2014.10.15 15:50:39 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll [2014.10.15 15:50:39 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll [2014.10.15 15:50:39 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx [2014.10.15 15:50:39 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll [2014.10.15 15:50:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx [2014.10.15 15:50:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll [2014.10.15 15:50:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll [2014.10.15 15:50:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll [2014.10.15 15:45:40 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll [2014.10.15 15:45:40 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll [2014.10.15 15:45:34 | 003,221,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2014.10.15 15:45:33 | 003,722,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2014.10.15 15:45:32 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2014.10.15 15:45:32 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2014.10.15 15:45:31 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe [2014.10.15 15:45:31 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll [2014.10.15 15:45:31 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2014.10.15 15:45:31 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2014.09.30 22:51:07 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2014.09.30 22:51:07 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2014.09.18 17:11:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2014.09.18 17:11:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2014.09.15 13:23:34 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Roaming\FileZilla [2014.09.15 13:22:01 | 000,493,056 | ---- | C] ( datenhaus GmbH) -- C:\Windows\SysWow64\dhRichClient3.dll [2014.09.15 12:49:29 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint [2014.09.15 12:48:43 | 000,000,000 | ---D | C] -- C:\Users\\AppData\Roaming\RHEng [2014.09.13 22:13:56 | 000,000,000 | -HSD | C] -- C:\Users\AppData\Local\EmieUserList [2014.09.13 22:13:56 | 000,000,000 | -HSD | C] -- C:\Users\l\AppData\Local\EmieSiteList [2014.09.09 23:31:29 | 002,777,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2014.09.09 23:31:29 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2014.09.09 20:24:55 | 001,031,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll [2014.09.09 20:24:54 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll [2014.09.09 20:24:37 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2014.09.01 18:21:14 | 000,000,000 | ---D | C] -- C:\Users\Olav Kittel\Desktop\IBA 46 Ressources [2014.08.28 10:00:23 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll [2014.08.17 02:01:19 | 000,171,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll [2014.08.17 02:01:19 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll [2014.08.17 02:01:18 | 001,389,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe [2014.08.17 02:01:18 | 000,619,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe [2014.08.17 02:01:17 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll [2014.08.17 02:01:17 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll [2014.08.17 02:01:02 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe [2014.08.17 02:01:02 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe [2014.08.16 21:10:11 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2014.08.16 21:10:11 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2014.08.16 21:10:11 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll [2014.08.16 21:10:11 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll [2014.08.16 21:10:11 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2014.08.16 21:05:09 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll [2014.08.03 04:16:48 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2014.08.03 04:16:47 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2014.08.03 04:16:47 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2014.08.03 04:16:40 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2014.08.03 04:16:40 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2014.08.03 04:16:40 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll [2014.08.03 04:16:40 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2014.08.03 04:16:39 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll [2014.08.03 04:16:39 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll [2014.08.03 04:16:31 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2014.08.03 04:16:31 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll [2014.08.03 04:16:31 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2014.08.03 04:16:31 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe [2014.07.25 01:35:46 | 000,875,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr120_clr0400.dll [2014.07.24 22:47:06 | 000,869,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr120_clr0400.dll [2014.07.10 01:12:37 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe [2014.07.10 01:12:37 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe [2014.07.10 01:12:34 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll [2014.07.10 01:12:34 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll [2014.07.07 15:02:28 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Skype [2014.06.26 06:33:42 | 000,037,976 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\CFRMD.sys [2014.06.11 18:07:57 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2014.06.11 18:07:57 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2014.06.11 18:07:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll [2014.06.11 18:07:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll [2014.05.15 21:28:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2014.05.15 09:21:33 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll [2014.05.15 09:21:32 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll [2014.05.15 09:21:32 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2014.05.15 09:21:31 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll [2014.05.15 09:21:31 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll [2014.05.15 09:21:31 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll [2014.05.15 09:21:31 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll [2014.05.15 09:21:31 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll [2014.05.15 09:21:31 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll [2014.05.15 09:21:31 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll [2014.05.15 09:21:31 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll [2014.05.15 09:21:31 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll [2014.05.15 09:21:31 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll [2014.05.15 09:21:30 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2014.05.15 09:21:30 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll [2014.05.15 09:21:30 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll [2014.05.15 09:21:30 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2014.05.15 09:21:30 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2014.04.30 20:26:41 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel [2014.04.10 08:14:35 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2014.04.10 08:14:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2014.04.10 08:14:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2014.04.10 08:14:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2014.04.10 08:14:32 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2014.04.10 08:14:32 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2014.04.10 08:14:32 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2014.04.10 08:14:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2014.04.10 08:14:32 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2014.04.10 08:14:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2014.04.09 08:56:12 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2014.04.09 08:56:12 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2014.04.09 08:56:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll [2014.04.09 08:56:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll [2014.04.01 15:16:13 | 000,000,000 | ---D | C] -- C:\Users\XXX\Neuer Ordner [2014.03.25 20:22:50 | 000,023,168 | ---- | C] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys [2014.03.25 20:22:38 | 000,363,504 | ---- | C] (COMODO) -- C:\Windows\SysWow64\guard32.dll [2014.03.25 20:22:38 | 000,043,216 | ---- | C] (COMODO) -- C:\Windows\SysNative\cmdcsr.dll [2014.03.25 20:22:36 | 000,453,680 | ---- | C] (COMODO) -- C:\Windows\SysNative\guard64.dll [2014.03.25 20:22:30 | 000,352,984 | ---- | C] (COMODO) -- C:\Windows\SysNative\cmdvrt64.dll [2014.03.25 20:22:30 | 000,045,784 | ---- | C] (COMODO) -- C:\Windows\SysNative\cmdkbd64.dll [2014.03.25 20:22:26 | 000,284,888 | ---- | C] (COMODO) -- C:\Windows\SysWow64\cmdvrt32.dll [2014.03.25 20:22:24 | 000,040,664 | ---- | C] (COMODO) -- C:\Windows\SysWow64\cmdkbd32.dll [2014.03.12 10:21:00 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll [2014.03.12 10:21:00 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll [2014.03.12 06:37:38 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2014.02.25 18:32:44 | 000,000,000 | ---D | C] -- C:\Windows\Migration [2014.02.13 22:51:18 | 000,000,000 | ---D | C] -- C:\4d21bdd95c3a8a5bdf11a2da857c [2014.02.13 15:06:45 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe [2014.02.13 15:06:45 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe [2014.02.13 15:06:45 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe [2014.02.13 15:06:45 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe [2014.02.13 15:06:45 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe [2014.02.13 15:06:45 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe [2014.02.13 15:06:45 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe [2014.02.13 15:06:45 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe [2014.02.13 15:06:45 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll [2014.02.13 15:06:44 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll [2014.02.13 15:06:44 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll [2014.02.13 15:06:44 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll [2014.02.13 15:06:44 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll [2014.02.13 15:06:44 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll [2014.02.13 15:06:44 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll [2014.02.13 15:06:44 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll [2014.02.13 15:06:44 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll [2014.02.13 14:36:17 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2014.01.15 09:06:30 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2014.01.15 09:06:30 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2014.01.15 09:06:29 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2013.12.16 21:24:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2013.12.12 07:48:34 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll [2013.12.12 07:48:34 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll [2013.12.12 07:48:33 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013.12.12 07:48:33 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013.12.12 07:48:33 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2013.12.12 07:48:30 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys [2013.12.12 07:48:30 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys [2013.12.12 07:48:29 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll [2013.12.12 07:48:29 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll [2013.12.12 07:48:29 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe [2013.12.12 07:48:29 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx [2013.12.12 07:48:29 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe [2013.12.12 07:48:29 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx [2013.12.03 16:30:14 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE [2013.12.03 16:27:09 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.12.03 16:27:04 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll [2013.12.03 16:27:04 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.12.03 16:27:04 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll [2013.12.03 16:27:04 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.12.03 16:27:04 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.12.03 16:27:04 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.12.03 16:27:04 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.12.03 16:27:04 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.12.03 16:27:04 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.12.03 16:27:04 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.12.03 16:27:04 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.12.03 16:27:04 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.12.03 16:27:04 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.12.03 16:27:04 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.12.03 16:27:04 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.12.03 16:27:04 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.12.03 16:27:04 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.12.03 16:27:04 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.12.03 16:27:04 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.12.03 16:27:04 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.12.03 16:27:04 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.12.03 16:27:04 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.12.03 16:27:04 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.12.03 16:27:04 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.12.03 16:27:04 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.12.03 16:27:04 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.12.03 16:27:04 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.12.03 16:27:04 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.12.03 16:27:04 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.12.03 16:27:04 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.12.03 16:27:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.12.03 16:27:04 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.12.03 16:27:04 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.12.03 16:27:04 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.12.03 16:27:04 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.12.03 16:27:04 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.12.03 16:27:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.12.03 16:27:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.12.03 16:27:04 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.12.03 16:27:04 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.12.03 16:27:04 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.12.03 16:27:04 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.12.03 16:27:04 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.12.03 16:27:04 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2 C:\Users\\Desktop\*.tmp files -> C:\Users\XXX\Desktop\*.tmp -> ] ========== Files - Modified Within 360 Days ========== [2014.11.17 11:37:29 | 000,801,872 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat [2014.11.17 11:30:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\\Desktop\OTL.exe [2014.11.17 11:02:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014.11.17 10:59:11 | 001,653,356 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014.11.17 10:59:11 | 000,711,388 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2014.11.17 10:59:11 | 000,666,226 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014.11.17 10:59:11 | 000,153,610 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2014.11.17 10:59:11 | 000,126,180 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014.11.17 10:57:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014.11.17 10:57:29 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014.11.17 10:22:42 | 000,052,604 | ---- | M] () -- C:\Windows\SysNative\drivers\fvstore.dat [2014.11.17 09:30:28 | 000,002,015 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2014.11.17 09:26:01 | 000,031,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014.11.17 09:26:01 | 000,031,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014.11.17 09:18:36 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014.11.17 09:17:59 | 3146,584,064 | -HS- | M] () -- C:\hiberfil.sys [2014.11.17 09:07:42 | 000,057,096 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll [2014.11.17 09:07:42 | 000,048,392 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll [2014.11.17 09:06:20 | 000,001,296 | ---- | M] () -- C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014.11.17 07:09:17 | 000,105,782 | ---- | M] () -- C:\Users\XXX\Desktop\WPg_14_2012_Ruhnke.pdf [2014.11.12 23:35:20 | 000,340,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014.11.12 00:02:28 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2014.11.12 00:02:27 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2014.11.06 19:29:14 | 000,144,605 | ---- | M] () -- C:\Users\XXX\Desktop\Mohan_Slater_2005_A_functional_perspective_on_the_critical_theory-practice_relation_in_teaching_language_and_science.pdf [2014.11.06 19:22:03 | 002,261,355 | ---- | M] () -- C:\Users\XXX\Desktop\Schleppegrell_Achugar_Oteíza_2004_The_Grammar_of_History.pdf [2014.11.06 19:19:22 | 012,376,085 | ---- | M] () -- C:\Users\XXX\Desktop\Larsen-Freeman Chapter 10 Content Based Instruction.pdf [2014.11.06 19:19:06 | 000,198,669 | ---- | M] () -- C:\Users\XXX\Desktop\Language Teaching Research-2011-Lyster-279-88.pdf [2014.11.06 19:19:03 | 000,123,385 | ---- | M] () -- C:\Users\XXX\Desktop\Creese_2005_Is_this_content-based_language_teaching_.pdf [2014.11.06 05:03:50 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2014.11.06 04:47:03 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2014.11.06 04:46:12 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2014.11.06 04:46:12 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2014.11.06 04:44:28 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2014.11.06 04:35:59 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2014.11.06 04:31:48 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2014.11.06 04:30:22 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2014.11.06 04:30:08 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2014.11.06 04:29:18 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2014.11.06 04:23:57 | 006,040,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2014.11.06 04:20:18 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2014.11.06 04:16:23 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2014.11.06 04:13:36 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2014.11.06 04:12:44 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2014.11.06 04:10:58 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll [2014.11.06 04:07:29 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2014.11.06 04:03:56 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2014.11.06 04:02:05 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2014.11.06 04:00:56 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2014.11.06 04:00:51 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2014.11.06 03:59:36 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2014.11.06 03:58:38 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2014.11.06 03:57:38 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2014.11.06 03:42:36 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll [2014.11.06 03:41:26 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2014.11.06 03:41:26 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2014.11.06 03:39:39 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2014.11.06 03:38:25 | 002,124,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2014.11.06 03:37:58 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2014.11.06 03:36:47 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2014.11.06 03:21:25 | 002,051,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2014.11.06 03:20:37 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2014.11.06 02:53:19 | 000,799,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2014.11.06 02:47:17 | 000,708,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2014.11.05 18:56:54 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll [2014.11.05 18:56:36 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll [2014.11.05 18:52:22 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll [2014.10.25 02:57:59 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2014.10.25 02:32:37 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2014.10.18 03:05:23 | 000,861,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2014.10.17 21:22:40 | 000,010,580 | ---- | M] () -- C:\Users\XXX\Desktop\Filme und Serien.odt [2014.10.16 05:19:14 | 000,051,411 | ---- | M] () -- C:\Users\XXXDesktop\Mini Dialogues IBA 4.1.pdf [2014.10.15 15:51:58 | 004,499,365 | ---- | M] () -- C:\Users\XXX\Desktop\Practice Book O.pdf [2014.10.14 03:13:00 | 003,241,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2014.10.14 03:12:57 | 001,460,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2014.10.14 03:09:31 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll [2014.10.14 03:07:31 | 000,681,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll [2014.10.14 02:47:30 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll [2014.10.14 02:46:02 | 000,681,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll [2014.10.13 11:14:11 | 000,776,092 | ---- | M] () -- C:\Users\XXX\Desktop\Personalpr. und to be.pdf [2014.10.03 03:12:00 | 000,500,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll [2014.10.03 03:11:54 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll [2014.10.03 03:11:51 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll [2014.10.03 03:11:51 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll [2014.10.03 02:44:42 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll [2014.09.25 03:08:38 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2014.09.25 02:40:50 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2014.09.19 10:42:47 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2014.09.18 18:53:24 | 000,011,127 | ---- | M] () -- C:\Users\XXX\Desktop\Arbeitsnachweis-MA.pdf [2014.09.09 23:32:46 | 001,626,976 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2014.09.04 06:23:20 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll [2014.09.04 06:04:15 | 000,372,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll [2014.08.23 03:07:00 | 000,404,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll [2014.08.21 07:40:32 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2014.08.21 07:23:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2014.08.19 04:11:28 | 000,693,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2014.08.19 04:10:10 | 000,616,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2014.08.19 04:08:04 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2014.08.19 04:08:04 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll [2014.08.19 04:08:03 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll [2014.08.19 04:07:51 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll [2014.08.19 04:07:33 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe [2014.08.19 04:07:11 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe [2014.08.19 04:07:11 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe [2014.08.19 03:41:22 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll [2014.08.12 03:02:49 | 000,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL [2014.08.12 02:36:37 | 000,701,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL [2014.08.01 12:53:22 | 001,031,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll [2014.08.01 12:35:06 | 000,793,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll [2014.07.25 01:35:46 | 000,875,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr120_clr0400.dll [2014.07.24 22:47:06 | 000,869,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr120_clr0400.dll [2014.07.17 03:07:58 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll [2014.07.17 03:07:39 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2014.07.17 03:07:37 | 003,722,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe [2014.07.17 03:07:08 | 001,118,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2014.07.17 02:39:42 | 003,221,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2014.07.17 02:39:30 | 000,131,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2014.07.17 02:39:08 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2014.07.14 03:02:45 | 001,216,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll [2014.07.09 03:03:23 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDYAK.DLL [2014.07.09 03:03:23 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAT.DLL [2014.07.09 03:03:23 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU1.DLL [2014.07.09 03:03:23 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU.DLL [2014.07.09 03:03:22 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL [2014.07.09 02:31:42 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDYAK.DLL [2014.07.09 02:31:42 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAT.DLL [2014.07.09 02:31:42 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU1.DLL [2014.07.09 02:31:42 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU.DLL [2014.07.09 02:31:41 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL [2014.07.07 03:07:00 | 014,632,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll [2014.07.07 03:07:00 | 000,782,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll [2014.07.07 03:07:00 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2014.07.07 03:06:52 | 005,551,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2014.07.07 03:06:44 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx [2014.07.07 03:06:44 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll [2014.07.07 03:06:40 | 001,574,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2014.07.07 03:06:39 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll [2014.07.07 03:06:38 | 000,641,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll [2014.07.07 03:06:38 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll [2014.07.07 03:06:37 | 004,120,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll [2014.07.07 03:06:37 | 000,432,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll [2014.07.07 03:06:37 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll [2014.07.07 03:06:33 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll [2014.07.07 03:06:32 | 001,202,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll [2014.07.07 03:06:32 | 000,497,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll [2014.07.07 03:06:31 | 001,480,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2014.07.07 03:06:31 | 001,069,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll [2014.07.07 03:06:31 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsp.dll [2014.07.07 03:06:30 | 000,842,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll [2014.07.07 03:06:13 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe [2014.07.07 03:06:02 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe [2014.07.07 03:05:34 | 012,625,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL [2014.07.07 03:02:55 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll [2014.07.07 02:40:38 | 011,411,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll [2014.07.07 02:40:38 | 000,617,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll [2014.07.07 02:40:22 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx [2014.07.07 02:40:22 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll [2014.07.07 02:40:19 | 001,329,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2014.07.07 02:40:18 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll [2014.07.07 02:40:16 | 000,504,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll [2014.07.07 02:40:15 | 000,265,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll [2014.07.07 02:40:13 | 003,208,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2014.07.07 02:40:13 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll [2014.07.07 02:40:13 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll [2014.07.07 02:40:09 | 000,489,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll [2014.07.07 02:40:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll [2014.07.07 02:40:08 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll [2014.07.07 02:40:07 | 001,005,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll [2014.07.07 02:40:05 | 000,744,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll [2014.07.07 02:39:50 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe [2014.07.07 02:39:49 | 003,970,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2014.07.07 02:39:49 | 003,914,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2014.07.07 02:39:42 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe [2014.07.07 02:39:12 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL [2014.07.07 02:37:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll [2014.06.30 23:24:50 | 000,008,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll [2014.06.30 23:14:53 | 000,008,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll [2014.06.28 01:21:17 | 000,457,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll [2014.06.28 01:21:16 | 000,532,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2014.06.28 01:21:15 | 000,619,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2014.06.27 03:08:12 | 002,777,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2014.06.27 02:45:52 | 002,285,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2014.06.26 06:33:42 | 000,037,976 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\CFRMD.sys [2014.06.24 04:29:36 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2014.06.18 23:23:33 | 001,943,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll [2014.06.18 23:23:33 | 000,156,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll [2014.06.18 23:23:33 | 000,073,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll [2014.06.18 23:23:32 | 001,131,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll [2014.06.18 23:23:32 | 000,156,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll [2014.06.18 23:23:32 | 000,081,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll [2014.06.18 03:18:30 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe [2014.06.18 02:51:32 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe [2014.06.06 11:10:34 | 000,624,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll [2014.06.06 10:44:17 | 000,509,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll [2014.06.06 07:16:07 | 000,035,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe [2014.06.06 07:12:57 | 000,035,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe [2014.06.03 11:02:37 | 000,112,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2014.06.03 11:02:21 | 000,504,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll [2014.06.03 11:02:12 | 001,941,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2014.06.03 10:29:50 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll [2014.06.03 10:29:40 | 001,805,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2014.05.25 14:16:48 | 000,013,186 | ---- | M] () -- C:\Users\XXX\Desktop\Mini Dialogues 4.odt [2014.05.14 17:23:52 | 000,038,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2014.05.14 17:23:47 | 000,044,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2014.05.14 17:23:46 | 000,058,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2014.05.14 17:23:42 | 000,036,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll [2014.05.14 17:23:38 | 000,700,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2014.05.14 17:23:38 | 000,581,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll [2014.05.14 17:21:04 | 002,620,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2014.05.14 17:20:45 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2014.05.14 17:17:10 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll [2014.05.14 08:23:04 | 000,198,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2014.05.14 08:23:04 | 000,179,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll [2014.05.14 08:20:46 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2014.05.14 08:17:14 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe [2014.04.25 03:34:59 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2014.04.12 03:19:38 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2014.04.12 03:19:38 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2014.04.12 03:19:37 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2014.04.05 03:47:09 | 000,288,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2014.03.26 15:41:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll [2014.03.26 15:25:14 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll [2014.03.25 20:22:50 | 000,023,168 | ---- | M] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys [2014.03.25 20:22:38 | 000,363,504 | ---- | M] (COMODO) -- C:\Windows\SysWow64\guard32.dll [2014.03.25 20:22:38 | 000,043,216 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdcsr.dll [2014.03.25 20:22:36 | 000,453,680 | ---- | M] (COMODO) -- C:\Windows\SysNative\guard64.dll [2014.03.25 20:22:30 | 000,352,984 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdvrt64.dll [2014.03.25 20:22:30 | 000,045,784 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdkbd64.dll [2014.03.25 20:22:26 | 000,284,888 | ---- | M] (COMODO) -- C:\Windows\SysWow64\cmdvrt32.dll [2014.03.25 20:22:24 | 000,040,664 | ---- | M] (COMODO) -- C:\Windows\SysWow64\cmdkbd32.dll [2014.03.09 22:48:52 | 000,171,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll [2014.03.09 22:48:51 | 001,389,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe [2014.03.09 22:47:43 | 000,099,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll [2014.03.09 22:47:42 | 000,619,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe [2014.03.04 10:44:21 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2014.03.04 10:44:21 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2014.03.04 10:44:21 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2014.03.04 10:44:20 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll [2014.03.04 10:44:03 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll [2014.03.04 10:44:03 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2014.03.04 10:44:00 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2014.03.04 10:44:00 | 000,424,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2014.03.04 10:43:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll [2014.03.04 10:43:56 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll [2014.03.04 10:43:56 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll [2014.03.04 10:43:55 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll [2014.03.04 10:43:55 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll [2014.03.04 10:17:38 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll [2014.03.04 10:17:19 | 000,538,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll [2014.03.04 10:17:19 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2014.03.04 10:17:08 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll [2014.03.04 10:17:08 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll [2014.03.04 10:17:07 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll [2014.03.04 10:17:06 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll [2014.03.04 10:17:05 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll [2014.03.04 10:16:54 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2014.03.04 10:16:18 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2014.03.04 09:09:30 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2014.03.04 09:09:29 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2014.02.04 03:37:35 | 000,027,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2014.02.04 03:35:56 | 000,190,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2014.02.04 03:32:22 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2014.02.04 03:28:36 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll [2014.02.04 03:00:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll [2014.01.29 03:32:18 | 000,484,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll [2014.01.29 03:06:47 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll [2013.12.04 03:27:33 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll [2013.12.04 03:27:33 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll [2013.12.04 03:27:33 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll [2013.12.04 03:27:16 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll [2013.12.04 03:26:32 | 000,528,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll [2013.12.04 03:16:51 | 000,658,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe [2013.12.04 03:16:51 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe [2013.12.04 03:16:50 | 000,552,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe [2013.12.04 03:16:48 | 000,553,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe [2013.12.04 03:03:20 | 000,423,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll [2013.12.04 03:03:20 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll [2013.12.04 03:03:20 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll [2013.12.04 03:03:08 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll [2013.12.04 02:54:14 | 000,510,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe [2013.12.04 02:54:10 | 000,594,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe [2013.12.04 02:54:09 | 000,572,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe [2013.12.04 02:54:06 | 000,508,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe [2013.12.03 16:27:09 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.12.03 16:27:04 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll [2013.12.03 16:27:04 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.12.03 16:27:04 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll [2013.12.03 16:27:04 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.12.03 16:27:04 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.12.03 16:27:04 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.12.03 16:27:04 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.12.03 16:27:04 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.12.03 16:27:04 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.12.03 16:27:04 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.12.03 16:27:04 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.12.03 16:27:04 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.12.03 16:27:04 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.12.03 16:27:04 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.12.03 16:27:04 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.12.03 16:27:04 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.12.03 16:27:04 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.12.03 16:27:04 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.12.03 16:27:04 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.12.03 16:27:04 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.12.03 16:27:04 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.12.03 16:27:04 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.12.03 16:27:04 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.12.03 16:27:04 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.12.03 16:27:04 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.12.03 16:27:04 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.12.03 16:27:04 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.12.03 16:27:04 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.12.03 16:27:04 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.12.03 16:27:04 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.12.03 16:27:04 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.12.03 16:27:04 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.12.03 16:27:04 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.12.03 16:27:04 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.12.03 16:27:04 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.12.03 16:27:04 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.12.03 16:27:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.12.03 16:27:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.12.03 16:27:04 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.12.03 16:27:04 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.12.03 16:27:04 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.12.03 16:27:04 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013.12.03 16:27:04 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013.12.03 16:27:04 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.12.03 16:27:04 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.12.03 16:27:04 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.11.27 02:42:18 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2013.11.27 02:42:08 | 000,007,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2013.11.26 12:40:00 | 000,376,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2013.11.23 19:26:20 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013.11.23 18:47:34 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013.11.22 23:48:21 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2 C:\Users\\Desktop\*.tmp files -> C:\Users\\XXX\*.tmp -> ] ========== Files Created - No Company Name ========== [2014.11.17 10:07:41 | 000,052,604 | ---- | C] () -- C:\Windows\SysNative\drivers\fvstore.dat [2014.11.17 09:22:04 | 000,001,740 | ---- | C] () -- C:\Windows\TmTdi.inf [2014.11.17 09:07:27 | 000,393,201 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat [2014.11.17 09:05:37 | 000,002,015 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2014.11.17 07:09:15 | 000,105,782 | ---- | C] () -- C:\Users\XXX\Desktop\WPg_14_2012_Ruhnke.pdf [2014.11.06 19:29:12 | 000,144,605 | ---- | C] () -- C:\Users\XXX\Desktop\Mohan_Slater_2005_A_functional_perspective_on_the_critical_theory-practice_relation_in_teaching_language_and_science.pdf [2014.11.06 19:22:01 | 002,261,355 | ---- | C] () -- C:\Users\XXX\Desktop\Schleppegrell_Achugar_Oteíza_2004_The_Grammar_of_History.pdf [2014.11.06 19:19:07 | 012,376,085 | ---- | C] () -- C:\Users\XXX\Desktop\Larsen-Freeman Chapter 10 Content Based Instruction.pdf [2014.11.06 19:19:04 | 000,198,669 | ---- | C] () -- C:\Users\XXX\Desktop\Language Teaching Research-2011-Lyster-279-88.pdf [2014.11.06 19:19:01 | 000,123,385 | ---- | C] () -- C:\Users\X\Desktop\Creese_2005_Is_this_content-based_language_teaching_.pdf [2014.10.16 05:19:10 | 000,051,411 | ---- | C] () -- C:\Users\X\Desktop\Mini Dialogues IBA 4.1.pdf [2014.10.15 20:20:44 | 000,010,580 | ---- | C] () -- C:\Users\XDesktop\Filme und Serien.odt [2014.10.15 15:51:52 | 004,499,365 | ---- | C] () -- C:\Users\X\Desktop\Practice Book O.pdf [2014.10.15 11:18:16 | 000,013,186 | ---- | C] () -- C:\Users\X\Desktop\Mini Dialogues 4.odt [2014.10.13 11:14:10 | 000,776,092 | ---- | C] () -- C:\Users\X\Desktop\Personalpr. und to be.pdf [2014.09.18 18:53:23 | 000,011,127 | ---- | C] () -- C:\Users\X\Desktop\Arbeitsnachweis-MA.pdf [2014.09.15 13:22:01 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll [2013.12.03 16:27:04 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013.12.03 16:27:04 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013.09.19 19:36:09 | 000,000,852 | ---- | C] () -- C:\Users\\AppData\Local\recently-used.xbel [2013.06.20 21:27:19 | 000,014,760 | ---- | C] () -- C:\Windows\SysWow64\drivers\DRHMSR64.sys [2012.10.16 07:10:44 | 000,006,400 | ---- | C] () -- C:\ProgramData\NanoRepository.bin.bak [2012.10.16 07:10:44 | 000,006,400 | ---- | C] () -- C:\ProgramData\NanoRepository.bin [2012.08.01 02:40:09 | 000,000,000 | ---- | C] () -- C:\ProgramData\0x0304A000.sfl [2012.05.23 13:21:04 | 000,000,000 | ---- | C] () -- C:\Users\X\AppData\Local\rx_image32.Cache ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 03:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.10.10 17:12:10 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\Ashampoo [2013.10.26 13:37:28 | 000,000,000 | ---D | M] -- C:\Users\X\AppData\Roaming\Canneverbe Limited [2012.03.23 22:01:37 | 000,000,000 | ---D | M] -- C:\Users\Xl\AppData\Roaming\ControlCenter4 [2014.11.17 09:20:44 | 000,000,000 | ---D | M] -- C:\Users\OXl\AppData\Roaming\Dropbox [2014.09.15 12:48:42 | 000,000,000 | ---D | M] -- C:\Users\Xl\AppData\Roaming\DVDVideoSoft [2013.10.10 20:20:13 | 000,000,000 | ---D | M] -- C:\Users\OXl\AppData\Roaming\DVDVideoSoftIEHelpers [2014.09.15 14:26:50 | 000,000,000 | ---D | M] -- C:\Users\OXl\AppData\Roaming\FileZilla [2013.11.12 09:14:54 | 000,000,000 | ---D | M] -- C:\Users\Xel\AppData\Roaming\Foxit Software [2012.03.22 13:18:08 | 000,000,000 | ---D | M] -- C:\Users\Xl\AppData\Roaming\Leadertech [2012.04.23 18:59:08 | 000,000,000 | ---D | M] -- C:\Users\OXel\AppData\Roaming\MediaProSoft Free YouTube to FLV Converter [2012.03.23 21:47:55 | 000,000,000 | ---D | M] -- C:\Users\X\AppData\Roaming\Nuance [2014.09.15 12:48:42 | 000,000,000 | ---D | M] -- C:\Users\OlXAppData\Roaming\OpenCandy [2012.06.17 08:37:41 | 000,000,000 | ---D | M] -- C:\Users\X [2012.03.22 13:46:00 | 000,000,000 | ---D | M] -- C:\Users\OXtel\AppData\Roaming\Panda Security [2012.03.22 16:02:52 | 000,000,000 | ---D | M] -- C:\Users\Xl\AppData\Roaming\PCDr [2014.09.15 12:48:43 | 000,000,000 | ---D | M] -- C:\Users\l\AppData\Roaming\RHEng [2014.11.17 09:59:02 | 000,000,000 | ---D | M] -- C:\Users\OXl\AppData\Roaming\SoftGrid Client [2014.11.15 15:17:01 | 000,000,000 | ---D | M] -- C:\Users\OXel\AppData\Roaming\Spotify [2012.03.26 05:20:08 | 000,000,000 | ---D | M] -- C:\Users\OXel\AppData\Roaming\TerraTec [2012.03.22 16:06:24 | 000,000,000 | ---D | M] -- C:\Users\X\AppData\Roaming\TP [2013.10.10 20:22:33 | 000,000,000 | ---D | M] -- C:\Users\OXel\AppData\Roaming\TuneUp Software [2013.08.06 08:15:27 | 000,000,000 | ---D | M] -- C:\Users\XtXl\AppData\Roaming\Windows Live Writer [2012.03.23 21:47:59 | 000,000,000 | ---D | M] -- C:\Users\Xel\AppData\Roaming\Zeon ========== Purity Check ========== ========== Files - Unicode (All) ========== [2014.05.02 10:18:56 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?¿) -- C:\Windows\SysNative\쾐¿ [2014.05.02 10:18:56 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?¿) -- C:\Windows\SysNative\쾐¿ [2012.12.20 21:56:07 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?Æ) -- C:\Windows\SysNative\쎠Æ [2012.12.20 21:56:07 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?Æ) -- C:\Windows\SysNative\쎠Æ < End of report > --- --- --- Geändert von Dudeness78 (17.11.2014 um 12:28 Uhr) |
Baum-Darstellung