| |
| |||||||
Log-Analyse und Auswertung: Hartnäckige AdWare (?) auf dem RechnerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
09.06.2015, 17:39
| #1 |
| |  Hartnäckige AdWare (?) auf dem Rechner Hallo Leute, habe nun seit ca. 2 Wochen ein Problem auf meinem PC und habe keinerlei Ahnung wie und wo ich mir das etwas eingefangen habe. (Norton Internet Security im Abo, Klicke nichts in EMail etc. an und bin auch durch WOT usw. immer gewarnt und geschützt. Ein bisschen kenne ich mich auch mit dem Zeug aus und habe in diesem Zeitrahmen auch nichts gedownloadet etc., habe also keine Ahnung was passiert ist.) Hier die Probleme: Immer wenn ich meinen Laptop starte öffnet sich einfach aus dem nichts eine Installation (manchmal auch Setup) Namens "Max Computer Cleaner". Kenne die Datei überhaupt nicht und finde sie nicht auf meinem System. Zur Installation kommt es natürlich nicht (auch wenn es das Programm im Hintergrund trotzdem versucht und mir anscheinend AdWare [Mal Ware?] auf den Rechner kracht.) Mein Norton greift natürlich sofort ein, verhindert alles und Löscht. Trotzdem schleichen sich hin und wieder Programme ein. Hier eine kurze Zusammenfassung was ich bzw. meine Programme finden konnten: - BoBrowser - Clara Updater - RunBobby Browser - Ask.com Toolbar - Max Computer Cleaner - Casiopesa - PostPone Install - Suspicious.Cloud.9 (wird oft von Norton verhindert und entfernt) - Desktop Search - und seit gestern irgendein Fitness Programm Falls irgendetwas normales in meiner Liste sein, Entschuldigung. Vielleicht habe ich einfach was normales mitbekommen und kannte es nur nicht  Die ersten 4 Programme in der Liste melden sich nicht mehr. Scheine ich also erfolgreich Entfernt zu haben. Hoffe ich zumindest, nicht das was im Hintergrund übrig geblieben ist. Nennenswert ist vielleicht noch, das zu Anfang meine Browser umgestellt worden sind (von und auf BoBrowser oder auch Casiopesa), mit Werbung zugemüllt worden sind (Ask.com Toolbar) und es einfach nur Langsam mit dem Surfen geworden ist. Zudem weiß ich nun auch wo der "Max Computer Cleaner" im System steckt. Manuell löschen kann ich aber nichts, denn man ist der Meinung das ich dazu nicht die Berechtigung hätte. Achso und passieren tut scheinbar nichts am System durch meinen Virenschutz etc. Da wird immer gleich erfolgreich eingegriffen. Aber es ist bekanntlich kein gutes Gefühl wenn irgendwas da ist  So, die Logs! - defogger ist durch. - bei FRST brauche ich bitte Hilfe. Es landet nach dem Download auf meinem Rechner, wird aber gleich darauf als "Suspicious.Cloud.7.EP" markiert und automatisch gelöscht. Komme damit nicht an das Log File bzw. auch an das Programm nicht heran?  - GMER Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-06-09 18:05:35
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.FBEO 232,89GB
Running: 75fkznvq.exe; Driver: C:\Users\Cone\AppData\Local\Temp\kxldqpow.sys
---- System - GMER 2.1 ----
SSDT 872DA290 ZwAlertResumeThread
SSDT 872DA328 ZwAlertThread
SSDT 872D7BE0 ZwAllocateVirtualMemory
SSDT 871E6C10 ZwAlpcConnectPort
SSDT 872DDCB8 ZwAssignProcessToJobObject
SSDT 872DA0B8 ZwCreateMutant
SSDT 872DDAB0 ZwCreateSymbolicLinkObject
SSDT 87311A40 ZwCreateThread
SSDT 872DDD50 ZwDebugActiveProcess
SSDT 872D7D00 ZwDuplicateObject
SSDT 872DB498 ZwFreeVirtualMemory
SSDT 872DA160 ZwImpersonateAnonymousToken
SSDT 872DA1F8 ZwImpersonateThread
SSDT 871E6D40 ZwLoadDriver
SSDT 872DC590 ZwMapViewOfSection
SSDT 872DDFD0 ZwOpenEvent
SSDT 872D73C8 ZwOpenProcess
SSDT 872D7C88 ZwOpenProcessToken
SSDT 872DDEA0 ZwOpenSection
SSDT 872D7320 ZwOpenThread
SSDT 872DDC10 ZwProtectVirtualMemory
SSDT 872DDA08 ZwQueueApcThread
SSDT 872DD960 ZwReadVirtualMemory
SSDT 872DA3C0 ZwResumeThread
SSDT 872DA588 ZwSetContextThread
SSDT 872DC450 ZwSetInformationProcess
SSDT 872DDDE8 ZwSetSystemInformation
SSDT 872DDF38 ZwSuspendProcess
SSDT 872DA458 ZwSuspendThread
SSDT 873132A0 ZwTerminateProcess
SSDT 872DA4F0 ZwTerminateThread
SSDT 872DC4F8 ZwUnmapViewOfSection
SSDT 872DB540 ZwWriteVirtualMemory
SSDT 872DDB58 ZwCreateThreadEx
---- Kernel code sections - GMER 2.1 ----
.text ntoskrnl.exe!KeInsertQueue + 30D 820B8814 2 Bytes [90, A2]
.text ntoskrnl.exe!KeInsertQueue + 310 820B8817 5 Bytes [87, 28, A3, 2D, 87]
.text ntoskrnl.exe!KeInsertQueue + 321 820B8828 4 Bytes [E0, 7B, 2D, 87]
.text ntoskrnl.exe!KeInsertQueue + 32D 820B8834 4 Bytes [10, 6C, 1E, 87] {ADC [ESI+EBX-0x79], CH}
.text ntoskrnl.exe!KeInsertQueue + 381 820B8888 4 Bytes [B8, DC, 2D, 87]
.text ...
.reloc C:\Windows\system32\drivers\acedrv11.sys section is executable [0x89FB1300, 0x25D4C, 0xE0000060]
.text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0xBC003300, 0x3AF78, 0xE8000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0xBC046300, 0x1BCE, 0xE8000020]
---- User code sections - GMER 2.1 ----
.text C:\Users\Cone\Downloads\75fkznvq.exe[1472] ntdll.dll!NtTerminateThread 777D5200 5 Bytes JMP 00020050
.text C:\Users\Cone\Downloads\75fkznvq.exe[1472] ADVAPI32.dll!OpenSCManagerA + 125 76122EB8 7 Bytes JMP 00390768
.text C:\Users\Cone\Downloads\75fkznvq.exe[1472] ADVAPI32.dll!CloseServiceHandle + AA 7612834F 7 Bytes JMP 00390210
.text C:\Users\Cone\Downloads\75fkznvq.exe[1472] ADVAPI32.dll!AreAllAccessesGranted + 3FD 76149EAF 7 Bytes JMP 003905A0
.text C:\Users\Cone\Downloads\75fkznvq.exe[1472] ADVAPI32.dll!CreateServiceW + FF 76149FB3 7 Bytes JMP 0039012C
.text C:\Users\Cone\Downloads\75fkznvq.exe[1472] ADVAPI32.dll!ControlService + C1 7614A079 7 Bytes JMP 0039084C
.text C:\Users\Cone\Downloads\75fkznvq.exe[1472] ADVAPI32.dll!I_ScGetCurrentGroupStateW + 8F 76186629 7 Bytes JMP 003903D8
.text C:\Users\Cone\Downloads\75fkznvq.exe[1472] ADVAPI32.dll!ControlServiceExA + 10E 7618673C 7 Bytes JMP 00390048
.text C:\Users\Cone\Downloads\75fkznvq.exe[1472] ADVAPI32.dll!SetServiceObjectSecurity + FB 76186DD4 7 Bytes JMP 00390684
.text C:\Users\Cone\Downloads\75fkznvq.exe[1472] ADVAPI32.dll!ChangeServiceConfigA + 1A3 76186F7C 7 Bytes JMP 003904BC
.text C:\Users\Cone\Downloads\75fkznvq.exe[1472] ADVAPI32.dll!ChangeServiceConfig2W + BB 7618729C 2 Bytes JMP 003902F4
.text C:\Users\Cone\Downloads\75fkznvq.exe[1472] ADVAPI32.dll!ChangeServiceConfig2W + BE 7618729F 4 Bytes [20, 8A, EB, F9]
.text C:\Users\Cone\Downloads\75fkznvq.exe[1472] USER32.dll!FindWindowA + 1BF 77079F35 7 Bytes JMP 00390A12
.text C:\Users\Cone\Downloads\75fkznvq.exe[1472] USER32.dll!RecordShutdownReason + 36A 770BB7BE 7 Bytes JMP 00390930
.text C:\Users\Cone\Downloads\75fkznvq.exe[1472] NETAPI32.dll!DsGetDcNameWithAccountW + 13BE 75B2CFE4 7 Bytes JMP 00390AF4
.text C:\Users\Cone\Downloads\75fkznvq.exe[1472] NETAPI32.dll!I_NetNameValidate + 176 75B42FEA 7 Bytes JMP 00390BD8
.text C:\Users\Cone\Downloads\75fkznvq.exe[1472] NETAPI32.dll!CredpValidateTargetName + 616 75B61A58 7 Bytes JMP 00390CBC
.text C:\Users\Cone\AppData\Roaming\Spotify\Spotify.exe[3288] ntdll.dll!DbgBreakPoint 777B86CE 1 Byte [C3]
.text C:\Users\Cone\AppData\Roaming\Spotify\Spotify.exe[3288] ntdll.dll!DbgUiRemoteBreakin 777FCC54 5 Bytes JMP 777AB171 C:\Windows\system32\ntdll.dll
.text C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe[3896] ntdll.dll!NtTerminateThread 777D5200 5 Bytes JMP 00020050
.text C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe[3896] USER32.dll!FindWindowA + 1BF 77079F35 7 Bytes JMP 00090BD6
.text C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe[3896] USER32.dll!RecordShutdownReason + 36A 770BB7BE 7 Bytes JMP 00090AF4
.text C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe[3896] ADVAPI32.dll!OpenSCManagerA + 125 76122EB8 7 Bytes JMP 00090768
.text C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe[3896] ADVAPI32.dll!CloseServiceHandle + AA 7612834F 7 Bytes JMP 00090210
.text C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe[3896] ADVAPI32.dll!AreAllAccessesGranted + 3FD 76149EAF 7 Bytes JMP 000905A0
.text C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe[3896] ADVAPI32.dll!CreateServiceW + FF 76149FB3 7 Bytes JMP 0009012C
.text C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe[3896] ADVAPI32.dll!ControlService + C1 7614A079 7 Bytes JMP 0009084C
.text C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe[3896] ADVAPI32.dll!I_ScGetCurrentGroupStateW + 8F 76186629 7 Bytes JMP 000903D8
.text C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe[3896] ADVAPI32.dll!ControlServiceExA + 10E 7618673C 7 Bytes JMP 00090048
.text C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe[3896] ADVAPI32.dll!SetServiceObjectSecurity + FB 76186DD4 7 Bytes JMP 00090684
.text C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe[3896] ADVAPI32.dll!ChangeServiceConfigA + 1A3 76186F7C 7 Bytes JMP 000904BC
.text C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe[3896] ADVAPI32.dll!ChangeServiceConfig2W + BB 7618729C 2 Bytes JMP 000902F4
.text C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe[3896] ADVAPI32.dll!ChangeServiceConfig2W + BE 7618729F 4 Bytes [F0, 89, EB, F9] {MOV EBX, EBP; STC }
.text C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe[3896] NETAPI32.dll!DsGetDcNameWithAccountW + 13BE 75B2CFE4 7 Bytes JMP 00090CB8
.text C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe[3896] NETAPI32.dll!I_NetNameValidate + 176 75B42FEA 7 Bytes JMP 00090D9C
.text C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe[3896] NETAPI32.dll!CredpValidateTargetName + 616 75B61A58 7 Bytes JMP 00090E80
.text C:\Users\Cone\AppData\Roaming\Spotify\Spotify.exe[5608] ntdll.dll!DbgBreakPoint 777B86CE 1 Byte [C3]
.text C:\Users\Cone\AppData\Roaming\Spotify\Spotify.exe[5608] ntdll.dll!DbgUiRemoteBreakin 777FCC54 5 Bytes JMP 777AB171 C:\Windows\system32\ntdll.dll
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys
AttachedDevice \Driver\tdx \Device\Tcp scfd_1_10_0_16.sys
AttachedDevice \Driver\tdx \Device\Udp scfd_1_10_0_16.sys
AttachedDevice \Driver\tdx \Device\RawIp SYMTDIV.SYS
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x7F 0xF6 0x50 0xF1 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x4B 0x1D 0xA7 0xB8 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x17 0xC5 0xFA 0x8D ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Pro\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xAF 0x51 0x27 0x7D ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xE2 0x55 0x59 0xA0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x20 0xAE 0x1B 0xBD ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x7F 0xF6 0x50 0xF1 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x4B 0x1D 0xA7 0xB8 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x17 0xC5 0xFA 0x8D ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Pro\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xAF 0x51 0x27 0x7D ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xE2 0x55 0x59 0xA0 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x20 0xAE 0x1B 0xBD ...
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Code:
ATTFilter # AdwCleaner v4.205 - Bericht erstellt 09/06/2015 um 17:05:52
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-21.2 [Lokal]
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Benutzername : Cone - CONE-PC
# Gestarted von : C:\Users\Cone\Downloads\adwcleaner_4.205.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : 999a1b1f
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Innovative Solutions
Ordner Gelöscht : C:\ProgramData\{155163fc-5754-b4cc-1551-163fc5758ff1}
Ordner Gelöscht : C:\Program Files\Innovative Solutions
Ordner Gelöscht : C:\Program Files\Common Files\Innovative Solutions
Ordner Gelöscht : C:\Users\Cone\AppData\Local\Innovative Solutions
Ordner Gelöscht : C:\Users\Cone\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Ordner Gelöscht : C:\Users\Cone\AppData\Local\Chromium\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Datei Gelöscht : C:\Users\Cone\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\npnkeeiehehhefofiekoflfedgehcdhl
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Schlüssel Gelöscht : HKLM\SOFTWARE\af200937-2c34-e4b4-e5b1-bf8867333387
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{999a1b1f}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
***** [ Internetbrowser ] *****
-\\ Internet Explorer v9.0.8112.16644
-\\ Mozilla Firefox v38.0.1 (x86 de)
-\\ Google Chrome v
-\\ Chromium v
[C:\Users\Cone\AppData\Local\Chromium\User Data\Default\Secure Preferences] - Gelöscht [Extension] : mkfokfffehpeedafpekjeddnmnjhmcmk
*************************
AdwCleaner[R0].txt - [23395 Bytes] - [28/05/2015 23:15:26]
AdwCleaner[R10].txt - [2159 Bytes] - [05/06/2015 16:39:03]
AdwCleaner[R11].txt - [2219 Bytes] - [05/06/2015 17:43:29]
AdwCleaner[R12].txt - [3512 Bytes] - [09/06/2015 17:01:32]
AdwCleaner[R1].txt - [3099 Bytes] - [30/05/2015 10:33:59]
AdwCleaner[R2].txt - [1896 Bytes] - [31/05/2015 11:55:33]
AdwCleaner[R3].txt - [2202 Bytes] - [01/06/2015 16:45:32]
AdwCleaner[R4].txt - [2257 Bytes] - [01/06/2015 16:53:55]
AdwCleaner[R5].txt - [2374 Bytes] - [01/06/2015 17:00:38]
AdwCleaner[R6].txt - [2432 Bytes] - [01/06/2015 17:10:53]
AdwCleaner[R7].txt - [2549 Bytes] - [01/06/2015 17:45:54]
AdwCleaner[R8].txt - [2577 Bytes] - [02/06/2015 16:23:38]
AdwCleaner[R9].txt - [2040 Bytes] - [04/06/2015 22:09:01]
AdwCleaner[S0].txt - [21800 Bytes] - [28/05/2015 23:20:25]
AdwCleaner[S10].txt - [2280 Bytes] - [05/06/2015 17:45:03]
AdwCleaner[S11].txt - [2909 Bytes] - [09/06/2015 17:05:52]
AdwCleaner[S1].txt - [2958 Bytes] - [30/05/2015 10:35:56]
AdwCleaner[S2].txt - [1955 Bytes] - [31/05/2015 12:01:35]
AdwCleaner[S3].txt - [456 Bytes] - [01/06/2015 16:49:11]
AdwCleaner[S4].txt - [394 Bytes] - [01/06/2015 16:55:31]
AdwCleaner[S5].txt - [394 Bytes] - [01/06/2015 17:01:43]
AdwCleaner[S6].txt - [394 Bytes] - [01/06/2015 17:13:54]
AdwCleaner[S7].txt - [394 Bytes] - [01/06/2015 17:46:54]
AdwCleaner[S8].txt - [2636 Bytes] - [02/06/2015 16:26:59]
AdwCleaner[S9].txt - [2099 Bytes] - [04/06/2015 22:11:14]
########## EOF - C:\AdwCleaner\AdwCleaner[S11].txt - [3495 Bytes] ##########
 Danke schon einmal für die Hilfe  |
|
09.06.2015, 18:44
| #2 |
| /// the machine /// TB-Ausbilder    | Hartnäckige AdWare (?) auf dem Rechner hi,
__________________AV Programm abschalten, dann FRST neu laden.
__________________ |
|
09.06.2015, 19:36
| #3 |
| | Hartnäckige AdWare (?) auf dem Rechner Guten Abend,
__________________vielen Dank! Hat alles geklappt. Hier noch der Rest: FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-06-2015
Ran by Cone (administrator) on CONE-PC on 09-06-2015 20:10:36
Running from C:\Users\Cone\Downloads
Loaded Profiles: Cone (Available Profiles: Cone)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Windows\Runservice.exe
() C:\Users\Cone\AppData\Roaming\Mysterious Herd\Mysterious Herd.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
() C:\Program Files\MaxComputerCleaner_v40.539\MaxComputerCleaner_Maintenance.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Cone\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\p2phost.exe
(Spotify Ltd) C:\Users\Cone\AppData\Roaming\Spotify\Spotify.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Spotify Ltd) C:\Users\Cone\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.7.0.11\wscstub.exe
(DTools LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.7.0.11\conathst.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(Irfan Skiljan) C:\Program Files\IrfanView\i_view32.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.7.0.11\wscstub.exe
(SRWare) C:\Program Files\SRWare Iron\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6111232 2008-04-17] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-26] (Synaptics, Inc.)
HKLM\...\Run: [amd_dc_opt] => C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM\...\Run: [LexwareInfoService] => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [339312 2010-09-15] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [PlusService] => C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [MaxComputerCleaner_v40.539] => C:\Program Files\MaxComputerCleaner_v40.539\MaxComputerCleaner_Maintenance.exe [31432 2015-05-25] ()
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\Run: [Steam] => C:\Program Files\Steam\Steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\Run: [ICQ] => "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\Run: [Google Update] => C:\Users\Cone\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-23] (Google Inc.)
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\Run: [Spotify Web Helper] => C:\Users\Cone\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-05-28] (Spotify Ltd)
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\Run: [CollaborationHost] => C:\Windows\system32\p2phost.exe [192000 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\Run: [Badoo Desktop] => C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe [1067232 2012-12-24] (Badoo)
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31282304 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5496600 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\Run: [Spotify] => C:\Users\Cone\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-05-28] (Spotify Ltd)
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\Run: [DesktopSearch] => C:\ProgramData\DesktopSearch\DesktopSearch.exe -ros
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\MountPoints2: {57ab2e30-fe25-11e0-bec6-001377981de1} - H:\Autorun.exe
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\MountPoints2: {949ff397-8857-11e4-b3bd-001377981de1} - F:\AutoRun.exe
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\MountPoints2: {adf95e56-9de2-11e1-8446-001377981de1} - G:\virtuallyjenna-en.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk [2009-01-02]
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Cone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011-04-08]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Cone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk [2011-04-09]
ShortcutTarget: ZooskMessenger.lnk -> C:\Program Files\ZooskMessenger\ZooskMessenger.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.oursurfing.com/?type=hp&ts=1433863206&z=602383c987343716d3a9f96g5z2c5c7b2qcc9obeeq&from=tt4u&uid=HitachiXHTS543225L9A300_081225FB8E00LKKN7V3AX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.oursurfing.com/web/?type=ds&ts=1433863206&z=602383c987343716d3a9f96g5z2c5c7b2qcc9obeeq&from=tt4u&uid=HitachiXHTS543225L9A300_081225FB8E00LKKN7V3AX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.oursurfing.com/?type=hp&ts=1433863206&z=602383c987343716d3a9f96g5z2c5c7b2qcc9obeeq&from=tt4u&uid=HitachiXHTS543225L9A300_081225FB8E00LKKN7V3AX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1433863206&z=602383c987343716d3a9f96g5z2c5c7b2qcc9obeeq&from=tt4u&uid=HitachiXHTS543225L9A300_081225FB8E00LKKN7V3AX&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.oursurfing.com/?type=hp&ts=1433863206&z=602383c987343716d3a9f96g5z2c5c7b2qcc9obeeq&from=tt4u&uid=HitachiXHTS543225L9A300_081225FB8E00LKKN7V3AX
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.oursurfing.com/?type=hp&ts=1433863206&z=602383c987343716d3a9f96g5z2c5c7b2qcc9obeeq&from=tt4u&uid=HitachiXHTS543225L9A300_081225FB8E00LKKN7V3AX
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL = hxxp://www.cassiopesa.com/results.php?f=4&q={searchTerms}&a=csp_tuto1_15_23&cd=2XzuyEtN2Y1L1QzutDtDtBtCyCtA0C0CyDtDzytB0AtA0EyDtN0D0Tzu0StCtByDtDtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyEyDtBtC0E0CyD0CtGtB0F0B0EtGtD0F0BtAtGyD0B0AtDtG0D0ByD0FtC0AyEyCtD0A0EtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0CtCyC0C0F0F0FtGzz0BtDtDtGyE0CtBtBtGzzyDtAyCtGyEtAtAtCzy0FyCyCzz0E0D0E2QtN0A0LzutB&cr=1928221773&ir=
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1433863206&z=602383c987343716d3a9f96g5z2c5c7b2qcc9obeeq&from=tt4u&uid=HitachiXHTS543225L9A300_081225FB8E00LKKN7V3AX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1433863206&z=602383c987343716d3a9f96g5z2c5c7b2qcc9obeeq&from=tt4u&uid=HitachiXHTS543225L9A300_081225FB8E00LKKN7V3AX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003 -> {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = hxxp://badoo.com/startpage/?source=bsb&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003 -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL = hxxp://www.cassiopesa.com/results.php?f=4&q={searchTerms}&a=csp_tuto1_15_23&cd=2XzuyEtN2Y1L1QzutDtDtBtCyCtA0C0CyDtDzytB0AtA0EyDtN0D0Tzu0StCtByDtDtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyEyDtBtC0E0CyD0CtGtB0F0B0EtGtD0F0BtAtGyD0B0AtDtG0D0ByD0FtC0AyEyCtD0A0EtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0CtCyC0C0F0F0FtGzz0BtDtDtGyE0CtBtBtGzzyDtAyCtGyEtAtAtCzy0FyCyCzz0E0D0E2QtN0A0LzutB&cr=1928221773&ir=
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-21] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-21] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.oursurfing.com/?type=sc&ts=1433863206&z=602383c987343716d3a9f96g5z2c5c7b2qcc9obeeq&from=tt4u&uid=HitachiXHTS543225L9A300_081225FB8E00LKKN7V3AX
FireFox:
========
FF ProfilePath: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default
FF NewTab: hxxp://www.oursurfing.com/newtab/?type=nt&ts=1433863206&z=602383c987343716d3a9f96g5z2c5c7b2qcc9obeeq&from=tt4u&uid=HitachiXHTS543225L9A300_081225FB8E00LKKN7V3AX
FF DefaultSearchEngine: Cassiopesa
FF Homepage: hxxp://www.oursurfing.com/?type=hp&ts=1433863206&z=602383c987343716d3a9f96g5z2c5c7b2qcc9obeeq&from=tt4u&uid=HitachiXHTS543225L9A300_081225FB8E00LKKN7V3AX
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-04] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1135379117-4003147572-3166874969-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-1135379117-4003147572-3166874969-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\searchplugins\badoo.xml [2013-11-30]
FF SearchPlugin: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\searchplugins\cassiopesa.xml [2015-06-04]
FF SearchPlugin: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\searchplugins\icqplugin-1.xml [2011-11-18]
FF SearchPlugin: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\searchplugins\icqplugin-10.xml [2011-11-18]
FF SearchPlugin: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\searchplugins\icqplugin-11.xml [2011-11-18]
FF SearchPlugin: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\searchplugins\icqplugin-2.xml [2011-11-18]
FF SearchPlugin: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\searchplugins\icqplugin-3.xml [2011-11-18]
FF SearchPlugin: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\searchplugins\icqplugin-4.xml [2011-11-18]
FF SearchPlugin: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\searchplugins\icqplugin-5.xml [2011-11-18]
FF SearchPlugin: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\searchplugins\icqplugin-6.xml [2011-11-18]
FF SearchPlugin: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\searchplugins\icqplugin-7.xml [2011-11-18]
FF SearchPlugin: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\searchplugins\icqplugin-8.xml [2011-11-18]
FF SearchPlugin: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\searchplugins\icqplugin-9.xml [2011-11-18]
FF SearchPlugin: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\searchplugins\icqplugin.xml [2011-11-18]
FF SearchPlugin: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\searchplugins\{3AB8959E-9D08-4EFD-9CC5-E812A0E3A4A3}.xml [2011-11-18]
FF SearchPlugin: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\searchplugins\{504F4656-CBE5-4B43-B579-287331BC9171}.xml [2011-11-18]
FF SearchPlugin: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\searchplugins\{8D3B539A-D9BA-4D5F-AC01-88AC12009F26}.xml [2011-11-18]
FF SearchPlugin: C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\searchplugins\{F7820664-586E-4C6D-AFA3-C9A7E832D423}.xml [2011-11-18]
FF Extension: QuickSearch - C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\Extensions\searchffv2@gmail.com [2015-06-09]
FF Extension: Search Enginer - C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\Extensions\sweetsearch@gmail.com [2015-06-09]
FF Extension: WOT - C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-06-04]
FF Extension: Witchhammer - C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\Extensions\witchhammer@andrewbuntine.com.xpi [2011-04-27]
FF Extension: Video DownloadHelper - C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-04-26]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2015-06-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-04-05]
FF HKLM\...\Firefox\Extensions: [searchffv2@gmail.com] - C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\extensions\searchffv2@gmail.com
FF HKLM\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\extensions\sweetsearch@gmail.com
FF HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\Firefox\Extensions: [{1266764D-FC4F-4FA7-B63B-884D53B1680F}] - C:\Users\Cone\AppData\Roaming\NetAssistant
FF Extension: Freeze.com NetAssistant - C:\Users\Cone\AppData\Roaming\NetAssistant [2011-05-03]
Chrome:
=======
CHR Profile: C:\Users\Cone\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Cone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-05]
CHR Extension: (Google Drive) - C:\Users\Cone\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-05]
CHR Extension: (YouTube) - C:\Users\Cone\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-31]
CHR Extension: (Google Search) - C:\Users\Cone\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-31]
CHR Extension: (No Name) - C:\Users\Cone\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-11]
CHR Extension: (No Name) - C:\Users\Cone\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-09-16]
CHR Extension: (No Name) - C:\Users\Cone\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-12]
CHR Extension: (No Name) - C:\Users\Cone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-22]
CHR Extension: (Gmail) - C:\Users\Cone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-31]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-20]
StartMenuInternet: Google Chrome.2CERJMV4VR3T35XVMAKMYLQLK4 - C:\Users\Cone\AppData\Local\Google\Chrome\Application\chrome.exe hxxp://www.oursurfing.com/?type=sc&ts=1433863206&z=602383c987343716d3a9f96g5z2c5c7b2qcc9obeeq&from=tt4u&uid=HitachiXHTS543225L9A300_081225FB8E00LKKN7V3AX
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [819200 2008-07-10] (Intel(R) Corporation) [File not signed]
R2 LicCtrlService; C:\Windows\runservice.exe [2560 2011-07-22] () [File not signed]
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 Mysterious Herd; C:\Users\Cone\AppData\Roaming\Mysterious Herd\Mysterious Herd.exe [65024 2015-06-07] () [File not signed]
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-07-10] (Intel(R) Corporation) [File not signed]
S2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [77480 2008-05-13] () [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [695976 2015-06-09] (DTools LIMITED) <==== ATTENTION
S3 InnovativeSolutions_monitor; C:\Program Files\Common Files\Innovative Solutions\Advanced Uninstaller\InnovativeSolutions_monitor_Svr.exe [X]
S2 scsvc_1.10.0.16; "C:\Program Files\SuperClick_1.10.0.16\Service\scsvc.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [277544 2009-01-19] (Protect Software GmbH)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [279712 2013-04-08] ()
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150601.001\BHDrvx86.sys [1172696 2015-05-21] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1507000.00B\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [232512 2012-06-29] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [380720 2015-05-27] (Symantec Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [113456 2015-05-27] (Symantec Corporation)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20150608.001\IDSvix86.sys [514776 2015-05-29] (Symantec Corporation)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2007-05-23] (SAMSUNG ELECTRONICS CO., LTD.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-04-08] ()
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150608.034\NAVENG.SYS [95704 2015-05-29] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150608.034\NAVEX15.SYS [1636696 2015-05-29] (Symantec Corporation)
R1 scfd_1_10_0_16; C:\Windows\System32\drivers\scfd_1_10_0_16.sys [52736 2015-05-13] (SuperClick)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [443448 2012-06-29] (Duplex Secure Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NIS\1507000.00B\SRTSP.SYS [664792 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1507000.00B\SRTSPX.SYS [32984 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1507000.00B\SYMDS.SYS [367704 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1507000.00B\SYMEFA.SYS [936152 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2013-11-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1507000.00B\Ironx86.SYS [209624 2014-08-06] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1507000.00B\SYMTDIV.SYS [384728 2014-02-18] (Symantec Corporation)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2011-04-26] (The OpenVPN Project)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 mdxgthkn; \??\C:\Users\Cone\AppData\Local\Temp\mdxgthkn.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 VMC302; System32\Drivers\VMC302.sys [X]
S3 VMC326; System32\Drivers\VMC326.sys [X]
U3 kxldqpow; \??\C:\Users\Cone\AppData\Local\Temp\kxldqpow.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-09 20:10 - 2015-06-09 20:15 - 00031363 _____ C:\Users\Cone\Downloads\FRST.txt
2015-06-09 20:09 - 2015-06-09 20:11 - 00000000 ____D C:\FRST
2015-06-09 20:07 - 2015-06-09 20:08 - 01147904 _____ (Farbar) C:\Users\Cone\Downloads\FRST.exe
2015-06-09 19:34 - 2015-06-09 19:58 - 00000000 ____D C:\Users\Cone\AppData\Local\DesktopSearch
2015-06-09 18:05 - 2015-06-09 18:05 - 00020389 _____ C:\Users\Cone\Desktop\Gmer.txt
2015-06-09 17:35 - 2015-06-09 17:36 - 00000522 _____ C:\Windows\system32\defogger_disable.log
2015-06-09 17:26 - 2015-06-09 17:26 - 00000000 ____D C:\ProgramData\Eniiufeesnun
2015-06-09 17:23 - 2015-06-09 17:25 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-06-09 17:23 - 2015-06-09 17:23 - 00000000 ____D C:\Users\Cone\AppData\Roaming\oursurfing
2015-06-09 17:23 - 2015-06-09 17:23 - 00000000 ____D C:\Program Files\MiuiTab
2015-06-09 17:14 - 2015-06-09 17:14 - 00000000 ____D C:\Users\Cone\AppData\Local\{87A05623-8A9F-46DA-AEB5-F262E56C35B4}
2015-06-09 16:59 - 2015-06-09 16:59 - 00000000 ____D C:\Users\Cone\AppData\Local\{969C6159-5FEC-4439-B88F-97A15CAF85F9}
2015-06-08 16:18 - 2015-06-08 16:18 - 00000000 ____D C:\Users\Cone\AppData\Local\{2DFFE84B-FEB3-40FF-8920-D63370813EC6}
2015-06-07 17:15 - 2015-06-07 17:15 - 00000000 ____D C:\Users\Cone\AppData\Local\{98B394E4-C9D3-4C1C-937B-98E35DE759D1}
2015-06-07 01:02 - 2015-06-07 01:02 - 00000000 ____D C:\Users\Cone\AppData\Local\{841FE7F0-3452-488D-A6B0-EF0FF5D8277F}
2015-06-07 00:32 - 2015-06-07 00:32 - 00000000 ____D C:\Program Files\decodit
2015-06-07 00:26 - 2015-06-09 18:26 - 00000356 _____ C:\Windows\Tasks\Bidaily Synchronize Task[973b].job
2015-06-07 00:26 - 2015-06-07 00:26 - 00000000 ____D C:\Users\Cone\AppData\Roaming\Mysterious Herd
2015-06-06 13:27 - 2015-06-09 17:11 - 00000328 _____ C:\Windows\Tasks\Health-Check-auto.job
2015-06-06 13:27 - 2015-06-09 17:11 - 00000326 _____ C:\Windows\Tasks\UninstallMonitor.job
2015-06-06 13:27 - 2015-06-07 00:56 - 00000330 _____ C:\Windows\Tasks\Health-Check-deep.job
2015-06-06 13:27 - 2015-06-07 00:56 - 00000322 _____ C:\Windows\Tasks\Health-Check.job
2015-06-06 13:27 - 2015-06-06 13:27 - 00002100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller PRO 11.lnk
2015-06-06 13:27 - 2015-06-06 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller PRO
2015-06-06 13:27 - 2014-03-07 10:25 - 00042496 _____ C:\Windows\system32\AdvUninstCPL.cpl
2015-06-06 13:25 - 2015-06-06 13:26 - 19346448 _____ (Innovative Solutions ) C:\Users\Cone\Downloads\Advanced_Uninstaller11.exe
2015-06-06 12:55 - 2015-06-06 12:55 - 00000000 ____D C:\Users\Cone\AppData\Local\{76A71462-B9A7-4C45-807E-4C4F41749DAD}
2015-06-05 23:34 - 2015-06-05 23:34 - 00000000 _____ C:\Windows\setuperr.log
2015-06-05 23:34 - 2015-06-05 23:34 - 00000000 _____ C:\Windows\setupact.log
2015-06-05 21:50 - 2015-06-05 22:15 - 00000000 ____D C:\Program Files\ANNO1602
2015-06-05 17:03 - 2015-06-05 17:03 - 00380416 _____ C:\Users\Cone\Downloads\75fkznvq.exe
2015-06-05 16:44 - 2015-06-05 16:45 - 00000778 _____ C:\Users\Cone\Downloads\defogger_disable.log
2015-06-05 16:44 - 2015-06-05 16:45 - 00000356 _____ C:\Users\Cone\defogger_reenable
2015-06-05 16:42 - 2015-06-05 16:42 - 00050477 _____ C:\Users\Cone\Downloads\Defogger.exe
2015-06-05 16:19 - 2015-06-05 16:19 - 00000000 ____D C:\Users\Cone\AppData\Local\Chromium
2015-06-05 16:07 - 2015-06-05 16:07 - 00000000 ____D C:\Users\Cone\AppData\Local\{2F8CCDCB-365A-4099-987A-238AA0985AAC}
2015-06-04 16:21 - 2015-06-04 16:21 - 00000000 ____D C:\Users\Cone\AppData\Roaming\Tny_cassiopesa
2015-06-04 16:15 - 2015-06-04 16:15 - 00000000 ____D C:\Users\Cone\AppData\Local\{B66F0D82-F76B-440A-ACEA-3533EE988586}
2015-06-03 23:04 - 2015-06-03 23:05 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-03 16:28 - 2015-06-03 16:28 - 00000000 ____D C:\Users\Cone\AppData\Local\{FB5BAE8A-FE53-4CF1-A865-5BE4D47420E3}
2015-06-02 16:15 - 2015-06-02 16:15 - 00000000 ____D C:\Users\Cone\AppData\Local\{13FC9BB2-69F7-4D6C-B2C3-FA28F4035CE2}
2015-06-01 19:08 - 2015-06-03 16:53 - 00009585 _____ C:\Users\Cone\Documents\Einnahmen Ausgaben.ods
2015-06-01 17:50 - 2015-06-01 17:50 - 00000000 ____D C:\Users\Cone\AppData\Local\NPE
2015-05-31 23:26 - 2015-06-08 22:32 - 00000000 ____D C:\Users\Cone\AppData\Roaming\vlc
2015-05-31 23:22 - 2015-05-31 23:22 - 00000859 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-05-31 23:22 - 2015-05-31 23:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-05-31 23:21 - 2015-05-31 23:21 - 00000000 ____D C:\Program Files\VideoLAN
2015-05-31 23:19 - 2015-05-31 23:19 - 01197344 _____ C:\Users\Cone\Downloads\VLC media player 32 Bit - CHIP-Installer.exe
2015-05-31 20:35 - 2015-05-31 20:35 - 00197799 _____ C:\Users\Cone\Downloads\data.rar
2015-05-31 20:35 - 2015-05-31 20:35 - 00000000 ____D C:\Users\Cone\Downloads\data
2015-05-31 20:28 - 2015-05-31 20:28 - 00000000 ____D C:\Users\Cone\Downloads\patch
2015-05-31 20:27 - 2015-05-31 20:27 - 04007799 _____ C:\Users\Cone\Downloads\patch.zip
2015-05-31 20:26 - 2015-05-31 20:26 - 00000219 _____ C:\Windows\Directx.log
2015-05-31 20:26 - 2015-05-31 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2015-05-31 20:26 - 2015-05-31 20:26 - 00000000 ____D C:\Program Files\Rockstar Games
2015-05-31 20:26 - 2015-05-31 20:26 - 00000000 ____D C:\Program Files\directx
2015-05-31 20:14 - 2015-05-31 20:19 - 361544078 _____ C:\Users\Cone\Downloads\GTA2INSTALLER.ZIP
2015-05-31 20:07 - 2015-05-31 20:08 - 01197344 _____ C:\Users\Cone\Downloads\Grand Theft Auto GTA 2 - CHIP-Installer.exe
2015-05-31 10:57 - 2015-05-31 10:57 - 00000000 ____D C:\Users\Cone\AppData\Local\{1929F896-FA18-43E7-B75A-90D6D2ECADDD}
2015-05-29 16:20 - 2015-05-29 16:20 - 00000000 ____D C:\Users\Cone\AppData\Local\{56EE378F-C726-47FA-A457-C9B6F64222BA}
2015-05-28 23:15 - 2015-06-09 17:07 - 00000000 ____D C:\AdwCleaner
2015-05-28 23:14 - 2015-05-28 23:15 - 02223104 _____ C:\Users\Cone\Downloads\adwcleaner_4.205.exe
2015-05-28 16:29 - 2015-05-28 16:29 - 00000000 ____D C:\ProgramData\Vuwliojal
2015-05-28 16:15 - 2015-05-28 16:15 - 00000000 ____D C:\Users\Cone\AppData\Local\{1DC5FC37-0F5A-4CF2-AAD9-A45DBD7BC0CA}
2015-05-26 21:36 - 2015-05-26 21:36 - 00000000 ____D C:\Users\Cone\Downloads\rhOjxpw3PQdUZVBTdN88AIrrzduSiZnW
2015-05-26 20:44 - 2015-05-26 21:36 - 159598964 _____ C:\Users\Cone\Downloads\rhOjxpw3PQdUZVBTdN88AIrrzduSiZnW.zip
2015-05-26 17:09 - 2015-06-07 00:55 - 00003348 _____ C:\Windows\PFRO.log
2015-05-26 16:33 - 2015-06-09 17:25 - 00000000 ____D C:\Program Files\MaxComputerCleaner_v40.539
2015-05-26 16:33 - 2015-05-26 16:33 - 00000000 ____D C:\Users\Cone\AppData\Roaming\dlg
2015-05-26 16:22 - 2015-05-26 16:22 - 00053736 _____ C:\Users\Cone\Downloads\download-finalmediaplayer.exe
2015-05-26 16:21 - 2015-05-26 16:21 - 00000000 ____D C:\Users\Cone\AppData\Local\{81F07339-646E-4CF3-9570-ECD131A5B7EF}
2015-05-25 12:22 - 2015-06-09 19:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-25 11:29 - 2015-05-25 11:29 - 43719904 _____ (SRWare ) C:\Users\Cone\Downloads\srware_iron.exe
2015-05-25 11:10 - 2015-05-25 11:10 - 00000000 ____D C:\Users\Cone\AppData\Local\{95C28691-7F79-4B48-9F10-62B3488C28FA}
2015-05-23 12:02 - 2015-05-24 00:03 - 00000000 ____D C:\Users\Cone\AppData\Local\{4F0C6A09-257D-40EE-AF4A-E7D43695BB8C}
2015-05-22 16:25 - 2015-05-22 16:25 - 00000000 ____D C:\Users\Cone\AppData\Local\{B7736E0E-0956-45B0-978D-6B3FED23BBF5}
2015-05-21 21:56 - 2015-05-21 22:41 - 2878111355 _____ C:\Users\Cone\Downloads\NEW WAR 2014-HD.mp4
2015-05-21 19:42 - 2015-05-21 19:42 - 00114176 _____ C:\Users\Cone\Downloads\DieVKmitPreis.xls
2015-05-21 17:43 - 2015-05-21 17:43 - 00000000 ____D C:\Users\Cone\AppData\Local\{3F54D4EC-F648-48F2-8AF0-3437057E7E92}
2015-05-20 18:19 - 2015-05-20 18:19 - 00018432 _____ C:\Users\Cone\Downloads\Longsleeve-FB.xls
2015-05-20 18:19 - 2015-05-20 18:19 - 00017408 _____ C:\Users\Cone\Downloads\Kapu u.a.- FB.xls
2015-05-20 18:02 - 2015-05-20 18:02 - 00000000 ____D C:\Users\Cone\AppData\Local\{545CD86D-4188-4330-A227-A92C3104D316}
2015-05-19 16:45 - 2015-05-19 16:45 - 00000000 ____D C:\Users\Cone\AppData\Local\{743C4A9E-F93B-40EC-889C-1352B964E366}
2015-05-18 16:26 - 2015-05-18 16:26 - 00000000 ____D C:\Users\Cone\AppData\Local\{6385BC57-C55C-4ED9-A28F-F0FB208F3F4E}
2015-05-16 16:36 - 2015-05-16 16:36 - 00729683 _____ C:\Users\Cone\Downloads\4keen.zip
2015-05-16 16:31 - 2015-05-16 16:31 - 00000000 ____D C:\Users\Cone\AppData\Local\{3D5B3A0B-4B86-43C6-AC31-B478902B7A7F}
2015-05-16 12:35 - 2015-05-16 17:59 - 00000000 ____D C:\Users\Cone\.jdosbox
2015-05-15 12:22 - 2015-04-30 18:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-15 12:19 - 2015-04-19 23:24 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-05-15 12:19 - 2015-04-19 23:24 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-05-15 12:19 - 2015-04-19 23:24 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-05-15 12:19 - 2015-04-19 23:24 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-05-15 12:19 - 2015-04-19 22:19 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-05-15 12:19 - 2015-04-19 22:18 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-05-15 12:19 - 2015-04-19 22:13 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-05-15 12:19 - 2015-04-19 22:12 - 00801792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-15 12:19 - 2015-04-19 06:59 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-15 12:18 - 2015-04-19 22:12 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-15 12:15 - 2015-04-30 15:14 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-15 11:19 - 2015-04-11 01:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-15 11:16 - 2015-05-15 11:16 - 00000000 ____D C:\Program Files\Google
2015-05-15 11:03 - 2015-05-15 11:03 - 00000000 ____D C:\Users\Cone\AppData\Local\{49CA179D-1E4E-4143-80D5-54727D82BC32}
2015-05-13 21:07 - 2015-05-13 21:07 - 00052736 _____ (SuperClick) C:\Windows\system32\Drivers\scfd_1_10_0_16.sys
2015-05-13 19:52 - 2015-04-10 17:30 - 12379136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 19:52 - 2015-04-10 17:25 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 19:52 - 2015-04-10 17:25 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 19:52 - 2015-04-10 17:24 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 19:52 - 2015-04-10 17:21 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 19:52 - 2015-04-10 17:20 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 19:52 - 2015-04-10 17:20 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 19:52 - 2015-04-10 17:19 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 19:52 - 2015-04-10 17:19 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 19:52 - 2015-04-10 17:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 19:52 - 2015-04-10 17:19 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 19:52 - 2015-04-10 17:19 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 19:52 - 2015-04-10 17:19 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-05-13 19:52 - 2015-04-10 17:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 19:52 - 2015-04-10 17:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 19:52 - 2015-04-10 17:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 19:52 - 2015-04-10 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 19:52 - 2015-04-10 17:18 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 19:52 - 2015-04-10 17:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 19:52 - 2015-04-10 17:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-05-13 19:52 - 2015-04-10 17:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-05-13 19:52 - 2015-04-10 17:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-05-13 19:21 - 2015-05-13 19:21 - 00000000 ____D C:\Users\Cone\AppData\Local\{2DE4962C-8300-4099-9481-BE9CF3709733}
2015-05-12 17:34 - 2015-05-12 17:34 - 00000000 ____D C:\Users\Cone\AppData\Local\{66627CBF-7DEC-489B-96B1-491CC18C484D}
2015-05-11 17:28 - 2015-05-11 17:28 - 00000000 ____D C:\Users\Cone\AppData\Local\{118E66AA-F33D-48F0-A898-66A633888D0D}
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-09 20:09 - 2009-01-09 02:50 - 01915750 _____ C:\Windows\WindowsUpdate.log
2015-06-09 19:27 - 2012-01-31 22:13 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1135379117-4003147572-3166874969-1003UA.job
2015-06-09 19:23 - 2012-07-09 16:42 - 00000000 ____D C:\Users\Cone\AppData\Roaming\Spotify
2015-06-09 19:10 - 2006-11-02 14:47 - 00004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-09 19:10 - 2006-11-02 14:47 - 00004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-09 17:36 - 2012-10-09 15:43 - 00000000 ____D C:\Users\Cone\AppData\Roaming\Skype
2015-06-09 17:25 - 2012-02-25 13:58 - 00000000 ____D C:\Program Files\SRWare Iron
2015-06-09 17:22 - 2012-01-31 22:15 - 00002337 _____ C:\Users\Cone\Desktop\Google Chrome.lnk
2015-06-09 17:22 - 2011-04-04 18:22 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-09 17:22 - 2011-04-04 18:22 - 00001154 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-06-09 17:22 - 2009-01-24 17:51 - 00001257 _____ C:\Users\Cone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-09 17:17 - 2011-06-09 18:15 - 00000000 ____D C:\Program Files\Steam
2015-06-09 17:13 - 2012-03-10 20:14 - 00000000 ____D C:\Users\Cone\Tracing
2015-06-09 17:12 - 2012-07-09 16:44 - 00000000 ____D C:\Users\Cone\AppData\Local\Spotify
2015-06-09 17:10 - 2011-07-22 16:43 - 00001513 ___SH C:\Windows\system32\mmf.sys
2015-06-09 17:10 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-09 17:08 - 2006-11-02 15:01 - 00032530 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-08 16:54 - 2015-02-03 16:10 - 00000000 ____D C:\Program Files\ZooskMessenger
2015-06-05 23:32 - 2011-04-10 10:31 - 00000000 ____D C:\Users\Cone\AppData\Local\CrashDumps
2015-06-05 22:15 - 2009-01-02 08:13 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-06-05 16:44 - 2009-01-24 17:49 - 00000000 ____D C:\Users\Cone
2015-06-04 22:13 - 2012-05-08 17:25 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-06-04 16:35 - 2013-04-05 15:25 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-04 16:35 - 2011-12-05 13:50 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-04 16:35 - 2011-04-07 15:04 - 00000000 ____D C:\Users\Cone\AppData\Local\Adobe
2015-06-03 17:14 - 2013-10-07 16:30 - 00000000 ____D C:\Users\Cone\Documents\Daemon Metallicus
2015-06-01 23:57 - 2011-04-04 18:28 - 00000000 ____D C:\Users\Cone\AppData\Roaming\ICQ
2015-06-01 22:30 - 2012-04-01 17:11 - 00000000 ____D C:\Users\Cone\Documents\HyperCam3
2015-06-01 22:30 - 2011-04-05 13:15 - 00199168 _____ C:\Users\Cone\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-31 11:44 - 2012-03-10 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-31 11:44 - 2012-03-10 20:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-31 11:44 - 2012-02-25 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
2015-05-31 11:44 - 2012-01-31 22:15 - 00000000 ____D C:\Users\Cone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-31 11:44 - 2011-06-24 21:02 - 00000000 ____D C:\Users\Cone\AppData\Roaming\IrfanView
2015-05-31 11:44 - 2011-06-04 11:38 - 00000000 ____D C:\Users\Cone\AppData\Roaming\Winamp
2015-05-31 11:44 - 2011-06-03 20:10 - 00000000 ____D C:\Users\Cone\AppData\Roaming\ScummVM
2015-05-31 11:44 - 2011-04-08 20:01 - 00000000 ____D C:\Program Files\QuickDic
2015-05-31 11:44 - 2009-01-02 08:42 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-31 11:44 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2015-05-31 11:44 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\ShellNew
2015-05-31 11:44 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-31 11:44 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\spool
2015-05-31 11:44 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2015-05-31 11:29 - 2012-01-31 22:13 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1135379117-4003147572-3166874969-1003Core.job
2015-05-30 13:27 - 2006-11-02 12:33 - 01723688 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-29 23:43 - 2015-01-24 20:44 - 00039951 _____ C:\Users\Cone\Documents\wXw Shows 2015.odt
2015-05-28 23:20 - 2011-04-04 18:29 - 00000000 ____D C:\ProgramData\ICQ
2015-05-25 11:23 - 2013-01-07 16:01 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-05-25 11:22 - 2013-01-07 16:01 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-05-24 22:26 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-05-16 16:46 - 2011-06-04 16:11 - 00000000 ____D C:\Program Files\DOSBox-0.74
2015-05-15 12:55 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-05-15 12:44 - 2006-11-02 14:47 - 00420560 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-15 12:13 - 2013-08-16 11:40 - 00000000 ____D C:\Windows\system32\MRT
2015-05-15 11:39 - 2006-11-02 12:24 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
==================== Files in the root of some directories =======
2012-08-24 15:55 - 2012-08-24 22:31 - 0024206 _____ () C:\Users\Cone\AppData\Roaming\UserTile.png
2011-10-14 16:16 - 2014-09-12 15:03 - 0000680 _____ () C:\Users\Cone\AppData\Local\d3d9caps.dat
2011-04-05 13:15 - 2015-06-01 22:30 - 0199168 _____ () C:\Users\Cone\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-20 15:15 - 2014-12-20 16:08 - 0000026 _____ () C:\Users\Cone\AppData\Local\isoworkshop.ini
2013-04-26 18:02 - 2013-04-26 18:02 - 0000849 _____ () C:\Users\Cone\AppData\Local\recently-used.xbel
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-09 17:24
==================== End of log ============================
Addition [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x86) Version: 08-06-2015
Ran by Cone at 2015-06-09 20:16:08
Running from C:\Users\Cone\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1135379117-4003147572-3166874969-500 - Administrator - Disabled)
Cone (S-1-5-21-1135379117-4003147572-3166874969-1003 - Administrator - Enabled) => C:\Users\Cone
Gast (S-1-5-21-1135379117-4003147572-3166874969-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Internet Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.0.0.4080 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Advanced Uninstaller PRO - Version 11 (HKLM\...\AU11_is1) (Version: 11.66.0.325 - Innovative Solutions)
Atheros WLAN Client (HKLM\...\{04983D37-2202-4295-94A2-8B547C66133F}) (Version: 1.00.000 - )
Audacity 2.0.6 (HKLM\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Badoo Desktop (HKLM\...\{D0AF8BD9-79A6-45D6-8B71-25281B1300A7}) (Version: 1.6.58.1220 - Badoo)
Battle.net (HKLM\...\Battle.net) (Version: - )
Business Contact Manager für Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager für Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 4.41.0315.0262 - DT Soft Ltd)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Dual-Core Optimizer (HKLM\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Easy Battery Manager (HKLM\...\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}) (Version: 3.2.1.7 - Samsung)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 2.0.0.0 - Samsung)
Easy Network Manager 3.0 (HKLM\...\InstallShield_{4EA8EA5D-8E46-4698-9BF7-2F2AD8E1C185}) (Version: 3.0.0.0 - Ihr Firmenname)
Easy Network Manager 3.0 (Version: 3.0.0.0 - Ihr Firmenname) Hidden
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.0.1.3 - )
Freemake Video Converter Version 2.4.0 (HKLM\...\Freemake Video Converter_is1) (Version: 2.4.0 - Ellora Assets Corporation)
Google Chrome (HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
GTA2 (HKLM\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - )
Hama Black Force Pad (HKLM\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.01.01 - )
HyperCam 3 (HKLM\...\HyperCam 3) (Version: 3.3.1109.19 - Solveig Multimedia)
ICQ7.5 (HKLM\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)
imagine digital freedom - Samsung (HKLM\...\{8E106A57-A17E-431D-B48F-175E42EB9F74}) (Version: 1.0.2.2 - Samsung Electronics Co. Ltd.,)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{AED53CDF-1046-4C6B-B5E2-C195125ECDA0}) (Version: 12.00.4000 - Intel(R) Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: - )
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java(TM) 6 Update 32 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.320 - Oracle)
Kaos Extreme Utilities (HKLM\...\Kaos Extreme Utilities) (Version: - )
Lexware Info Service (HKLM\...\{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}) (Version: 2.70.00.0081 - Haufe-Lexware GmbH & Co.KG)
MaintenanceService 1.0.0 (HKLM\...\zz.539.mcc) (Version: 1.0.0 - CSDI)
Messenger Plus! 5 (HKLM\...\Messenger Plus!) (Version: 5.50.0.761 - Yuna Software)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SOAP Toolkit 2.0 SP2 (HKLM\...\{36BEAD11-8577-49AD-9250-E06A50AE87B0}) (Version: 623.1 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{FDE96E86-7780-431C-92F7-679C6A7CEC51}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Morrowind (HKLM\...\{1D108D70-E7D1-4089-9A0A-99629C4D0CB8}) (Version: - )
Mozilla Firefox 38.0.1 (x86 de) (HKLM\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Namuga 1.3M Webcam (HKLM\...\{71A51B59-E7D3-11DB-A386-005056C00008}) (Version: 1.00.0000 - Vimicro Corporation)
NetAssistant (Version: 3.6.5 - Freeze.com) Hidden
NetAssistant for Firefox (HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\NetAssistant) (Version: 3.6.5 - Freeze.com)
Norton Internet Security (HKLM\...\NIS) (Version: 21.7.0.11 - Symantec Corporation)
NVIDIA PhysX v8.04.25 (HKLM\...\{74224F8D-4A17-4816-9EDB-7BB854DE532C}) (Version: 8.04.25 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
oursurfing uninstall (HKLM\...\oursurfing uninstall) (Version: - oursurfing) <==== ATTENTION
PDF Reader (HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\PDF Reader) (Version: - )
Project64 1.6 (HKLM\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
QuickSteuer Deluxe 2011 (HKLM\...\{6BCC7669-A863-4C24-804B-9C811C102F71}) (Version: 17.00.00.0065 - Haufe-Lexware GmbH & Co.KG)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5605 - Realtek Semiconductor Corp.)
RTP for RM2K (Png, Wav, Midi, Fonts) (HKLM\...\RTP for RM2K (Png, Wav, Midi, Fonts)) (Version: - )
Samsung Magic Doctor (HKLM\...\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}) (Version: 5.0 - Samsung Electronics Co., LTD)
Samsung Recovery Solution III (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 3.0.0.7 - Samsung)
Samsung Update Plus (HKLM\...\InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}) (Version: 1.3.0.11 - Samsung Electronics Co., LTD)
Samsung Update Plus (Version: 1.3.0.11 - Samsung Electronics Co., LTD) Hidden
ScummVM 1.1.1 (HKLM\...\ScummVM_is1) (Version: - )
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Sierra Utilities (HKLM\...\Sierra Utilities) (Version: - )
Skype™ 7.4 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
SRWare Iron Version SRWare Iron 42.2250.1 (HKLM\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 42.2250.1 - SRWare)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Mario Bros. X version 1.3 (HKLM\...\{C9EAEE6B-741F-421D-B9CE-9FA300DA92AD}_is1) (Version: 1.3 - SuperMarioBrothers.org)
SuperTux 0.1.0 (HKLM\...\SuperTux_is1) (Version: - SuperTux Development Team)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.1.2.0 - Synaptics)
TEW2005 (HKLM\...\TEW2005) (Version: - )
TEW2010 (HKLM\...\TEW2010) (Version: - )
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.5000.00 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Vampires Dawn: Reign of Blood (HKLM\...\{CF55095E-07AA-432E-8376-CEF71D70746A}_is1) (Version: Vampires Dawn: Reign of Blood 1.31 - Brianum)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Vimicro UVC Camera (HKLM\...\{71A51B09-E7D3-11DB-A386-005056C00008}) (Version: 1.00.0000 - Vimicro Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WIDCOMM Bluetooth Software 6.0.1.6300 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6300 - WIDCOMM, Inc.)
Winamp (HKLM\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.00 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
XMedia Recode 3.0.3.4 (HKLM\...\XMedia Recode) (Version: 3.0.3.4 - Sebastian Dörfler)
Zoosk Messenger (HKLM\...\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1) (Version: 4.200.2 - Zoosk, Inc.)
Zoosk Messenger (Version: 4.200.2 - Zoosk, Inc.) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Cone\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.27.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{19041B6B-8F97-4669-BA21-C17572737ED2}\localserver32 -> "C:\Users\Cone\AppData\Local\BoBrowser\Application\36.0.1985.136\delegate_execute.exe" No File
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Cone\AppData\Local\Google\Chrome\Application\43.0.2357.81\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.26.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.27.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1135379117-4003147572-3166874969-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Cone\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
==================== Restore Points =========================
05-06-2015 21:49:37 Installiert ANNO 1602
05-06-2015 22:15:01 Entfernt ANNO 1602
06-06-2015 13:28:22 After installing Advanced Uninstaller PRO
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0284D4D0-7C85-48B1-AE9F-9EAAD7AF9925} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Cone => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: {029D431E-D160-4D12-A404-1876087C4C60} - System32\Tasks\Health-Check-deep => C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: {1969D1C8-DE8C-43D0-9B74-4A5532B8D402} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2008-10-06] (SAMSUNG Electronics)
Task: {1D53CB0E-8EEB-496C-817D-0FB9EA390F01} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1135379117-4003147572-3166874969-1003Core => C:\Users\Cone\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {1D5C601B-C835-4188-BA43-DE5A59D6C345} - System32\Tasks\Vuwliojal => C:\ProgramData\Vuwliojal\1.0.1.0\ihnebesi.exe
Task: {22596FE8-CFE7-42A0-B233-9240D9E5CB17} - System32\Tasks\{3E34145B-C568-4100-891C-395883424515} => pcalua.exe -a C:\Users\Cone\Downloads\Alcohol120_de_trial_7.b7612\Alcohol120_de_trial_7.b7612.exe -d C:\Users\Cone\Downloads\Alcohol120_de_trial_7.b7612
Task: {241199AE-42F2-4694-8018-9D244CA01956} - System32\Tasks\Bidaily Synchronize Task[973b] => c:\programdata\{155163fc-5754-b4cc-1551-163fc5758ff1}\priceless_soft_partner.exe <==== ATTENTION
Task: {2820FAB5-E793-439A-8DD6-D99C5638CC4E} - System32\Tasks\{BA137EF3-A0A8-4D98-A231-25B58C67E531} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsWLM
Task: {3FEEA3E9-7DFD-41C7-8C1B-73C844E03A11} - System32\Tasks\Health-Check-auto => C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: {457B3723-7923-4BB5-855B-F98DA7A01FE8} - System32\Tasks\Health-Check => C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: {513B1F1C-8EB8-4D87-B0E3-141C6D4A5BEA} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {53D7B97E-F216-4905-9D45-94DB746F7A0F} - System32\Tasks\{7B98F2F3-1823-493D-A8A3-5A1599724D74} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/go/help.faq.installer?LastError=1618
Task: {6E7D20A2-8785-4FBF-B31E-B6AC4637B06B} - System32\Tasks\{385448C2-36F2-4028-8101-6B6B1D9149B3} => pcalua.exe -a C:\Users\Cone\Downloads\OOo_3.3.0_Win_x86_install-wJRE_de.exe -d "C:\Program Files\Mozilla Firefox"
Task: {889C9880-3030-48E5-A103-1023DED190F6} - System32\Tasks\UninstallMonitor => C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe
Task: {912F6257-9229-453D-94BF-9BDBDD624AC3} - System32\Tasks\Eniiufeesnun => C:\ProgramData\Eniiufeesnun\1.0.1.0\ulunhrae.exe
Task: {93054DE1-85EB-4E2A-8A43-3411E38BDAA9} - System32\Tasks\{4591C0E3-10D8-4CFE-9509-24867C7B4DCE} => pcalua.exe -a C:\Users\Cone\Downloads\keen4\INSTALL.EXE -d C:\Users\Cone\Downloads\keen4
Task: {A102BF6E-7087-4E22-AC51-C205DDA7D5FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-04] (Adobe Systems Incorporated)
Task: {ABE0E3AD-8D69-4CE9-9C21-F12481C64134} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {AF237F81-4F39-4773-8FB9-8092BF695815} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe [2013-03-22] ()
Task: {C182A7BF-0AA7-4D60-B6AB-5D9A169B6B7D} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {C5D4120D-F4C9-44B9-A6FE-968D76D4FF4F} - System32\Tasks\{9CDBFF8C-EB33-4559-83CC-B905ACA4581E} => pcalua.exe -a "C:\Program Files\Microsoft Games\Age of Empires\UNINSTX.EXE" -c /runtemp
Task: {C7CBCBCC-BF99-45D3-A41C-A03136321A60} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1135379117-4003147572-3166874969-1003UA => C:\Users\Cone\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {D52A3E64-22B4-4524-AA18-DEB04D98E63C} - System32\Tasks\SamsungMagicDoctor => C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe [2008-08-26] (Samsung Electronics Co., Ltd.)
Task: {D5E9F13F-C0BA-4ADC-9197-513F4720F991} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2008-10-08] (Samsung Electronics Co., Ltd.)
Task: {DC437B66-0DC7-4597-89F3-5760A5764030} - System32\Tasks\{2BF1A457-AA3B-485B-B530-5ED3AF70D68C} => pcalua.exe -a C:\Users\Cone\AppData\Roaming\oursurfing\UninstallManager.exe -c -ptid=tt4u
Task: {E21BE3ED-041D-4E6A-84F6-51E16F348DAA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {E98874CB-B61D-4B45-9290-8B89EB5ACC20} - System32\Tasks\{9997E582-D30C-4D26-8716-234242E6FCC6} => pcalua.exe -a C:\Users\Cone\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=cvs
Task: {F2E38CB2-3275-4717-AC97-237505B0F9B5} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe [2008-08-07] (SAMSUNG Electronics co., LTD.)
Task: {FDAE4ABA-A9EB-429B-95ED-9CD499D5DC42} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Bidaily Synchronize Task[973b].job => c:\programdata\{155163fc-5754-b4cc-1551-163fc5758ff1}\priceless_soft_partner.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1135379117-4003147572-3166874969-1003Core.job => C:\Users\Cone\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1135379117-4003147572-3166874969-1003UA.job => C:\Users\Cone\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Health-Check-auto.job => C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: C:\Windows\Tasks\Health-Check-deep.job => C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: C:\Windows\Tasks\Health-Check.job => C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: C:\Windows\Tasks\UninstallMonitor.job => C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe
==================== Loaded Modules (Whitelisted) ==============
2011-07-22 16:43 - 2011-07-22 16:43 - 00002560 _____ () C:\Windows\runservice.exe
2011-07-22 16:43 - 2011-07-22 16:43 - 00048640 _____ () C:\Windows\mmfs.dll
2015-06-07 00:26 - 2015-06-07 00:26 - 00065024 _____ () C:\Users\Cone\AppData\Roaming\Mysterious Herd\Mysterious Herd.exe
2009-01-02 08:26 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2009-01-02 08:27 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll
2009-01-02 08:26 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\SAMSUNG\EasySpeedUpManager\HookDllPS2.dll
2015-05-25 18:04 - 2015-05-25 18:04 - 00031432 _____ () C:\Program Files\MaxComputerCleaner_v40.539\MaxComputerCleaner_Maintenance.exe
2012-11-01 19:56 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2015-03-10 19:33 - 2015-05-28 23:27 - 41287224 _____ () C:\Users\Cone\AppData\Roaming\Spotify\libcef.dll
2015-03-10 19:33 - 2015-03-20 17:27 - 09305656 _____ () C:\Users\Cone\AppData\Roaming\Spotify\pdf.dll
2015-05-25 12:22 - 2015-06-04 16:35 - 16867504 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll
2011-06-24 21:02 - 2011-06-24 21:02 - 00049664 _____ () C:\Program Files\IrfanView\Languages\DEUTSCH.DLL
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1135379117-4003147572-3166874969-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Cone\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{97D7C86B-90D5-4D4D-B3FB-6E90B8FBE884}] => (Allow) LPort=80
FirewallRules: [{A10E5FA2-1052-45FB-B9D4-3268EFF33251}] => (Allow) LPort=80
FirewallRules: [{D9EF70EC-E227-4767-8FE6-F739D168B4AF}] => (Allow) LPort=80
FirewallRules: [{C0E83494-9B1D-46B6-9053-BA27938DB132}] => (Allow) C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe
FirewallRules: [{E3A0E303-787C-444B-B218-279B60E12674}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe
FirewallRules: [{6EE379A9-39D3-4EBB-9856-E104A9812E30}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe
FirewallRules: [{AA508D95-976F-463E-A974-D826C5DF5347}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe
FirewallRules: [{D5170EE4-B97B-47D4-8194-03DBAD75B557}] => (Allow) C:\Program Files\ICQ7.5\ICQ.exe
FirewallRules: [{3F9CD715-97A7-4115-B6F9-E32BE6749B90}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{57850786-9026-44AA-AD15-C01B9EA1A35E}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{C22225CD-FB8B-4E21-88BD-1C121C152E2B}] => (Allow) C:\Program Files\Easy Downloads\easydownloads.exe
FirewallRules: [{AD405D61-DB19-458A-B8BC-2E8864FD6AE8}] => (Allow) C:\Program Files\Easy Downloads\easydownloads.exe
FirewallRules: [{163F80C0-1E60-4D55-90FA-B9BB93639B01}] => (Allow) C:\Program Files\Easy Downloads\easydl.exe
FirewallRules: [{22905388-D741-418C-9465-A75090CED9B0}] => (Allow) C:\Program Files\Easy Downloads\easydl.exe
FirewallRules: [{5FF6700A-B573-4783-93DF-31A56350674B}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{167F3A1F-A0C7-48A2-AC20-774E51EE8140}] => (Allow) LPort=2869
FirewallRules: [{5B7A1E04-0511-41AB-B365-CD671A0967D6}] => (Allow) LPort=1900
FirewallRules: [{BBE87A4C-2FAD-41EC-913F-06ED63798C66}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C9A266BA-8C7F-4CCE-98D1-48C83182108C}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{3B35279E-9800-432F-B8B6-E586EF5F692D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0692875A-958A-4621-A8AB-E7E18FD9AF54}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0ED85E56-59D3-4BD3-A0AF-568A4C8645F0}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C17EB87A-EE3E-4FD9-86C7-128503102AE9}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{37AB9DC7-0A2D-41F5-9652-F89B3F4C48E8}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2727489F-243E-4F2A-A650-E9AF9EDCBAB9}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{008E8755-26D4-46D3-A4DA-6A97D2A499BC}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F26EB7C8-3E03-435B-B55B-A5BCC22452ED}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{80F5FA8E-FA6A-49BE-8744-CD104C0AB8AD}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{BE98EEC4-B01E-4A85-9211-9216AEC9649C}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{0AF694F4-E201-4824-A4D1-9F8F7F2EAAF3}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{FE60C240-2BEE-4606-9C55-E0B44CEA0F56}] => (Allow) C:\Users\Cone\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{C07BBB3F-D0E5-43DC-A75B-F73E0CE570A0}] => (Allow) C:\Users\Cone\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{A1E5E937-6A13-415D-8824-F38F641E5079}] => (Allow) C:\Users\Cone\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{82C4CD25-1B77-4910-98A3-9C59DC12ABFE}] => (Allow) C:\Users\Cone\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{A31D9CEB-A1F0-451A-9D64-30E7911261FF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{547EF316-842B-4EC0-9AF2-BF950A1E6477}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6F1B6D0A-4715-4B14-B33E-D5FD7CF387D5}] => (Allow) C:\Users\Cone\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{0C7E5CB5-1184-4AF6-9123-E33D7BBDB200}] => (Allow) C:\Users\Cone\AppData\Local\BoBrowser\Application\bobrowser.exe
==================== Faulty Device Manager Devices =============
Name: Flash Reader
Description: Flash Reader
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Multi
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/09/2015 05:51:50 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (06/09/2015 05:21:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Z2VudGxlbWptcF9pZXU=.tmp, Version 51.52.0.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: b10
Anfangszeit: 01d0a2c75eb86383
Zeitpunkt der Beendigung: 23
Error: (06/09/2015 05:19:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm oursurfing_soft_partner.tmp, Version 51.52.0.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: d44
Anfangszeit: 01d0a2c7af548713
Zeitpunkt der Beendigung: 10
Error: (06/09/2015 05:11:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/09/2015 04:55:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/08/2015 04:15:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/07/2015 05:12:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/07/2015 00:57:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/06/2015 01:28:05 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {3068b294-f611-4079-8477-eace4c2d681d}
Error: (06/06/2015 00:52:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (06/09/2015 07:34:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: ukrErVPC1600001Neustart des Diensts
Error: (06/09/2015 05:23:30 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032
Error: (06/09/2015 05:17:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update
Error: (06/09/2015 05:15:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: KtmRm für Distributed Transaction Coordinator
Error: (06/09/2015 05:11:42 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000NIS
Error: (06/09/2015 05:11:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: SC 1.10.0.16 Client Service%%3
Error: (06/09/2015 05:11:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (06/09/2015 05:08:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: C:\Windows\system32\athihvs.dll
Error: (06/09/2015 05:08:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: C:\Windows\system32\athihvs.dll
Error: (06/09/2015 05:08:26 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: C:\Windows\system32\athihvs.dll
Microsoft Office:
=========================
CodeIntegrity Errors:
===================================
Date: 2015-06-09 20:14:55.493
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-06-09 20:14:54.681
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-06-09 20:14:53.912
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-06-09 20:14:53.158
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-06-09 20:13:24.664
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150601.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-06-09 20:13:23.848
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150601.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-06-09 20:13:18.104
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150601.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-06-09 20:13:12.342
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150601.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-06-09 17:42:12.109
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Cone\AppData\Local\Temp\tmpBA87.tmp" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-06-09 17:42:11.471
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Cone\AppData\Local\Temp\tmpBA87.tmp" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz
Percentage of memory in use: 69%
Total physical RAM: 3031.88 MB
Available physical RAM: 935.84 MB
Total Pagefile: 6272.16 MB
Available Pagefile: 3505.93 MB
Total Virtual: 2047.88 MB
Available Virtual: 1881.53 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:109.88 GB) (Free:14.3 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: () (Fixed) (Total:110 GB) (Free:109.91 GB) NTFS
Drive f: (Morrowind) (CDROM) (Total:1.81 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: ECE99E11)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=109.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=110 GB) - (Type=07 NTFS)
==================== End of log ============================
|
|
10.06.2015, 16:33
| #4 |
| /// the machine /// TB-Ausbilder | Hartnäckige AdWare (?) auf dem Rechner Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.06.2015, 17:31
| #5 |
| | Hartnäckige AdWare (?) auf dem Rechner Danke für die Hilfe erstmal. Folgendes Problem stellt sich aber noch beim Combofix. Er meckert das mein Norton noch an wäre und das dann "unvorhergesehene Dinge" an meinen Dateien passieren könnten wenn ich diesen nicht abschalte. Wie mache ich das aber? Habe mein Norton deaktiviert und in bin in den "Silent Mode" gegangen. Dennoch bleibt das Norton Symbol unten in meiner Symbolleiste. Bekomme es also nicht aus. Was soll ich in dem Moment tun?  |
|
11.06.2015, 16:08
| #6 |
| /// the machine /// TB-Ausbilder | Hartnäckige AdWare (?) auf dem Rechner Norton abschalten: Deaktivieren bzw. temporäres Ausschalten von NIS möglich? | Norton Community Dort wie im Screenshot gezeigt alles aus, dann CF laufen lassen.
__________________ --> Hartnäckige AdWare (?) auf dem Rechner |
|
12.06.2015, 16:58
| #7 |
| | Hartnäckige AdWare (?) auf dem Rechner Dankeschön. Zuerst: Combofix hat gemeckert. Folgendes wollte wohl nicht mehr Funktionieren: - NirCMD funkioniert nicht mehr - setpath.3XE - rmbr.3XE - Handle Viewer Nach dem Neustart gab es dann noch folgende Meldung: "Max ComputerCleaner-Maintenance.exe - Programmfehler Die Anwendung hat einen Ausnahmefehler generiert, der nicht verarbeitet werden konnte. Prozess-ID=0,xc28 (3112), Thread-ID=0xc2c (3116) Klicken Sie auf "OK", um die Anwendung zu beenden, oder auf "Abbrechen" um sie zu debuggen" Habe da erstmal auf "OK" geklickt, dann ging es weiter und die Log Datei wurde erstellt. Interessanterweise hat das Programm den Fehler verursacht, welches mich hier auch nervt  Hier natürlich noch die Log Datei: Teil 1 Code:
ATTFilter ComboFix 15-06-09.01 - Cone 12.06.2015 16:51:08.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3032.1365 [GMT 2:00]
ausgeführt von:: c:\users\Cone\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
FW: Norton Internet Security *Disabled* {6BFC5632-188D-B806-D13E-C607121B42A0}
SP: Norton Internet Security *Disabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\ZooskMessenger\ZooskMessenger.exe
c:\programdata\Roaming
c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini
c:\windows\IsUn0407.exe
c:\windows\unin0407.exe
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Service_acedrv11
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-05-12 bis 2015-06-12 ))))))))))))))))))))))))))))))
.
.
2015-06-12 15:02 . 2015-06-12 15:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-06-11 15:09 . 2015-04-24 15:54 532480 ----a-w- c:\windows\system32\comctl32.dll
2015-06-11 15:01 . 2015-05-21 14:22 2066432 ----a-w- c:\windows\system32\win32k.sys
2015-06-11 14:31 . 2015-05-04 22:50 7680 ----a-w- c:\windows\system32\spwmp.dll
2015-06-11 14:30 . 2015-05-04 22:50 4096 ----a-w- c:\windows\system32\msdxm.ocx
2015-06-11 14:30 . 2015-05-04 22:50 4096 ----a-w- c:\windows\system32\dxmasf.dll
2015-06-11 14:30 . 2015-05-04 21:21 107520 ----a-w- c:\program files\Windows Media Player\wmpconfig.exe
2015-06-11 14:30 . 2015-05-04 21:21 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2015-06-11 14:30 . 2015-05-04 21:21 107520 ----a-w- c:\program files\Windows Media Player\wmpshare.exe
2015-06-11 14:30 . 2015-05-04 21:21 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2015-06-10 15:49 . 2015-06-10 15:49 -------- d-----w- c:\program files\VS Revo Group
2015-06-09 18:09 . 2015-06-09 18:17 -------- d-----w- C:\FRST
2015-06-09 17:34 . 2015-06-09 21:26 -------- d-----w- c:\users\Cone\AppData\Local\DesktopSearch
2015-06-09 15:26 . 2015-06-09 15:26 -------- d-----w- c:\programdata\Eniiufeesnun
2015-06-09 15:23 . 2015-06-11 15:04 -------- d-----w- c:\program files\MiuiTab
2015-06-09 15:23 . 2015-06-11 14:55 -------- d-----w- c:\programdata\WindowsMangerProtect
2015-06-06 22:32 . 2015-06-06 22:32 -------- d-----w- c:\program files\decodit
2015-06-06 22:26 . 2015-06-06 22:26 -------- d-----w- c:\users\Cone\AppData\Roaming\Mysterious Herd
2015-06-06 11:27 . 2014-03-07 08:25 42496 ----a-w- c:\windows\system32\AdvUninstCPL.cpl
2015-06-05 19:50 . 2015-06-05 20:15 -------- d-----w- c:\program files\ANNO1602
2015-06-05 14:19 . 2015-06-05 14:19 -------- d-----w- c:\users\Cone\AppData\Local\Chromium
2015-06-04 14:21 . 2015-06-04 14:21 -------- d-----w- c:\users\Cone\AppData\Roaming\Tny_cassiopesa
2015-06-01 15:50 . 2015-06-01 15:50 -------- d-----w- c:\users\Cone\AppData\Local\NPE
2015-05-31 21:26 . 2015-06-09 21:28 -------- d-----w- c:\users\Cone\AppData\Roaming\vlc
2015-05-31 21:21 . 2015-05-31 21:21 -------- d-----w- c:\program files\VideoLAN
2015-05-31 18:26 . 2015-05-31 18:26 -------- d-----w- c:\program files\directx
2015-05-31 18:26 . 2015-05-31 18:26 -------- d-----w- c:\program files\Rockstar Games
2015-05-28 21:15 . 2015-06-09 15:07 -------- d-----w- C:\AdwCleaner
2015-05-28 14:29 . 2015-05-28 14:29 -------- d-----w- c:\programdata\Vuwliojal
2015-05-26 14:33 . 2015-05-26 14:33 -------- d-----w- c:\users\Cone\AppData\Roaming\dlg
2015-05-26 14:33 . 2015-06-11 14:55 -------- d-----w- c:\program files\MaxComputerCleaner_v40.539
2015-05-16 10:35 . 2015-05-16 15:59 -------- d-----w- c:\users\Cone\.jdosbox
2015-05-15 10:22 . 2015-04-30 16:03 279040 ----a-w- c:\windows\system32\schannel.dll
2015-05-15 10:19 . 2015-04-19 21:24 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-05-15 10:19 . 2015-04-19 21:24 189952 ----a-w- c:\windows\system32\d3d10core.dll
2015-05-15 10:19 . 2015-04-19 21:24 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2015-05-15 10:19 . 2015-04-19 21:24 1029120 ----a-w- c:\windows\system32\d3d10.dll
2015-05-15 10:19 . 2015-04-19 20:19 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2015-05-15 10:19 . 2015-04-19 20:18 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2015-05-15 10:19 . 2015-04-19 20:13 682496 ----a-w- c:\windows\system32\d2d1.dll
2015-05-15 10:19 . 2015-04-19 20:12 801792 ----a-w- c:\windows\system32\FntCache.dll
2015-05-15 10:18 . 2015-04-19 20:12 1072640 ----a-w- c:\windows\system32\DWrite.dll
2015-05-15 10:15 . 2015-04-30 13:14 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-15 10:13 . 2015-04-08 01:11 939008 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2015-05-15 10:13 . 2015-04-07 23:35 1850880 ----a-w- c:\program files\Windows Journal\Journal.exe
2015-05-15 10:13 . 2015-04-08 01:11 1219584 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2015-05-15 10:13 . 2015-04-08 01:11 985088 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2015-05-15 10:13 . 2015-04-08 01:11 967168 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2015-05-15 09:19 . 2015-04-10 23:22 279552 ----a-w- c:\windows\system32\services.exe
2015-05-15 09:16 . 2015-05-15 09:16 -------- d-----w- c:\program files\Google
2015-05-13 19:07 . 2015-05-13 19:07 52736 ----a-w- c:\windows\system32\drivers\scfd_1_10_0_16.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-10 15:32 . 2013-04-05 13:25 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-06-10 15:32 . 2011-12-05 11:50 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-04-14 00:35 . 2015-04-14 00:35 875720 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-04-14 00:35 . 2015-04-14 00:35 536776 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
.
.
Code:
ATTFilter ------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
.
.
.
.
.
.
[7] 2008-01-21 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\System32\drivers\null.sys
[7] 2008-01-21 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6001.18000_none_a965ed7d1afd0ac7\null.sys
.
[7] 2014-04-05 . A4196D394207369E1431E8681B373312 . 915392 . . [6.0.6002.23370] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23370_none_b54264477ce304df\tcpip.sys
[7] 2014-04-05 . C7B0746FCD576D7EEBA6A2530B0B2966 . 905664 . . [6.0.6002.19080] . . c:\windows\System32\drivers\tcpip.sys
[7] 2014-04-05 . C7B0746FCD576D7EEBA6A2530B0B2966 . 905664 . . [6.0.6002.19080] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.19080_none_b4adf3c463cd86b8\tcpip.sys
[7] 2013-07-05 . D18D53974FD715D50FC76F9FFE1C830D . 905664 . . [6.0.6002.18880] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18880_none_b4ae19bc63cd564f\tcpip.sys
[7] 2013-07-05 . 6D0D344F643E28B31262AC2682109A3C . 914880 . . [6.0.6002.23152] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23152_none_b55a00e77cd1055d\tcpip.sys
[7] 2013-05-08 . 548E198BAE21EFC21F8B5F0C1728AD27 . 905576 . . [6.0.6002.18835] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18835_none_b4e92aca63a0494d\tcpip.sys
[7] 2013-05-08 . 078218D74C4EFC2CE7E4C6DF22A94F2F . 914792 . . [6.0.6002.23106] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23106_none_b59411ab7ca4df04\tcpip.sys
[7] 2013-01-04 . 3535CD93F944C00F098E73E12EE7FEB6 . 914792 . . [6.0.6002.23013] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23013_none_b5863efb7cafb1c9\tcpip.sys
[7] 2013-01-04 . 74E2D020C47BB2B2FCCBA29A518A7EB4 . 905576 . . [6.0.6002.18764] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18764_none_b4c7b8d663b986a2\tcpip.sys
[7] 2012-03-30 . 27D470DABC77BC60D0A3B0E4DEB6CB91 . 905600 . . [6.0.6002.18604] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[7] 2012-03-30 . EE7E10BED85C312C1D5D30C435BDDA9F . 914304 . . [6.0.6002.22828] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[7] 2011-09-20 . 814A1C66FBD4E1B310A517221F1456BF . 905088 . . [6.0.6002.18519] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[7] 2011-09-20 . 16731B631F28F63CD9F4CB60940E7DDD . 913280 . . [6.0.6002.22719] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[7] 2010-06-16 . 6A10AFCE0B38371064BE41C1FBFD3C6B . 912776 . . [6.0.6002.22425] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[7] 2010-06-16 . A474879AFA4A596B3A531F3E69730DBF . 905088 . . [6.0.6002.18272] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[7] 2010-06-16 . 782568AB6A43160A159B6215B70BCCE9 . 898952 . . [6.0.6001.18493] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[7] 2010-06-16 . 6216A954ED7045B62880A92D6C9B9FC7 . 902032 . . [6.0.6001.22713] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[7] 2010-02-18 . 93A5655CD9CD2F080EF1CB71A3666215 . 902024 . . [6.0.6001.22636] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[7] 2010-02-18 . 2EAE4500984C2F8DACFB977060300A15 . 898952 . . [6.0.6001.18427] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[7] 2010-02-18 . D9F5DD5BBC8348E8F8220CCBF14C022E . 910216 . . [6.0.6002.22341] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[7] 2010-02-18 . 48CBE6D53632D0067C2D6B20F90D84CA . 904576 . . [6.0.6002.18209] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[7] 2010-02-18 . 4A82FA8F0DF67AA354580C3FAAF8BDE3 . 815104 . . [6.0.6000.17021] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[7] 2010-02-18 . 2C1F7005AA3B62721BFDB307BD5F5010 . 818688 . . [6.0.6000.21226] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[7] 2009-08-15 . 2512B4D1353370D6688B1AF1F5AFA1CF . 816640 . . [6.0.6000.21108] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[7] 2009-08-14 . 8A7AD2A214233F684242F289ED83EBC3 . 897608 . . [6.0.6001.18311] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[7] 2009-08-14 . 2608E71AAD54564647D4BB984E1925AA . 900168 . . [6.0.6001.22497] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[7] 2009-08-14 . FF71856BD4CD6D4367F9FD84BE79A874 . 905784 . . [6.0.6002.22200] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
[7] 2009-08-14 . 65877AA1B6A7CB797488E831698973E9 . 904776 . . [6.0.6002.18091] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[7] 2009-08-14 . 300208927321066EA53761FDC98747C6 . 813568 . . [6.0.6000.16908] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[7] 2009-04-11 . 0E6B0885C3D5E4643ED2D043DE3433D8 . 897000 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[7] 2008-04-26 . 82E266BEE5F0167E41C6ECFDD2A79C02 . 891448 . . [6.0.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[7] 2008-04-26 . 01EC1E92595F839BEE70D439C46796E3 . 891448 . . [6.0.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[7] 2008-03-27 . 9081EBA4184E7EB87C55E18C089283A5 . 890936 . . [6.0.6001.22144] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22144_none_b38070957fa0b5e0\tcpip.sys
[7] 2008-01-21 . FC6E2835D667774D409C7C7021EAF9C4 . 891448 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
.
[7] 2008-01-21 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\System32\browser.dll
[7] 2008-01-21 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_none_78e926b99dfe756d\browser.dll
.
[7] 2015-04-30 . 474FDD99DB6012E21405AAEE8DA61546 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23683_none_a867135b734d5b8a\lsass.exe
[7] 2015-03-06 . ACAC4085ECDA9A35ED621936D67DB9D4 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23640_none_a88f522d732f9fc1\lsass.exe
[7] 2015-01-15 . A28A5386D01A5C6B085838624955EF3C . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23594_none_a85d41d3735493ab\lsass.exe
[7] 2014-12-03 . C4AA089041242987308AE2A7B30E910A . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23555_none_a88981cd73333d3e\lsass.exe
[7] 2014-10-10 . 86C519D59C70327434641E862A70B52B . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.23521_none_a8a5f069731e840f\lsass.exe
[7] 2012-06-01 . 613DEB66A91820F0A41915B40BB8833F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe
[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\System32\lsass.exe
[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe
[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe
[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.19214_none_a82a209c59f61a0b\lsass.exe
[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.19284_none_a7de71285a2edda2\lsass.exe
[7] 2011-11-16 . EBFAEB786C46B407930811F94F08877D . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe
[7] 2009-09-10 . D09A5DA84B7C9CA9B02EBCD7FAE41C8D . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[7] 2009-09-10 . 2D3AC5E7AC01E905F3ABD2D745FE3A9B . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[7] 2009-09-09 . CB7E838C140B4087B2DA323F2D4523C5 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[7] 2009-06-15 . C731B1FE449D4E9CEA358C9D55B69BE9 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[7] 2009-06-15 . 6F1F23D3599EAE17734451936B7F17C6 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[7] 2009-06-15 . BA9A67672E025078C77967731BCFC560 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[7] 2009-06-15 . A911ECAC81F94ADEAFBE8E3F7873EDB0 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[7] 2009-06-15 . 203D86EBD6D8E4C8501B222421E81506 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[7] 2009-06-15 . 3978F3540329E16C0AC3BCF677E5669F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[7] 2009-02-13 . F4C62B07E5BF96F1FDCA9DB393ECED22 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
[7] 2009-02-13 . 59DE082968FDD257FFF0D209B9A5B460 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[7] 2009-02-13 . AFF8A58280863629CA4FFA9E0B259F1E . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[7] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[7] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[7] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
.
[7] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\System32\netman.dll
[7] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_0fbd1b9651cfd333\netman.dll
.
[7] 2008-01-21 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\System32\comres.dll
[7] 2008-01-21 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_2cb0dad7e631d923\comres.dll
.
[7] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\System32\qmgr.dll
[7] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll
[7] 2008-01-21 . 02ED7B4DBC2A3232A389106DA7515C3D . 758272 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll
.
[7] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6000.16386] . . c:\windows\System32\rpcss.dll
[7] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_6bb655083b01c988\rpcss.dll
[7] 2009-03-03 . 301AE00E12408650BADDC04DBC832830 . 551424 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll
[7] 2009-03-03 . 4DFCBDEF3CCAA98F99038DED78945253 . 551424 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_6a06ffcd57365beb\rpcss.dll
[7] 2009-03-03 . 7B981222A257D076885BFFB66F19B7CE . 549888 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_67c4315e40d1bb6c\rpcss.dll
[7] 2009-03-03 . B1BB45E24717A7F790B4411C4446EF5E . 550400 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_685b771559e4be8c\rpcss.dll
[7] 2008-01-21 . 33FB1F0193EE2051067441492D56113C . 547328 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_69cadbfc3ddffe3c\rpcss.dll
.
[7] 2015-04-10 . 4F0A7910FC7D8A66433FA9961EEF8BB5 . 279552 . . [6.0.6000.16386] . . c:\windows\System32\services.exe
[7] 2015-04-10 . 4F0A7910FC7D8A66433FA9961EEF8BB5 . 279552 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.19369_none_d10e49fdca97ea6e\services.exe
[7] 2015-04-10 . 306C42E6C8061623D4230E56D4899F76 . 280576 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.23677_none_d18b1a14e3bf6dc9\services.exe
[7] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[7] 2008-01-21 . 2B336AB6286D6C81FA02CBAB914E3C6C . 279040 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
.
[7] 2010-08-17 . AAE98B295E88D439A6E0F6E8929424FB . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[7] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\System32\spoolsv.exe
[7] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[7] 2010-08-17 . 3665F79026A3F91FBCA63F2C65A09B19 . 126464 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[7] 2010-08-17 . E807FC542C295BA256CE3567829E02A6 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe
[7] 2009-04-11 . 524BFBEA40E6E404737CCBC754647A2E . 127488 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[7] 2008-01-21 . 846CDF9A3CF4DA9B306ADFB7D55EE4C2 . 125952 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
.
[7] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\System32\winlogon.exe
[7] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[7] 2008-01-21 . C2610B6BDBEFC053BBDAB4F1B965CB24 . 314880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
.
[7] 2012-06-02 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256] . . c:\windows\System32\wuauclt.exe
[7] 2012-06-02 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_79d6786e99338140\wuauclt.exe
[7] 2009-08-07 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.4.7600.226_none_e979223d5b9c821b\wuauclt.exe
[7] 2008-01-21 . 8E93CDF0EA8EDBA63F07E2898A9B2147 . 43008 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6001.18000_none_a052d92e34802200\wuauclt.exe
[7] 2008-01-21 . 8E93CDF0EA8EDBA63F07E2898A9B2147 . 43008 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6002.18005_none_a23e523a31a1ed4c\wuauclt.exe
[7] 2006-11-02 . FF81090B6EF1A42A19DF226632711D25 . 41472 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_6.0.6000.16386_none_acab9aecacae685d\wuauclt.exe
.
[7] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\System32\drivers\tdx.sys
[7] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys
[7] 2008-01-21 . D09276B1FAB033CE1D40DCBDF303D10F . 71680 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys
Code:
ATTFilter 32480 . . [5.82] . . c:\windows\System32\comctl32.dll
[7] 2015-04-24 . 191A47F095110DE79378B09C0B92ABA1 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.19373_none_3b39d6eed553f0c5\comctl32.dll
[7] 2015-04-24 . 5877C5216123DA8D5979DCF74D2C70CF . 1686016 . . [6.10] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19373_none_5cbe60a608848a19\comctl32.dll
[7] 2015-04-24 . 7CBE7F7ADA50438DB15275B9C43F392A . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.19373_none_88f3001d69c37da0\comctl32.dll
[7] 2015-04-24 . E8DAC8FCF4905E307C46E46B694E7275 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.23681_none_3bb6a705ee7b7420\comctl32.dll
[7] 2015-04-24 . C33567D39B2E4B4601207CAF804A968C . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.23681_none_45f1e778222ad0d6\comctl32.dll
[7] 2015-04-24 . 474012B7FD32759A4120C7F9C55AA6A2 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.23681_none_8adc5ed966e733ab\comctl32.dll
[7] 2015-04-06 . E033AB8FB7B5CCE2E72828B384298937 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.19355_none_5cbc328208868aad\comctl32.dll
[7] 2015-04-06 . 75B8D1D9F6AA408CB09DDD35A78F5819 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.23663_none_45efb954222cd16a\comctl32.dll
[7] 2013-07-04 . 58035212AB7869A5FC3AF186ACBA8F09 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18879_none_3b3ff8f0d54e60f1\comctl32.dll
[7] 2013-07-04 . 9474AD3584430D24DA87517F9DB0CBB2 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll
[7] 2013-07-04 . 059F04344FD96993C4F207BB4E281DF3 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.23151_none_3bd70d4bee632e8a\comctl32.dll
[7] 2013-07-04 . C0A115C660134FD0A97735DE368702A5 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.23151_none_8ad7a1bf66eb6815\comctl32.dll
[7] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee7c46da\comctl32.dll
[7] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1fca2222ab96c\comctl32.dll
[7] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ada5c8366e90385\comctl32.dll
[7] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1391c96\comctl32.dll
[7] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612924c21dcda90\comctl32.dll
[7] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5499024dc7b801\comctl32.dll
[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed519463b\comctl32.dll
[7] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
[7] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
[7] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d804f924\comctl32.dll
[7] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
[7] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll
[7] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
[7] 2008-01-21 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7f7837a\comctl32.dll
[7] 2008-01-21 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll
[7] 2008-01-21 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
[7] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
[7] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
.
[7] 2013-10-03 . 165E9D93A84A7F55EBEEB1B554110680 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23235_none_78542a95b127239a\cryptsvc.dll
[7] 2013-07-08 . 684C130BBC6DB681BAD4920A4C944AA5 . 133120 . . [6.0.6000.16386] . . c:\windows\System32\cryptsvc.dll
[7] 2013-07-08 . 684C130BBC6DB681BAD4920A4C944AA5 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_7790a11898357c99\cryptsvc.dll
[7] 2013-07-08 . 828805E2E7F529B24849AD52740288DA . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_783d888db13844fe\cryptsvc.dll
[7] 2013-04-24 . 3EDE4C1F9672C972479201544969ADCB . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_77c6b0b4980cf0e4\cryptsvc.dll
[7] 2013-04-24 . FBE051C07C3D2B9011ECB1C7A73120C1 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_7870974bb1126d44\cryptsvc.dll
[7] 2013-04-17 . 58CEF2D243575512657452B9E89A2E1F . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18827_none_77d7825c97ff6cfd\cryptsvc.dll
[7] 2013-04-17 . CC8E2C87016A07892B5448D764BF8A30 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23097_none_781547d5b15603a0\cryptsvc.dll
[7] 2012-06-02 . DD9CCF40ED80DD0D62F1B607A1EA4449 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll
[7] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll
[7] 2012-04-23 . 75C6A297E364014840B48ECCD7525E30 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[7] 2012-04-23 . C979AEA8C4D8F875CD25507D08980006 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[7] 2008-01-21 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
.
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\System32\es.dll
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_0ed918294edf6b75\es.dll
[7] 2008-04-19 . 131B7E46A7ACD49CB56BB03917A76DE3 . 268800 . . [2001.12.6930.20818] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_0b8e318c6db592d2\es.dll
[7] 2008-04-19 . 7B4971C3D43525175A4EA0D143E0412E . 268800 . . [2001.12.6930.16677] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_0ac2b30954c98430\es.dll
[7] 2008-04-18 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_0cbe918751dfdd3f\es.dll
[7] 2008-04-18 . 776D75AF432C598068CC933C7421171B . 269312 . . [2001.12.6931.22162] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_0d385cf46b0a1a47\es.dll
[7] 2008-01-21 . F4BF4FA769DB51B106D2B4B35256988B . 262144 . . [2001.12.6931.18000] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_0ced9f1d51bda029\es.dll
.
[7] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\System32\imm32.dll
[7] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll
[7] 2008-01-21 . EC17194A193CD8E90D27CFB93DFA9A2E . 114688 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll
.
[7] 2015-05-08 . DA10DF349F80E52B7CBDCF296A44FC75 . 894464 . . [6.0.6001.18000] . . c:\windows\System32\kernel32.dll
[7] 2015-05-08 . DA10DF349F80E52B7CBDCF296A44FC75 . 894464 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.19381_none_954eccaf53b1df3c\kernel32.dll
[7] 2015-05-08 . 700178867665441A00AB3215B5450C7A . 894976 . . [6.0.6002.23688] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.23688_none_95df6f4c6cc92ab5\kernel32.dll
[7] 2014-02-06 . B439D7A2127B81EC7274019D14784D75 . 894976 . . [6.0.6002.23323] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.23323_none_961b47b06c9d0ce7\kernel32.dll
[7] 2014-02-06 . 695DB97B018FB06F693F37108322AA1E . 894464 . . [6.0.6002.19034] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.19034_none_9587d7775386a817\kernel32.dll
[7] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6002.18704] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_95a86b4d536e26b4\kernel32.dll
[7] 2012-09-28 . A9204E65A74AF0E801EA46F5A92C87A2 . 893440 . . [6.0.6002.22942] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_9604c9ba6cae00bb\kernel32.dll
[7] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6002.18449] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_9582275d538a1db6\kernel32.dll
[7] 2011-04-12 . 7062DEB220FA1CCB1B65FC40D6E7D807 . 893440 . . [6.0.6002.22625] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_961d64be6c9b1d69\kernel32.dll
[7] 2011-04-12 . 306835D4E74E49A5D10F0FCA0B422EB1 . 890368 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_939e812b5662e4c2\kernel32.dll
[7] 2011-04-12 . 497A2DA8181560B3E2F8FFE0092FD1E6 . 892928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_93ee425a6faadaba\kernel32.dll
[7] 2009-04-11 . BB8509089E7DF514310814E1B2593FFC . 891392 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll
[7] 2009-02-13 . DB6E3731E6F5C8AE2843F80B5787F7C6 . 888832 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll
[7] 2009-02-13 . 1987D817D08F5EAF0B7F334026FDDB79 . 890880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll
[7] 2009-02-13 . B82C7AC1D559F0FD088792171D64C7F3 . 875520 . . [6.0.6000.16820] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll
[7] 2009-02-13 . BB792054BD990EC05D9E260D50FEAD39 . 875520 . . [6.0.6000.21010] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll
[7] 2008-01-21 . DC2338093F91BA4E0512208E60206DDD . 888320 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll
.
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\System32\linkinfo.dll
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6000.16386_none_362e7020a86900de\linkinfo.dll
.
[7] 2015-02-20 . C04EDE45096B5DC4FA461136F0D6DC87 . 23552 . . [6.0.6002.23634] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23634_none_ac26b0f770df0e42\lpk.dll
[7] 2013-06-04 . 14940757518AA48B73992F19820D1799 . 23552 . . [6.0.6002.23132] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23132_none_ac24a6e570e0e9d1\lpk.dll
[7] 2012-12-16 . 883A634FF496FE2D22BA3D441EED0ED0 . 23552 . . [6.0.6002.23004] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23004_none_ac47155770c6cb85\lpk.dll
[7] 2011-02-16 . 08F5BC2DC64C4D97931A28058F238D80 . 23552 . . [6.0.6002.22589] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_abf5b7af710301e2\lpk.dll
[7] 2011-02-16 . 0F1AF051D2B58411341B70360852AA36 . 23552 . . [6.0.6001.22854] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_aa2ab41973c8da38\lpk.dll
[7] 2011-01-08 . 9259B5AD10104BB0847013A70A0A6F32 . 23552 . . [6.0.6002.22566] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_ac0856a970f57dfb\lpk.dll
[7] 2011-01-08 . 53B04A1B4BB0C84B063AA7219083FC16 . 23552 . . [6.0.6001.22830] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_aa3c52c973bc3cfa\lpk.dll
[7] 2009-10-19 . 7BE32E67440BB5B2205C5402A2FBDE25 . 24064 . . [6.0.6000.16939] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\lpk.dll
[7] 2009-10-19 . 1C8BB8BB211F8ADB8E51FC2FF5C411D6 . 24064 . . [6.0.6000.21142] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\lpk.dll
[7] 2009-10-19 . 6223ACDEE46548B706EE8E8C51A985B0 . 23552 . . [6.0.6001.22544] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\lpk.dll
[7] 2009-10-19 . 7ABEC59B0338BAA1261190B89B2B90E6 . 23552 . . [6.0.6002.22247] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\System32\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_ab6ee69a57e47e48\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_abbe991c57a81d34\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18725_none_aba8fef657b84c8b\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18755_none_ab888f3257d0a05e\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18861_none_ab79c00457dc541a\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.19324_none_aba7e04c57b95839\lpk.dll
[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_a9d318785a865d4c\lpk.dll
[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\lpk.dll
[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_a990751c5ab6f6b5\lpk.dll
[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_a97ad5445ac72e97\lpk.dll
[7] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_abbe918457a82898\lpk.dll
.
[7] 2015-05-31 . D48F69EA6F1BE39DB1C5120C2AE66C64 . 12385280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20774_none_d38cdf6579513300\mshtml.dll
[7] 2015-05-31 . A12176CC20E80738E813E0A54B23D6B7 . 12385280 . . [9.00.8112.16421] . . c:\windows\System32\mshtml.dll
[7] 2015-05-31 . A12176CC20E80738E813E0A54B23D6B7 . 12385280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16659_none_d31de3e4601eda07\mshtml.dll
[7] 2015-04-10 . 32AEC023256F682A02549764F81F811B . 12379136 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16644_none_d323b25e601b3f63\mshtml.dll
[7] 2015-04-10 . 8F8DDED51235079E5B71F1A63F9CFE3E . 12380160 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20758_none_d3a68065793d607a\mshtml.dll
[7] 2015-03-09 . E74D944976D80E0BE3E2BCA8E5568E5E . 12378624 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20750_none_d39e7e15794495c2\mshtml.dll
[7] 2015-03-09 . 1035970885DD6ABA0EBCB3C02006A8E9 . 12377600 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16636_none_d33082de60115620\mshtml.dll
[7] 2015-02-21 . E118F7CFD80C1346BDC37B64E1270DD6 . 12375040 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16633_none_d32d820060140a1b\mshtml.dll
[7] 2015-02-21 . 466763B6CF4A3BCB72852F84C8D8DB6B . 12376064 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20747_none_d3b0500779362b32\mshtml.dll
[7] 2015-01-14 . 550BF2A3717675EBE755A6D6C708AC6E . 12371968 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20725_none_d3c3ef4b7927c0a2\mshtml.dll
[7] 2015-01-14 . 88DFFFE4A1C25C256A74629599292A2D . 12371456 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16609_none_d353f3805ff64e52\mshtml.dll
[7] 2014-11-24 . D86631F4E180273746A79101322394E6 . 12371456 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20715_none_d3cebf37791fa4b1\mshtml.dll
[7] 2014-11-24 . 91F488C0ED1D8B1FDC112F95A4965CC6 . 12369920 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16599_none_d2f2a24e603f4ca4\mshtml.dll
[7] 2014-10-27 . 0EE89DC5D4C7A29C03B83F9E42643EEA . 12367360 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20708_none_d3dc90017914d4c5\mshtml.dll
[7] 2014-10-27 . 5BDCC7129C2F0A25F8A8FF6A3BDD9896 . 12366848 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16592_none_d2eba04860459b43\mshtml.dll
[7] 2014-09-19 . 3E7834CD2A543D58443BBE38FD74E8EB . 12364288 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16584_none_d2f870c8603bb200\mshtml.dll
[7] 2014-09-19 . 5E91ECBE5541206D2C31A2B5BB38D97F . 12364800 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20700_none_d3d48db1791c0a0d\mshtml.dll
[7] 2014-08-15 . 7EBA54A72C5B0FF522003FBEBB9994CB . 12363776 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20691_none_d3743cc9796421b6\mshtml.dll
[7] 2014-08-15 . B7E3AF84D1CF6CAA39EA69EF2734B517 . 12363264 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16575_none_d30440fe6032af66\mshtml.dll
[7] 2014-07-24 . 601FCEB3AB6B81F48CCF1E22FFA5E6D4 . 12356608 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16563_none_d30d1056602c60c7\mshtml.dll
[7] 2014-07-24 . A1326470C9DC5E8D81C0F9F0FCCDB158 . 12357632 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20674_none_d38cdd7f795135d9\mshtml.dll
[7] 2014-06-07 . BEFE2A3B0FD950E895A623DF4238247E . 12353024 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16561_none_d30b0fc2602e2e19\mshtml.dll
[7] 2014-06-06 . 6D5EC036CE03EE1EBB2972200A8856EE . 12352512 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20672_none_d38adceb7953032b\mshtml.dll
[7] 2014-05-28 . 0A05BABD0424A3A5882DFA016931A007 . 12357120 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20666_none_d399adff79474c96\mshtml.dll
[7] 2014-05-28 . B7363143940197BD9F16FD957B4F8131 . 12356608 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16555_none_d319e0d660227784\mshtml.dll
[7] 2014-05-05 . 0E468A0C51460D8DA3DF9B782275F1DB . 12347392 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16553_none_d317e042602444d6\mshtml.dll
[7] 2014-05-05 . 978376F3B5B6265463E6C9059ED373CA . 12347904 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20664_none_d397ad6b794919e8\mshtml.dll
[7] 2014-04-29 . DCAA40C2C9F8EE14BAEA773576C26766 . 12347392 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16546_none_d325b10c601974ea\mshtml.dll
[7] 2014-04-29 . 07501A7E7D9DF1FAB910164D31ED069C . 12348416 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20657_none_d3a57e35793e49fc\mshtml.dll
[7] 2014-03-07 . 10D0FA4F2A6ADBEEA0FFF10583CC5407 . 12347904 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16545_none_d324b0c2601a5b93\mshtml.dll
[7] 2014-03-07 . DDFC3CFB3C63820B4464F8545E867BC5 . 12347904 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20656_none_d3a47deb793f30a5\mshtml.dll
[7] 2014-02-23 . C532BB3C2167824BB26EF465481E27AF . 12347904 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20651_none_d39f7c797943b1f2\mshtml.dll
[7] 2014-02-23 . 4F23BB46E26DC87F01563B8A96526075 . 12347904 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16540_none_d31faf50601edce0\mshtml.dll
.
[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\System32\msvcrt.dll
[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7e69c340115\msvcrt.dll
[7] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447bfb54e0362\msvcrt.dll
[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
[7] 2008-01-21 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll
.
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] . . c:\windows\System32\mswsock.dll
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[7] 2008-01-21 . 89FD0595EEA4E505CABEFCF7008F2612 . 223232 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll
.
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\System32\netlogon.dll
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[7] 2008-01-21 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
.
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\System32\powrprof.dll
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll
[7] 2008-01-21 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_a3199e60fcd85f71\powrprof.dll
.
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\System32\scecli.dll
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
[7] 2008-01-21 . 28B84EB538F7E8A0FE8B9299D591E0B9 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
.
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\sfc.dll
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll
.
[7] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] . . c:\windows\System32\svchost.exe
[7] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
.
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\System32\tapisrv.dll
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll
[7] 2008-01-21 . 680916BB09EE0F3A6ACA7C274B0D633F . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_e33cd8dbe4f2987f\tapisrv.dll
.
[7] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\System32\user32.dll
[7] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[7] 2008-01-21 . B974D9F06DC7D1908E825DC201681269 . 627200 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
.
[7] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\System32\userinit.exe
[7] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
Code:
ATTFilter 130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20774_none_c232c046f8fac9ca\wininet.dll
[7] 2015-05-30 . 6788C8BBFD00EA99D6DA2AB5EA4F9A2C . 1129472 . . [9.00.8112.16421] . . c:\windows\System32\wininet.dll
[7] 2015-05-30 . 6788C8BBFD00EA99D6DA2AB5EA4F9A2C . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16659_none_c1c3c4c5dfc870d1\wininet.dll
[7] 2015-04-10 . E38E89A0939A42F5EE4292DFC48772DF . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16644_none_c1c9933fdfc4d62d\wininet.dll
[7] 2015-04-10 . EA51D068CE82A1E7FC338D0D36E83AA3 . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20758_none_c24c6146f8e6f744\wininet.dll
[7] 2015-03-09 . EB5E1D8224F4EF318708410B469AC239 . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20750_none_c2445ef6f8ee2c8c\wininet.dll
[7] 2015-03-09 . 19B481D70FBC176AE5D3E91347B0128F . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16636_none_c1d663bfdfbaecea\wininet.dll
[7] 2015-02-21 . 6293D025E82071B9424877E30B6AC1C8 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16633_none_c1d362e1dfbda0e5\wininet.dll
[7] 2015-02-21 . B617816D90817B98FF209701B2EAE555 . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20747_none_c25630e8f8dfc1fc\wininet.dll
[7] 2015-01-14 . 8C1A011CB32B2A254B3DE9138DF10C47 . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20725_none_c269d02cf8d1576c\wininet.dll
[7] 2015-01-14 . 79E75447CCEB8522756FCD1EA1B858FF . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16609_none_c1f9d461df9fe51c\wininet.dll
[7] 2014-11-24 . 771EE57063F9F6798DC2E52DC0042912 . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20715_none_c274a018f8c93b7b\wininet.dll
[7] 2014-11-24 . AA680F0065A505118BDD9181BCE7C83D . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16599_none_c198832fdfe8e36e\wininet.dll
[7] 2014-10-27 . 746B4DDFD053B4A363D43D077F5B3916 . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20708_none_c28270e2f8be6b8f\wininet.dll
[7] 2014-10-27 . B6260FAA9ACF8AC13312C739B23BD0BE . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16592_none_c1918129dfef320d\wininet.dll
[7] 2014-09-19 . 3252D4791357FEE6C2BAF0619C041317 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16584_none_c19e51a9dfe548ca\wininet.dll
[7] 2014-09-19 . 0247DDE7AAC890C68E88F158305461BB . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20700_none_c27a6e92f8c5a0d7\wininet.dll
[7] 2014-08-15 . 15CBB5EC923B37F34039525998E080B3 . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20691_none_c21a1daaf90db880\wininet.dll
[7] 2014-08-15 . BAE2B45ED648DEA784A2048BDB22F3F8 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16575_none_c1aa21dfdfdc4630\wininet.dll
[7] 2014-07-24 . 526014FFF6F612D9D0E86C874E7B0C36 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16563_none_c1b2f137dfd5f791\wininet.dll
[7] 2014-07-24 . 228CC2A0F31917A9E2E4B95D86D8827B . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20674_none_c232be60f8facca3\wininet.dll
[7] 2014-06-06 . 61D9AD9E55D7A1E10C0EF701ADE1C486 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16561_none_c1b0f0a3dfd7c4e3\wininet.dll
[7] 2014-06-06 . D19775732C5F0850BB46E4B5CF4E8C39 . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20672_none_c230bdccf8fc99f5\wininet.dll
[7] 2014-05-28 . E267DC5D759E11BB895C41E7EFC1A54C . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20666_none_c23f8ee0f8f0e360\wininet.dll
[7] 2014-05-28 . CFD26829131439B71D0109F9D5345573 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16555_none_c1bfc1b7dfcc0e4e\wininet.dll
[7] 2014-03-07 . 62077F806BC59CBD5A404338D710D133 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16545_none_c1ca91a3dfc3f25d\wininet.dll
[7] 2014-03-07 . 04F7F03B4D4C3EFF8BA6E25F24063250 . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20656_none_c24a5eccf8e8c76f\wininet.dll
[7] 2014-02-23 . F68EBB98CE1CFC06EA5CCE5F78056412 . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20651_none_c2455d5af8ed48bc\wininet.dll
[7] 2014-02-23 . 1E5DF19A5F053345430D7AF87943C47A . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16540_none_c1c59031dfc873aa\wininet.dll
[7] 2014-02-05 . 5EDAA4D8E5E762B4487813DC4053F244 . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20644_none_c2532e24f8e278d0\wininet.dll
[7] 2014-02-05 . 679EAED8E703235BA81AA2E58F4E2D16 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16533_none_c1d360fbdfbda3be\wininet.dll
[7] 2013-11-14 . 4CC9DF09C3D915BA0A101A11DB684F26 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16526_none_c1e131c5dfb2d3d2\wininet.dll
[7] 2013-11-14 . 1C0B5D8A0A0F4614F032751E418E87E1 . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20637_none_c260feeef8d7a8e4\wininet.dll
[7] 2013-10-13 . C36E38AD3C7FAFF0E30C4CBCB28CE7FB . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16520_none_c1db3009dfb83bc8\wininet.dll
[7] 2013-10-13 . F1771715A3DC3DB14BD374F63507878D . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20631_none_c25afd32f8dd10da\wininet.dll
[7] 2013-09-22 . 508484580EA124FB03C41C58D4A63BE1 . 1130496 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20625_none_c269ce46f8d15a45\wininet.dll
[7] 2013-09-22 . C8ADAA6948993D839D14524847EA5B75 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16514_none_c1ea011ddfac8533\wininet.dll
[7] 2013-07-31 . 21A5424935A32080A58DD40F2712212C . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16506_none_c1f6d19ddfa29bf0\wininet.dll
[7] 2013-07-31 . 99991FC7D1430A61F27B48AC3D43B028 . 1129984 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20617_none_c2769ec6f8c77102\wininet.dll
[7] 2013-07-25 . EFA69C15A411D9794131CBCF6B59EA08 . 1129984 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20613_none_c2729d9ef8cb0ba6\wininet.dll
[7] 2013-07-25 . 6839F14A2507D9273BD13565DD880377 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16502_none_c1f2d075dfa63694\wininet.dll
[7] 2013-05-29 . 745410A5E043E8F880C932007034F8B6 . 1129984 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20606_none_c2806e68f8c03bba\wininet.dll
[7] 2013-05-29 . EA952A5C277CABCBA69EA806146BB984 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16496_none_c195806bdfeb9a42\wininet.dll
[7] 2013-05-16 . 6A25377A76479A0C0BF3DB6FC42FE09A . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16490_none_c18f7eafdff10238\wininet.dll
[7] 2013-05-16 . CC25EA1287613DC45D25A26037B4DBDD . 1129984 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20600_none_c27a6cacf8c5a3b0\wininet.dll
[7] 2013-04-04 . 2C96B3921B4CDE10DBAED5AAD760DB67 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16483_none_c19d4f79dfe6324c\wininet.dll
[7] 2013-04-04 . 28B2DD8DBAEE306290A74ED03DB3768F . 1129984 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20593_none_c21c1c58f90bee07\wininet.dll
[7] 2013-02-22 . C5B6468422DB1C8AA36C32CBB0197E5E . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16476_none_c1ab2043dfdb6260\wininet.dll
[7] 2013-02-22 . 490E24D5E427DFA55B1C1182F0DB861C . 1129984 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20586_none_c229ed22f9011e1b\wininet.dll
[7] 2013-02-02 . 1284D72C04B553ED5382EA14303D66DB . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20580_none_c223eb66f9068611\wininet.dll
[7] 2013-02-02 . 03728C624D05C2F157BBD46F6B7F6EA0 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16470_none_c1a51e87dfe0ca56\wininet.dll
[7] 2013-01-08 . B49B56B64F57699A1A663D2CF7D0A56F . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16464_none_c1b3ef9bdfd513c1\wininet.dll
[7] 2013-01-08 . 16C45E6881449C6330567E51C13920FA . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20573_none_c231bc30f8fbb625\wininet.dll
[7] 2012-11-14 . 7FA3A810F383588D46220967DE8B64FF . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16457_none_c1c1c065dfca43d5\wininet.dll
[7] 2012-11-14 . 0635D714351F842D43EA184E75C4A3FF . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20565_none_c23e8cb0f8f1cce2\wininet.dll
[7] 2012-10-08 . 9CB0D2A9A77D91D9614355EE9FF00519 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16455_none_c1bfbfd1dfcc1127\wininet.dll
[7] 2012-10-08 . 6E3AC8A54A1881806BA2B58539483788 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20562_none_c23b8bd2f8f480dd\wininet.dll
[7] 2012-08-24 . 2895E29EFCFC0B1BCF8AEE1A0C67913C . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20557_none_c24b5d30f8e7e39f\wininet.dll
[7] 2012-08-24 . 5553611E2F9EA6F613079177F1233068 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16450_none_c1babe5fdfd09274\wininet.dll
[7] 2012-06-29 . 75A97A2C060E72AB49E071E08C7DD2BA . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16448_none_c1cd909bdfc1413b\wininet.dll
[7] 2012-06-28 . 54C30A4066A28F9A017E095E283B2762 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20554_none_c2485c52f8ea979a\wininet.dll
[7] 2012-06-02 . 8E87270C4704CF2951E1E7820D6C8A2B . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16447_none_c1cc9051dfc227e4\wininet.dll
[7] 2012-06-02 . E430161A632F9A8FE512DE0CA5685559 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20553_none_c2475c08f8eb7e43\wininet.dll
[7] 2012-05-17 . 1C191A4F0960F21B5D58C8A65BAF5427 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16446_none_c1cb9007dfc30e8d\wininet.dll
[7] 2012-05-17 . 43BAC67996D8765A5F1B3A4EA6231E21 . 1129472 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20551_none_c2455b74f8ed4b95\wininet.dll
[7] 2012-03-02 . 1D94FA7C81D2FFE494AF094619BA706F . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16441_none_c1c68e95dfc78fda\wininet.dll
[7] 2012-02-28 . 44465367256D1C72B58F5ABAA19E7016 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16443_none_c1c88f29dfc5c288\wininet.dll
[7] 2012-02-28 . 11A34DCA08EB2A586246F2D6C2A81D58 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20548_none_c2572d66f8dee105\wininet.dll
[7] 2011-12-16 . 3D4B4EBFEF4F72F4BF62921C19E67008 . 842240 . . [7.00.6002.22757] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22757_none_042a05b0b8392a49\wininet.dll
[7] 2011-12-16 . B518AB969682F6E7C22933BED09CD82A . 834048 . . [7.00.6002.18552] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18552_none_039b658d9f200ea5\wininet.dll
[7] 2011-10-21 . 758A5362019E7DDD7BC9CCE57FF99E7A . 842240 . . [7.00.6002.22730] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22730_none_0438a382b82f4106\wininet.dll
[7] 2011-10-20 . 72A45F23D07C6B13D23B84D043A81059 . 834048 . . [7.00.6002.18531] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18531_none_03b0051b9f10bd6c\wininet.dll
[7] 2011-04-21 . 17413EF7D95632D892B4C914CD7E66F9 . 834048 . . [7.00.6002.18457] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18457_none_03a065199f1b9031\wininet.dll
[7] 2011-04-21 . 3790936B00FBA6EC2053C3E81B42AFCE . 842240 . . [7.00.6002.22629] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22629_none_044c7422b81f0bfd\wininet.dll
[7] 2011-04-21 . DA5A72211661C7F162B332FEA4F09A69 . 833024 . . [7.00.6001.18639] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18639_none_01d191b7a1e338b2\wininet.dll
[7] 2011-04-21 . D53D34CA16BE45211F7A13532D181A1A . 841728 . . [7.00.6001.22905] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22905_none_0277a0eabaec199b\wininet.dll
[7] 2011-02-18 . E9839CDBD10ED7E7E2D3A3E51C23B168 . 842240 . . [7.00.6002.22592] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22592_none_03f9c0c2b85e210c\wininet.dll
[7] 2011-02-18 . A7A07D223862A0C661DB225E27058248 . 834048 . . [7.00.6002.18407] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18407_none_03d674b59ef3047c\wininet.dll
[7] 2011-02-18 . B1DB3E0B0E6CB66DC31629EC26FB0048 . 833024 . . [7.00.6001.18602] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18602_none_01eaff75a1d1337e\wininet.dll
[7] 2011-02-18 . E5B46DD994C4AB72C8BD666B3026E812 . 841728 . . [7.00.6001.22857] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22857_none_02438ffcbb12dad7\wininet.dll
[7] 2010-12-20 . AC0D9A507894509CF6D23F1CE876BA4F . 842240 . . [7.00.6002.22551] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22551_none_04240028b83e97f1\wininet.dll
[7] 2010-12-20 . 072213E1604D843D3230EE61663466A4 . 834048 . . [7.00.6002.18357] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18357_none_03a063339f1b930a\wininet.dll
[7] 2010-12-20 . 97CFAF0C9083BF808F5B3B609C055205 . 833024 . . [7.00.6001.18565] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18565_none_01ad1ee5a1ff2a02\wininet.dll
[7] 2010-12-20 . 0A2382C16E9F1D607CDF05C62810212F . 841728 . . [7.00.6001.22816] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22816_none_026dcf62baf351bc\wininet.dll
[7] 2009-04-11 . 8777B44511D8BCCF47B5A7CBDC02DE11 . 828416 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18005_none_03d46c899ef4dd32\wininet.dll
[7] 2008-10-02 . C373C19F10601C1AFE7E40907AE48694 . 827392 . . [7.00.6001.18148] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989\wininet.dll
[7] 2008-10-02 . 8BF7D225505A4ADA25D9444E91811CEA . 826368 . . [7.00.6000.16757] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16757_none_ffd3a927a4cebb32\wininet.dll
[7] 2008-10-02 . 6B2591CDCEFEB8451594288426677CBB . 827904 . . [7.00.6001.22278] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22278_none_022ee50abb223d26\wininet.dll
[7] 2008-10-02 . C85EF7DE97ABBF00B16AD11EDFEAC637 . 827904 . . [7.00.6000.20927] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20927_none_007db79cbdd40450\wininet.dll
[7] 2008-06-27 . 618A51B5FB9DD5810960F6044C0E9289 . 827392 . . [7.00.6001.18099] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18099_none_0190a6cba213f16e\wininet.dll
[7] 2008-06-27 . E74D932CA7B3DA8CDB7A5F11F5A03ABC . 826368 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16711_none_fff8e71ba4b3b364\wininet.dll
[7] 2008-06-27 . EDF59D63DDBC8BE0BB4836EFFFC04BDC . 827904 . . [7.00.6001.22212] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22212_none_0269c2d6baf6fd76\wininet.dll
[7] 2008-06-27 . AE7150C0696C656D02FDD48259F4EFF5 . 827904 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20868_none_00537650bdf39044\wininet.dll
[7] 2008-04-25 . 44FD3968AD885026D94450832A78DE8A . 826880 . . [7.00.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18063_none_01ab14d3a2010591\wininet.dll
[7] 2008-04-25 . 9191790BF02A8D759EC2B4E4FA868407 . 826368 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16681_none_ffad35c1a4ec79d4\wininet.dll
[7] 2008-04-25 . A86218059C228E7691A13E4CB63C4CDF . 826880 . . [7.00.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22167_none_0238b2c6bb1b0ab7\wininet.dll
[7] 2008-04-25 . F40594128A6BFDA6C3F0900796895078 . 827392 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20823_none_0079b48ebdd7a1cd\wininet.dll
[7] 2008-02-22 . 482BCCBF1FCBB3378100FF97081438C1 . 826880 . . [7.00.6001.18023] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18023_none_01d65483a1e095cd\wininet.dll
[7] 2008-02-22 . 4E962B645608E6EDB7D31B75921D07FA . 826880 . . [7.00.6001.22120] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22120_none_025cf070bb00e992\wininet.dll
[7] 2008-02-22 . F7FF1E0D443788D6AE4CBCA593530099 . 827392 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.20777_none_0047a434bdfc95b7\wininet.dll
[7] 2008-02-21 . DAEED2799D4D19F955C3E90B22A1E91E . 826368 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16643_none_ffda7605a4ca3cbe\wininet.dll
[7] 2008-01-21 . 455D715A840579BDC1CF8E5C1DA76849 . 825856 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18000_none_01e8f37da1d311e6\wininet.dll
.
[7] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\System32\ws2_32.dll
[7] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
.
[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ws2help.dll
[7] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\ws2help.dll
.
[7] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\explorer.exe
[7] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[7] 2008-10-30 . 50BA5850147410CDE89C523AD3BC606E . 2927616 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[7] 2008-10-29 . 4F554999D7D5F05DAAEBBA7B5BA1089D . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[7] 2008-10-29 . 37440D09DEAE0B672A04DCCF7ABF06BE . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[7] 2008-10-28 . E7156B0B74762D9DE0E66BDCDE06E5FB . 2923520 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[7] 2008-01-21 . FFA764631CB70A30065C12EF8E174F9F . 2927104 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
.
[7] 2008-01-21 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6000.16386] . . c:\windows\regedit.exe
[7] 2008-01-21 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
.
[7] 2010-06-28 . 7C6F74A11FCF5745B36CB8085B7DE3FB . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_ae70528d08aae434\ole32.dll
[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\System32\ole32.dll
[7] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_adbf7553efaa1c63\ole32.dll
[7] 2010-06-28 . 64A319477AF21806B8A17E8A3A3FF8BC . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_ac91afb30b7f271a\ole32.dll
[7] 2010-06-28 . AA406846DD60E3A4536DBAAB4037B685 . 1315840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_abc461f7f2931b51\ole32.dll
[7] 2009-04-11 . C50A0AB19094BC362FBA69E105EBCCFD . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll
[7] 2008-01-21 . 3B634E4BE373D6D987EBF906B43FAAB3 . 1315328 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18000_none_ac1da75bf2516084\ole32.dll
.
[7] 2014-04-26 . B2B8EAD053A54886288523E5128B9C14 . 503296 . . [1.0626.6002.23386] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.23386_none_af19fcd36efbd812\usp10.dll
[7] 2014-04-26 . FB3E5FD7F74BFC301AD3FB7DE670EDCB . 502784 . . [1.0626.6002.19096] . . c:\windows\System32\usp10.dll
[7] 2014-04-26 . FB3E5FD7F74BFC301AD3FB7DE670EDCB . 502784 . . [1.0626.6002.19096] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.19096_none_ae858c5055e659eb\usp10.dll
[7] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll
[7] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll
[7] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll
[7] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll
[7] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll
[7] 2008-01-21 . 3122DAF86B33ED8AC4662D07593025D7 . 501760 . . [1.0626.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18000_none_acfa790e587c602e\usp10.dll
.
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ksuser.dll
[7] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll
.
[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\System32\ctfmon.exe
[7] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe
.
[7] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
[7] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
[7] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
[7] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
[7] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
[7] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
[7] 2008-01-21 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
.
Code:
ATTFilter [7] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\msimg32.dll
[7] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.0.6000.16386_none_7535161f1f2100ed\msimg32.dll
.
[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\System32\cngaudit.dll
[7] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
.
[7] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\System32\wininit.exe
[7] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
.
[7] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\System32\regsvc.dll
[7] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_8b517ec580991c4d\regsvc.dll
[7] 2008-01-21 . CC4E32400F3C7253400CF8F3F3A0B676 . 106496 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6001.18000_none_896605b983775101\regsvc.dll
.
[7] 2010-11-06 . 7B587B8A6D4A99F79D2902D0385F29BD . 603648 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_2ecc18bd972a0f87\schedsvc.dll
[7] 2010-11-05 . 4B71C228530440F853F9C30E308F00E9 . 604672 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_2f2a77beb0681c3c\schedsvc.dll
[7] 2010-11-05 . 38AE0400578FD396628F21A571473A3B . 602112 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_316f6d3cad4659b7\schedsvc.dll
[7] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\System32\schedsvc.dll
[7] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_30be5cc194475f38\schedsvc.dll
[7] 2009-04-11 . 323AE0BDFD2EB15B668DDA50CC597329 . 595456 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_30ec979d94244404\schedsvc.dll
[7] 2008-01-21 . 1D5E99DB3C10F4FA034010DC49043CA4 . 596992 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18000_none_2f011e91970278b8\schedsvc.dll
[7] 2008-01-21 . 886CEC884B5BE29AB9828B8AB46B11F7 . 595456 . . [6.0.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_2d23e28599d3cbd6\schedsvc.dll
[7] 2008-01-21 . BF17DA9F25A4F84C2577AC13EE126CB7 . 595968 . . [6.0.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20734_none_2d880e1ab30e40c0\schedsvc.dll
.
[7] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\System32\ssdpsrv.dll
[7] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_7fc972ebd13849b5\ssdpsrv.dll
.
[7] 2014-10-11 . B33E73457ED6616F6CA316694267FEE3 . 452096 . . [6.0.6002.23521] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.23521_none_90faa76f6a97633b\termsrv.dll
[7] 2014-10-10 . DBD84E59D631569EC3E756EF144E8431 . 449536 . . [6.0.6001.18000] . . c:\windows\System32\termsrv.dll
[7] 2014-10-10 . DBD84E59D631569EC3E756EF144E8431 . 449536 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.19214_none_907ed7a2516ef937\termsrv.dll
[7] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll
[7] 2008-01-21 . D605031E225AACCBCEB5B76A4F1603A6 . 448512 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6001.18000_none_8e9f41c854441762\termsrv.dll
.
[7] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\System32\hnetcfg.dll
[7] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_b03645b494998691\hnetcfg.dll
|
|
12.06.2015, 17:03
| #8 |
| | Hartnäckige AdWare (?) auf dem Rechner Teil 6 Code:
ATTFilter .
[7] 2008-01-21 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6000.16386] . . c:\windows\System32\drivers\AGP440.sys
[7] 2008-01-21 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[7] 2008-01-21 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[7] 2008-01-21 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[7] 2008-01-21 . 13F9E33747E6B41A3FF305C37DB0D360 . 56376 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[7] 2006-11-02 . EF23439CDD587F64C2C1B8825CEAD7D8 . 53864 . . [6.0.6000.16386] . . c:\windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
.
[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\System32\ias.dll
[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6001.18000_none_f900daa442864318\ias.dll
[7] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll
.
[7] 2010-08-31 16:49 . 5E9F187AC6BADB58C21C4E3A18DD1F62 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.22478_none_f53f7ef86c05abb0\mfc40u.dll
[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6140] . . c:\windows\System32\mfc40u.dll
[7] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.18305_none_f4fe90c352b1fc4a\mfc40u.dll
[7] 2010-08-31 15:41 . 13D0F7769927B74782CB59D8CCEF9E10 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.18523_none_f3007c89559daf33\mfc40u.dll
[7] 2010-08-31 15:17 . 1C1486BB262DF6DFD298110BC495906E . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.22754_none_f36aabc06ed2b94e\mfc40u.dll
[7] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6000.16386_none_f0dc500958a528b5\mfc40u.dll
.
[7] 2015-03-13 . 377602E869DA9C05AC67CA3A5019A051 . 3604920 . . [6.0.6002.19346] . . c:\windows\System32\ntkrnlpa.exe
[7] 2015-03-13 . 377602E869DA9C05AC67CA3A5019A051 . 3604920 . . [6.0.6002.19346] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.19346_none_6df18a30b16477e5\ntkrnlpa.exe
[7] 2015-03-13 . 6EA34AA560855CE55412215C4FB98979 . 3608504 . . [6.0.6002.23654] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23654_none_6e6e5a47ca8bfb40\ntkrnlpa.exe
[7] 2015-02-26 . D4A5343933339DDD59D648D94913A059 . 3604408 . . [6.0.6002.19327] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.19327_none_6e082a52b153595a\ntkrnlpa.exe
[7] 2015-02-26 . 2FCBA681E6FBE9ED0843578811151E17 . 3608504 . . [6.0.6002.23636] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23636_none_6e85fab3ca79f60c\ntkrnlpa.exe
[7] 2013-07-08 . 61E5B6E75A5E53D1052A6D18BF67B59A . 3603904 . . [6.0.6002.18881] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18881_none_6dc16954b1894118\ntkrnlpa.exe
[7] 2013-07-08 . CE2466933B82987F7079E8B45FDD5F02 . 3606976 . . [6.0.6002.23154] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23154_none_6e6e50c9ca8c097d\ntkrnlpa.exe
[7] 2013-05-02 . 676E135282E6A9AED75C7C488CA02DE8 . 3603832 . . [6.0.6002.18832] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18832_none_6df8793ab15fceba\ntkrnlpa.exe
[7] 2013-05-02 . B21C0CF6F41692CBBBD529A6F62BCD5D . 3606392 . . [6.0.6002.23103] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23103_none_6ea3601bca646471\ntkrnlpa.exe
[7] 2013-03-11 . 21870BAB9C9B802AC641DD644708BDE4 . 3603816 . . [6.0.6002.18805] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18805_none_6e1be9dcb144c6ec\ntkrnlpa.exe
[7] 2013-03-11 . A3D98D9C23850B1EF966E005E7845397 . 3606904 . . [6.0.6002.23076] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23076_none_6e5aaf9fca9a76e6\ntkrnlpa.exe
[7] 2013-01-22 . 490BDB5E56352494E699FBA870045EC7 . 3604328 . . [6.0.6002.23025] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23025_none_6e8fbef1ca72d1da\ntkrnlpa.exe
[7] 2013-01-05 . E185428925DBC53CE59B2A5CBA64B837 . 3602808 . . [6.0.6002.18765] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18765_none_6ddb086eb175716b\ntkrnlpa.exe
[7] 2012-08-29 . 0802CFF50B3020D49884195DC065CF20 . 3604352 . . [6.0.6002.22920] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22920_none_6e8ae55dca771fe5\ntkrnlpa.exe
[7] 2012-08-29 . 244C631BE2F7F36EAD9DDAEED95AA298 . 3602816 . . [6.0.6002.18686] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18686_none_6dc666fab184c57d\ntkrnlpa.exe
[7] 2012-04-03 . CAD95AFB7FDDCC490681555C570FBB7D . 3602816 . . [6.0.6002.18607] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_6e1de6a4b142ff4c\ntkrnlpa.exe
[7] 2012-04-03 . BEF3218359377715B1D85D7DF823E123 . 3604352 . . [6.0.6002.22831] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_6e8113d5ca7e5806\ntkrnlpa.exe
[7] 2012-03-06 . 67FB74F129CD6EB6A299B232B09F2FD8 . 3602816 . . [6.0.6002.18595] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18595_none_6dba94deb18dcaf0\ntkrnlpa.exe
[7] 2012-03-06 . 67C80F4BEF37E4F40AC38BBE6BCC6198 . 3603840 . . [6.0.6002.22811] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22811_none_6e96b3adca6e2024\ntkrnlpa.exe
[7] 2011-10-27 . 5B3C5FBBE4FB0DCFFCEC402B44BC6719 . 3603840 . . [6.0.6002.22732] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22732_none_6e821239ca7d7436\ntkrnlpa.exe
[7] 2011-10-27 . CA537C1021ACDF5B3D14A01B0D4A09B7 . 3602816 . . [6.0.6002.18533] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18533_none_6df973d2b15ef09c\ntkrnlpa.exe
[7] 2010-10-15 . 950C425C9E1FA4DDEC8A6B7915E3D892 . 3600272 . . [6.0.6001.18538] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_6c17fdaab43422b6\ntkrnlpa.exe
[7] 2010-10-15 . C391DF1007E54B1FE06A4EF02DB6FA61 . 3602320 . . [6.0.6002.18327] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_6e08411ab1533fb9\ntkrnlpa.exe
[7] 2010-10-15 . 3BEF21D45A74AD2C6EAD894BA6C6A502 . 3602832 . . [6.0.6001.22777] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_6c755c61cd731614\ntkrnlpa.exe
[7] 2010-10-15 . FEB9209E1D2B97DB4AE8FBF1DB0F54B6 . 3603856 . . [6.0.6002.22505] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_6ea57f0fca62721a\ntkrnlpa.exe
[7] 2009-04-11 . 1260BEACF2F023807A1087BBB0E15BBD . 3601896 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntkrnlpa.exe
[7] 2009-03-03 . FEB3FB3309EBA85917BDE7F4FD019C9D . 3599328 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_6c20c750b42ddca2\ntkrnlpa.exe
[7] 2009-03-03 . 641C0F376136E5B6F389016EC48374D2 . 3600880 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_6c6c8571cd797017\ntkrnlpa.exe
[7] 2009-03-03 . 06BCF21AAA1890328D1F58F0ACBE668D . 3503584 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_6a29b702b714cf98\ntkrnlpa.exe
[7] 2009-03-03 . 191C702B48681FB2BA5A96F416207ACF . 3505120 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_6ac0fcb9d027d2b8\ntkrnlpa.exe
[7] 2008-09-18 . 3EB08788832D9048C617559CEFD208CF . 3601464 . . [6.0.6001.18145] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_6c0a2548b43efe06\ntkrnlpa.exe
[7] 2008-09-18 . DC870DCAA25E5CC1C8A50FAC19CCED45 . 3601976 . . [6.0.6001.22269] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_6c822363cd693b0e\ntkrnlpa.exe
[7] 2008-09-18 . E67F6247029F6311E643532D2CFFE667 . 3505208 . . [6.0.6000.16754] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_6a18166cb7216faf\ntkrnlpa.exe
[7] 2008-09-18 . 084A3A26A3D1A75D0705D963C0289DD5 . 3506744 . . [6.0.6000.20921] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_6abf2403d0296cc8\ntkrnlpa.exe
[7] 2008-04-26 . 6BB1994F5B62FEF6268F1EBB4014E293 . 3600952 . . [6.0.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_6bf282f6b4510613\ntkrnlpa.exe
[7] 2008-04-26 . 68EEF02A8846442FE98AD0E0517EE6BC . 3601464 . . [6.0.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_6c8020e9cd6b0b39\ntkrnlpa.exe
[7] 2008-01-21 . FE51E8DBBEF2D01EF886499FECBF2D78 . 3600440 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_6c3061a0b4231268\ntkrnlpa.exe
.
[7] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\System32\upnphost.dll
[7] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_c1e834753483fdcf\upnphost.dll
.
[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\System32\dsound.dll
[7] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll
[7] 2008-01-21 . 8A7B8DA5CA558D2DE47086BB23556543 . 444416 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6001.18000_none_589bbe5841e2df00\dsound.dll
.
[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\System32\d3d9.dll
[7] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll
[7] 2008-01-21 . FAB8F08EC64A54917C07BDB6DC811C95 . 1788928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6001.18000_none_c24d6ca560c635f9\d3d9.dll
.
[7] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\System32\ddraw.dll
[7] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll
.
[7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\System32\olepro32.dll
[7] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6002.18005_none_3bff339efed611ca\olepro32.dll
[7] 2008-01-21 02:23 . AE70AE6F0760793D4893C3735EEC7292 . 88576 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6001.18000_none_3a13ba9301b4467e\olepro32.dll
.
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\System32\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6001.18000_none_31733dc35d19d298\perfctrs.dll
[7] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll
.
[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\System32\version.dll
[7] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6002.18005_none_16e9c83b4e078740\version.dll
[7] 2008-01-21 . 187D588F7A1A45DE48B8540401A90850 . 20480 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6001.18000_none_14fe4f2f50e5bbf4\version.dll
Code:
ATTFilter .
[7] 2015-05-31 . C17D2088EC7FBBA881DEEB1463B8E3B5 . 758000 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20774_none_5900292304ed7fb8\iexplore.exe
[7] 2015-05-31 . 07064E21253872D043CFD8057ED3FD77 . 758000 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16659_none_58912da1ebbb26bf\iexplore.exe
[7] 2015-04-10 . CD2A0F111BD7240C1574A7A1C1CCE7DA . 758000 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16644_none_5896fc1bebb78c1b\iexplore.exe
[7] 2015-04-10 . 4FF821F89F53FFE9EDFAD21D814BE6D1 . 758000 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20758_none_5919ca2304d9ad32\iexplore.exe
[7] 2015-03-10 . 433A60B82D3EC996B26872BE5C5BC597 . 757968 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20750_none_5911c7d304e0e27a\iexplore.exe
[7] 2015-03-09 . F6A99C1FA53F6CBA2306EAFAEE4DC7C9 . 757968 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16636_none_58a3cc9bebada2d8\iexplore.exe
[7] 2015-02-21 . 99CA5EBAC887277CC340F2271AF61D10 . 757968 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16633_none_58a0cbbdebb056d3\iexplore.exe
[7] 2015-02-21 . 5DDED7069CDF74E4074B090DC3FA4D7A . 757976 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20747_none_592399c504d277ea\iexplore.exe
[7] 2015-01-14 . F3844E1BF80F0926AE0EB61756E2ED07 . 757968 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20725_none_5937390904c40d5a\iexplore.exe
[7] 2015-01-14 . 28CD51D6A908C6357F6F6E11EB6D9054 . 757968 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16609_none_58c73d3deb929b0a\iexplore.exe
[7] 2014-11-24 . 21A02100665C339AC61D46650022E576 . 757968 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20715_none_594208f504bbf169\iexplore.exe
[7] 2014-11-24 . 63BE371C16B163583A5EA9D3DF4AC16B . 757968 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16599_none_5865ec0bebdb995c\iexplore.exe
[7] 2014-10-27 . D45C0B4910629E70EF92E758CF635A37 . 757976 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20708_none_594fd9bf04b1217d\iexplore.exe
[7] 2014-10-27 . 06DE47CAE6D862847A4F24753C199394 . 757968 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16592_none_585eea05ebe1e7fb\iexplore.exe
[7] 2014-09-19 . DD26ECEEC8CCDA6FD44CB8E376D5A832 . 757968 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16584_none_586bba85ebd7feb8\iexplore.exe
[7] 2014-09-19 . 0751575443322B366A36C653465FF1D0 . 757968 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20700_none_5947d76f04b856c5\iexplore.exe
[7] 2014-08-15 . 00E16998DA2563CD214B824D3C4F9762 . 757968 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20691_none_58e7868705006e6e\iexplore.exe
[7] 2014-08-15 . 6864C18818EB22D03A2D37C8C5586925 . 757968 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16575_none_58778abbebcefc1e\iexplore.exe
[7] 2014-07-24 . 76F9BA272D99BB7859695A4F9207178E . 757976 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16563_none_58805a13ebc8ad7f\iexplore.exe
[7] 2014-07-24 . 6EBFCE26DF05178D3AAB32A6A2E08380 . 757968 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20674_none_5900273d04ed8291\iexplore.exe
[7] 2014-06-09 . EB42437D005E26062759E6235CA9AEB4 . 758000 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20672_none_58fe26a904ef4fe3\iexplore.exe
[7] 2014-06-09 . 08ED70F000508724BAF881AA07C21BE1 . 758000 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16561_none_587e597febca7ad1\iexplore.exe
[7] 2014-05-28 . A2FCB57FF0C63599E910996B82488A00 . 758000 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20666_none_590cf7bd04e3994e\iexplore.exe
[7] 2014-05-28 . 7BA5B7DEDE25D44F3E664D5BA067E3CD . 758000 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16555_none_588d2a93ebbec43c\iexplore.exe
[7] 2014-03-08 . 7116680C2C62709EE81BDDC69EF26B93 . 757488 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16545_none_5897fa7febb6a84b\iexplore.exe
[7] 2014-03-07 . 41F24930153D42287D157B93A859E6F3 . 757488 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20656_none_5917c7a904db7d5d\iexplore.exe
[7] 2014-02-23 . 32FC0953B384A11B4AB422E56E2BDBCD . 757488 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20651_none_5912c63704dffeaa\iexplore.exe
[7] 2014-02-23 . 10EB5C0E376727E21198B14E2F1637F7 . 757488 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16540_none_5892f90debbb2998\iexplore.exe
[7] 2014-02-05 . C24DA744AD59EF3A87380F0A75D2E580 . 757488 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20644_none_5920970104d52ebe\iexplore.exe
[7] 2014-02-05 . 48600DAC5AF3A53B6F430528209E4830 . 757488 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16533_none_58a0c9d7ebb059ac\iexplore.exe
[7] 2013-11-14 . FA58195587EC371699D9641C3E275856 . 757488 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20637_none_592e67cb04ca5ed2\iexplore.exe
[7] 2013-11-14 . 43E6F2A7FB182F2D7CB0CE5B8F1005CF . 757488 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16526_none_58ae9aa1eba589c0\iexplore.exe
[7] 2013-10-13 . 06085B62BC7E0C8E2605CEA38774D956 . 757488 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16520_none_58a898e5ebaaf1b6\iexplore.exe
[7] 2013-10-13 . 2D64E29ADB5DEB40446796A9C42417E3 . 757488 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20631_none_5928660f04cfc6c8\iexplore.exe
[7] 2013-09-22 . F87E95A127E83277B9AE500D7A18C998 . 757400 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20625_none_5937372304c41033\iexplore.exe
[7] 2013-09-22 . 45BDA923BE52906D1460BCB13AC2AB7A . 757400 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16514_none_58b769f9eb9f3b21\iexplore.exe
[7] 2013-07-31 . AA9CBDCD4675A48755DDA3A73BE3E283 . 757400 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16506_none_58c43a79eb9551de\iexplore.exe
[7] 2013-07-31 . 10C1F2EC48D524AE10229AACD37B172A . 757400 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20617_none_594407a304ba26f0\iexplore.exe
[7] 2013-07-25 . 139C8953AC56A9E559C7DEF07BC45ED7 . 757400 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20613_none_5940067b04bdc194\iexplore.exe
[7] 2013-07-25 . 57EC630DBD5F0713E77CB3540AB80A8E . 757400 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16502_none_58c03951eb98ec82\iexplore.exe
[7] 2013-05-29 . 33E62E4EFC2ACA8EC63A8926F26D3889 . 757400 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20606_none_594dd74504b2f1a8\iexplore.exe
[7] 2013-05-29 . EE12BA876C4190532A4085994BA9B616 . 757400 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16496_none_5862e947ebde5030\iexplore.exe
[7] 2013-05-16 . 67EE46FD4D3B56531C5DD1BDC149275A . 757400 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16490_none_585ce78bebe3b826\iexplore.exe
[7] 2013-05-16 . A8732CEDB2C0EE7AFC08F867A47BB3EC . 757400 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20600_none_5947d58904b8599e\iexplore.exe
[7] 2013-04-04 . 3F00BE80B9CEA20B7FE7363D15EDDB94 . 757360 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16483_none_586ab855ebd8e83a\iexplore.exe
[7] 2013-04-04 . C036AB1ED8BAC04FE4A349BA263077BB . 757360 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20593_none_58e9853504fea3f5\iexplore.exe
[7] 2013-02-22 . 4145E2B5663F6FACC08EFDB17B658BB2 . 757360 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20586_none_58f755ff04f3d409\iexplore.exe
[7] 2013-02-22 . 32732CEDE2A1106B736EF3D84054EE04 . 757376 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16476_none_5878891febce184e\iexplore.exe
[7] 2013-02-02 . DDE5A0DFAF7C6370FB36402D7A746ED3 . 757296 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16470_none_58728763ebd38044\iexplore.exe
[7] 2013-02-02 . A285E1965C115031DA02B777EE9D7689 . 757280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20580_none_58f1544304f93bff\iexplore.exe
[7] 2013-01-08 . 698EB1E5F8C66344D97C00B5699E871D . 757280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16464_none_58815877ebc7c9af\iexplore.exe
[7] 2013-01-08 . F05982E56ABD835AA8DF260EEC873E5B . 757280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20573_none_58ff250d04ee6c13\iexplore.exe
[7] 2012-11-14 . 0D286C0FE561D1A7EB30E83A0FF305B2 . 757296 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16457_none_588f2941ebbcf9c3\iexplore.exe
[7] 2012-11-14 . F691418EE9A6344AEB5C1B0518FBF8AE . 757280 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20565_none_590bf58d04e482d0\iexplore.exe
[7] 2012-10-08 . 270A1342BD5AF95CA25A586B4C2F1522 . 748704 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16455_none_588d28adebbec715\iexplore.exe
[7] 2012-10-08 . CECB15F834FC2B4B150449717ADE18DD . 748704 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20562_none_5908f4af04e736cb\iexplore.exe
[7] 2012-08-24 . 62188720CE27B982B4285C03163C9FB3 . 748680 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20557_none_5918c60d04da998d\iexplore.exe
[7] 2012-08-24 . 22CC6CDBA678790046693654C3B212E4 . 748680 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16450_none_5888273bebc34862\iexplore.exe
[7] 2012-06-29 . 93569D46D79F9756ED077156496AFE23 . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16448_none_589af977ebb3f729\iexplore.exe
[7] 2012-06-28 . EB4105348272018D096FEB655CD1608C . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20554_none_5915c52f04dd4d88\iexplore.exe
[7] 2012-06-02 . 34B01BBD8F00B6B9C9248DC4F1E3CD01 . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16447_none_5899f92debb4ddd2\iexplore.exe
[7] 2012-06-02 . BE967C74B89577B78FB57C061E12B04C . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20553_none_5914c4e504de3431\iexplore.exe
[7] 2012-05-17 . 0129BB16161C2FD9A6B19111AB047198 . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16446_none_5898f8e3ebb5c47b\iexplore.exe
[7] 2012-05-17 . 268982F1FD671A077C6A2AF41E351436 . 748664 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.20551_none_5912c45104e00183\iexplore.exe
[7] 2012-03-02 . 904E13BA41AF2E353A32CF351CA53639 . 748336 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.1.8112.16421_none_58a99749ebaa0de6\iexplore.exe
[7] 2011-04-21 . 77B9A891222FB46B13E414B99E1AF842 . 634648 . . [7.00.6001.18639] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18639_none_2f4a9e431a0ea795\iexplore.exe
[7] 2011-04-21 . 6C93AC7C0A8718E2A1543DB1B1B3B19F . 634648 . . [7.00.6001.22905] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22905_none_2ff0ad763317887e\iexplore.exe
[7] 2011-02-18 . C84ABBF7D7AF2F7D004D800D10430FF5 . 634648 . . [7.00.6001.18602] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18602_none_2f640c0119fca261\iexplore.exe
[7] 2011-02-18 . BECD30E162ACFD7A04B1F87FBBAFF70E . 634648 . . [7.00.6001.22857] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22857_none_2fbc9c88333e49ba\iexplore.exe.
Code:
ATTFilter [7] 2010-12-20 . 4319F2A5C725D9E0B9E01744E02D32BE . 634648 . . [7.00.6001.18565] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18565_none_2f262b711a2a98e5\iexplore.exe
[7] 2010-12-20 . B021EBF2A5344FF71A641B2EFDAF813E . 634648 . . [7.00.6001.22816] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22816_none_2fe6dbee331ec09f\iexplore.exe
[7] 2009-04-11 . 2C5168C856455CC43C4B4E1CC1920001 . 636080 . . [7.00.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6002.18005_none_314d791517204c15\iexplore.exe
[7] 2008-10-02 . 19403B64906C9EAC627E3C10847B0FDA . 633632 . . [7.00.6000.16757] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16757_none_2d4cb5b31cfa2a15\iexplore.exe
[7] 2008-10-02 . 6655B851D9EEF7C83395EE52D551B448 . 633632 . . [7.00.6000.20927] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20927_none_2df6c42835ff7333\iexplore.exe
[7] 2008-06-27 . 157F8DE991396C536820D7FA5C8DCF7D . 625664 . . [7.00.6000.16711] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16711_none_2d71f3a71cdf2247\iexplore.exe
[7] 2008-06-27 . 4DBD95312B1C96C5285D38F1D748CD4D . 625664 . . [7.00.6000.20868] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20868_none_2dcc82dc361eff27\iexplore.exe
[7] 2008-04-25 . 07ED775D6DB4BFA96D7CFB09EB228418 . 625664 . . [7.00.6000.16681] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16681_none_2d26424d1d17e8b7\iexplore.exe
[7] 2008-04-25 . 9F1427F203CA078005C9943800929640 . 625664 . . [7.00.6000.20823] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20823_none_2df2c11a360310b0\iexplore.exe
[7] 2008-02-22 . 182CAF7403705ACCB51211A761080B8F . 625664 . . [7.00.6000.20777] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.20777_none_2dc0b0c03628049a\iexplore.exe
[7] 2008-02-21 . 9437CA21CD48C9B6BFD6F5AC0143D251 . 625664 . . [7.00.6000.16643] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16643_none_2d5382911cf5aba1\iexplore.exe
[7] 2008-01-21 . 5B92133D3E7FB2644677686305E29E81 . 625664 . . [7.00.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18000_none_2f62000919fe80c9\iexplore.exe
.
[7] 2015-03-13 . 952EA6E27E3A16F02F85C10BB7F4752A . 3552184 . . [6.0.6002.19346] . . c:\windows\System32\ntoskrnl.exe
[7] 2015-03-13 . 952EA6E27E3A16F02F85C10BB7F4752A . 3552184 . . [6.0.6002.19346] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.19346_none_6df18a30b16477e5\ntoskrnl.exe
[7] 2015-03-13 . 112B1547C85B519F5E4AB143E854A6F8 . 3556288 . . [6.0.6002.23654] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23654_none_6e6e5a47ca8bfb40\ntoskrnl.exe
[7] 2015-02-26 . 77B20066811D808B32CA778CA5BA3C46 . 3552184 . . [6.0.6002.19327] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.19327_none_6e082a52b153595a\ntoskrnl.exe
[7] 2015-02-26 . 6887BDCC3CF5F5D4BAEC13880C3A0E9F . 3556280 . . [6.0.6002.23636] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23636_none_6e85fab3ca79f60c\ntoskrnl.exe
[7] 2013-07-08 . CB284FC56D12BF5D2503CB75B03FD40A . 3551680 . . [6.0.6002.18881] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18881_none_6dc16954b1894118\ntoskrnl.exe
[7] 2013-07-08 . 32CB862046CF345C61121C93161BBE31 . 3555264 . . [6.0.6002.23154] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23154_none_6e6e50c9ca8c097d\ntoskrnl.exe
[7] 2013-05-02 . 8FD2F8EC87F45A3546B7A801F3D7DB35 . 3551096 . . [6.0.6002.18832] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18832_none_6df8793ab15fceba\ntoskrnl.exe
[7] 2013-05-02 . 2529332F2EFFC918724862C84C929AAA . 3555192 . . [6.0.6002.23103] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23103_none_6ea3601bca646471\ntoskrnl.exe
[7] 2013-03-11 . E31AE50AFB2A4AE804D016E02EE6BE10 . 3551080 . . [6.0.6002.18805] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18805_none_6e1be9dcb144c6ec\ntoskrnl.exe
[7] 2013-03-11 . E631B32BB66CD39392DA929BD77FFEBA . 3555192 . . [6.0.6002.23076] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23076_none_6e5aaf9fca9a76e6\ntoskrnl.exe
[7] 2013-01-22 . 7677206104D24CC75A7D4DA5926D749A . 3553128 . . [6.0.6002.23025] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.23025_none_6e8fbef1ca72d1da\ntoskrnl.exe
[7] 2013-01-05 . 691F1612558BF6B27F952C4B1073B0D1 . 3550072 . . [6.0.6002.18765] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18765_none_6ddb086eb175716b\ntoskrnl.exe
[7] 2012-08-29 . 4E7F06BA9E352E072AE0EDF3DB7B7462 . 3553152 . . [6.0.6002.22920] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22920_none_6e8ae55dca771fe5\ntoskrnl.exe
[7] 2012-08-29 . 0895557E35AE46729FFEFCB3906EBC69 . 3550080 . . [6.0.6002.18686] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18686_none_6dc666fab184c57d\ntoskrnl.exe
[7] 2012-04-03 . B9907DD4BE7B1B39573BF66554AB224E . 3552640 . . [6.0.6002.22831] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_6e8113d5ca7e5806\ntoskrnl.exe
[7] 2012-04-03 . BA4C485548914034B471EB6FC2B50082 . 3550080 . . [6.0.6002.18607] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_6e1de6a4b142ff4c\ntoskrnl.exe
[7] 2012-03-06 . D960F9E1FCA0C86387E806D9AED319FB . 3550080 . . [6.0.6002.18595] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18595_none_6dba94deb18dcaf0\ntoskrnl.exe
[7] 2012-03-06 . FEA4425645424D66DCCC6CD3F417A40D . 3552640 . . [6.0.6002.22811] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22811_none_6e96b3adca6e2024\ntoskrnl.exe
[7] 2011-10-27 . C7D1507B837BC41D13D6EAC31A032AE3 . 3550080 . . [6.0.6002.18533] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18533_none_6df973d2b15ef09c\ntoskrnl.exe
[7] 2011-10-27 . D91407C7DF48B369E35E9E1426563EFA . 3552640 . . [6.0.6002.22732] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22732_none_6e821239ca7d7436\ntoskrnl.exe
[7] 2010-10-15 . A573338BDCED710795C618EA5FCF48D5 . 3548048 . . [6.0.6001.18538] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18538_none_6c17fdaab43422b6\ntoskrnl.exe
[7] 2010-10-15 . 8B5EEAA99965E26C3FBB9FAC8BD3B6A1 . 3552144 . . [6.0.6002.22505] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22505_none_6ea57f0fca62721a\ntoskrnl.exe
[7] 2010-10-15 . F276ABE13DD0BA1024A42A443E47A4A2 . 3550608 . . [6.0.6001.22777] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22777_none_6c755c61cd731614\ntoskrnl.exe
[7] 2010-10-15 . 1ACD7FC485D0E0FF9097E08900D834CC . 3550096 . . [6.0.6002.18327] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18327_none_6e08411ab1533fb9\ntoskrnl.exe
[7] 2009-04-11 . 6798DBF3F25721637AEF5B6C69911C9C . 3549672 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18005_none_6e1bdaacb144ddb4\ntoskrnl.exe
[7] 2009-03-03 . 393BB8FE05D66ABA7B091E6032179272 . 3547632 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_6c20c750b42ddca2\ntoskrnl.exe
[7] 2009-03-03 . DFF34C5D66AB4BF1EED47BF19D1267BB . 3548656 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_6c6c8571cd797017\ntoskrnl.exe
[7] 2009-03-03 . 3910FE042C707E6BACD0FEC5AB9ECDE6 . 3469280 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_6a29b702b714cf98\ntoskrnl.exe
[7] 2009-03-03 . 808C86316AED98716C5F305A6265F393 . 3471328 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_6ac0fcb9d027d2b8\ntoskrnl.exe
[7] 2008-09-18 . 1FD3E8BFFD38F9B145E4B2B238B692F7 . 3549240 . . [6.0.6001.18145] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18145_none_6c0a2548b43efe06\ntoskrnl.exe
[7] 2008-09-18 . DEA801F2D9FD1DB35ED6B9BC4A6657F1 . 3549752 . . [6.0.6001.22269] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22269_none_6c822363cd693b0e\ntoskrnl.exe
[7] 2008-09-18 . 03279407E78F76BA1131DAB35A5E55C0 . 3470904 . . [6.0.6000.16754] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16754_none_6a18166cb7216faf\ntoskrnl.exe
[7] 2008-09-18 . 1E09CE4D9BB7B6521FB023CAE2E55F63 . 3472952 . . [6.0.6000.20921] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.20921_none_6abf2403d0296cc8\ntoskrnl.exe
[7] 2008-04-26 . C9CD31B3CBA8134F2B47FB5E78376ACC . 3549240 . . [6.0.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_6bf282f6b4510613\ntoskrnl.exe
[7] 2008-04-26 . 22D444D3D88A4C299894B3638A114BF7 . 3549240 . . [6.0.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_6c8020e9cd6b0b39\ntoskrnl.exe
[7] 2008-01-21 . 6700F35EBA206E5C89AC27C9A124DC01 . 3548728 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18000_none_6c3061a0b4231268\ntoskrnl.exe
Code:
ATTFilter .
[7] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\System32\w32time.dll
[7] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6002.18005_none_8a92dcbb6a6c707b\w32time.dll
[7] 2008-01-21 . 1CF9206966A8458CDA9A8B20DF8AB7D3 . 282624 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6001.18000_none_88a763af6d4aa52f\w32time.dll
.
[7] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\System32\wiaservc.dll
[7] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6002.18005_none_347fb41db0752753\wiaservc.dll
[7] 2008-01-21 . 7DD08A597BC56051F320DA0BAF69E389 . 452608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6001.18000_none_32943b11b3535c07\wiaservc.dll
.
[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\System32\midimap.dll
[7] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6002.18005_none_8ee941100db1acf2\midimap.dll
[7] 2008-01-21 . D7F1F6C72276A15579D5761098018891 . 17408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6001.18000_none_8cfdc804108fe1a6\midimap.dll
.
[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\System32\rasadhlp.dll
[7] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasadhlp.dll
.
[7] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] . . c:\windows\System32\WSHTCPIP.DLL
[7] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.0.6001.18000_none_cbb305c23187855a\WSHTCPIP.DLL
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Steam"="c:\program files\Steam\Steam.exe" [2015-06-04 2892992]
"Spotify Web Helper"="c:\users\Cone\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-05-28 2021944]
"CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-21 192000]
"Badoo Desktop"="c:\programdata\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe" [2012-12-24 1067232]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2015-04-17 31282304]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-01-20 5496600]
"Spotify"="c:\users\Cone\AppData\Roaming\Spotify\Spotify.exe" [2015-05-28 7323192]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-17 6111232]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-10-26 1029416]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"LexwareInfoService"="c:\program files\Common Files\Lexware\Update Manager\LxUpdateManager.exe" [2010-09-15 339312]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2014-08-19 448856]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
.
c:\users\Cone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-2-12 723496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2015-06-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-05 15:32]
.
2015-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1135379117-4003147572-3166874969-1003Core.job
- c:\users\Cone\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-31 08:52]
.
2015-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1135379117-4003147572-3166874969-1003UA.job
- c:\users\Cone\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-31 08:52]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.oursurfing.com/?type=hp&ts=1433863206&z=602383c987343716d3a9f96g5z2c5c7b2qcc9obeeq&from=tt4u&uid=HitachiXHTS543225L9A300_081225FB8E00LKKN7V3AX
mStart Page = hxxp://www.oursurfing.com/?type=hp&ts=1433863206&z=602383c987343716d3a9f96g5z2c5c7b2qcc9obeeq&from=tt4u&uid=HitachiXHTS543225L9A300_081225FB8E00LKKN7V3AX
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.oursurfing.com/?type=hp&ts=1433863206&z=602383c987343716d3a9f96g5z2c5c7b2qcc9obeeq&from=tt4u&uid=HitachiXHTS543225L9A300_081225FB8E00LKKN7V3AX
FF - ExtSQL: !HIDDEN! 2011-11-18 18:53; firejump@firejump.net; c:\users\Cone\AppData\Roaming\Mozilla\Firefox\Profiles\135ahp2x.default\extensions\firejump@firejump.net
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
HKCU-Run-ICQ - c:\program files\ICQ7.4\ICQ.exe
HKCU-Run-DesktopSearch - c:\programdata\DesktopSearch\DesktopSearch.exe
HKLM-Run-PlusService - c:\program files\Yuna Software\Messenger Plus!\PlusService.exe
c:\users\Cone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk - c:\program files\ZooskMessenger\ZooskMessenger.exe
AddRemove-AU11_is1 - c:\program files\Innovative Solutions\Advanced Uninstaller PRO\unins000.exe
AddRemove-Messenger Plus! - c:\program files\Yuna Software\Messenger Plus!\Uninstall.exe
AddRemove-zz.539.mcc - c:\program files\MaxComputerCleaner\uninstall.exe
AddRemove-PDF Reader - c:\program files\PDFReader\Uninstall\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-06-12 17:07
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
.
c:\users\Cone\AppData\Roaming\Skype\conewhipley\chatsync\ae\ae4e35980c9230c3.dat 1933 bytes
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\21.7.0.11\NIS.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\21.7.0.11\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\NIS\1507000.00B\SYMTDIV.SYS"
"TrustedImagePaths"="c:\program files\Norton Internet Security\Engine\21.7.0.11"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1135379117-4003147572-3166874969-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:3e,ca,62,c6,5d,29,ce,15,b6,e5,5a,76,9c,de,e0,d7,8c,17,8a,c0,9a,77,b6,
3a,e1,25,eb,40,da,13,d2,31,a3,57,ee,de,09,ea,ce,ad,ff,d4,df,30,68,94,65,e2,\
"??"=hex:03,19,76,33,70,8c,2e,19,d1,71,a8,71,bc,15,cf,05
.
[HKEY_USERS\S-1-5-21-1135379117-4003147572-3166874969-1003\Software\SecuROM\License information*]
"datasecu"=hex:07,5e,bc,dd,4f,e2,f2,4c,23,42,da,a0,1a,f3,21,74,68,f6,bd,c5,e7,
16,48,ea,fc,94,c0,2e,5a,db,74,5f,63,f3,da,e9,b5,25,3c,f8,5b,7a,21,c1,57,43,\
"rkeysecu"=hex:6e,96,26,8c,8c,a2,0f,e6,7c,1e,fd,41,3e,96,93,be
Code:
ATTFilter .
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(3116)
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\WLANExt.exe
c:\programdata\WindowsMangerProtect\ProtectWindowsManager.exe
c:\program files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
c:\windows\system32\conime.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\windows\runservice.exe
c:\users\Cone\AppData\Roaming\Mysterious Herd\Mysterious Herd.exe
c:\program files\Norton Internet Security\Engine\21.7.0.11\NIS.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Norton Internet Security\Engine\21.7.0.11\NIS.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\System32\WUDFHost.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\DllHost.exe
c:\windows\RtHDVCpl.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\users\Cone\AppData\Roaming\Spotify\SpotifyCrashService.exe
c:\program files\Steam\bin\steamwebhelper.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-06-12 17:30:30 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-06-12 15:30
.
Vor Suchlauf: 20 Verzeichnis(se), 12.011.524.096 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 11.605.479.424 Bytes frei
.
- - End Of File - - F236B7012CF76DB4E05EA0BF9BE504F6
61A349592C4728853F4A90FF78F7628E
 |
|
13.06.2015, 13:43
| #9 |
| /// the machine /// TB-Ausbilder | Hartnäckige AdWare (?) auf dem Rechner Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Hartnäckige AdWare (?) auf dem Rechner |
| adware, chromium, computer, desktop, email, firefox, google, home, installation, internet, internet explorer, langsam, log file, mozilla, problem, programm, registry, scan, schutz, security, software, tcp, temp, udp, vista, werbung |
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
Linear-Darstellung
