Click Compare in Browser
Hallo,
habe auf mehreren Rechner sowohl in FF als auch Chrome Links, die zu Clickcompare weiterleiten. Habe gelesen, dass es sich hierbei um einen Trojaner handelt. Hier der Log von mbam:
Malwarebytes Anti-Malware (Test) 1.70.0.1100
www.malwarebytes.org
Datenbank Version: v2013.02.14.03
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
vinexus :: PC-TANJA [Administrator]
Schutz: Aktiviert
14.02.2013 10:14:30
mbam-log-2013-02-14 (10-14-30).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 194682
Laufzeit: 3 Minute(n), 58 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende) OTL: HTML-Code:
OTL logfile created on: 14.02.2013 10:14:32 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tanja\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 64,35% Memory free
5,99 Gb Paging File | 4,78 Gb Available in Paging File | 79,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 29,72 Gb Total Space | 6,54 Gb Free Space | 22,02% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 144,55 Gb Free Space | 96,98% Space Free | Partition Type: NTFS
Computer Name: PC-TANJA | User Name: tanja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2013.02.14 09:11:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tanja\Desktop\OTL.exe
PRC - [2013.02.06 12:07:42 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.02.06 12:07:34 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.02.06 12:07:33 | 000,385,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.02.06 12:07:33 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.01.31 18:05:33 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\ielowutil.exe
PRC - [2013.01.24 23:43:03 | 002,319,504 | ---- | M] (COMODO) -- C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2013.01.24 23:42:40 | 007,626,448 | ---- | M] (COMODO) -- C:\Programme\COMODO\COMODO Internet Security\cis.exe
PRC - [2013.01.24 23:42:40 | 001,430,736 | ---- | M] (COMODO) -- C:\Programme\COMODO\COMODO Internet Security\cistray.exe
PRC - [2013.01.24 23:42:39 | 000,404,688 | ---- | M] (COMODO) -- C:\Programme\COMODO\COMODO Internet Security\cavwp.exe
PRC - [2013.01.09 17:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) -- C:\Programme\PDF Architect\ConversionService.exe
PRC - [2013.01.09 17:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) -- C:\Programme\PDF Architect\HelperService.exe
PRC - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.14 16:49:28 | 000,824,232 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.08.31 12:15:38 | 000,532,480 | ---- | M] (3CX Ltd) -- C:\Programme\3CXPhone\3CXPhone.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 22:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2009.08.18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.08.18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2013.02.06 12:10:36 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.02.06 12:10:21 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.02.06 12:10:15 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2011.03.23 10:21:52 | 005,210,449 | ---- | M] () -- C:\Programme\3CXPhone\ffdshow\libavcodec.dll
MOD - [2011.03.23 10:21:52 | 003,843,584 | ---- | M] () -- C:\Programme\3CXPhone\ffdshow\ffdshow.ax
MOD - [2011.03.23 10:21:52 | 000,962,008 | ---- | M] () -- C:\Programme\3CXPhone\ffdshow\ff_x264.dll
MOD - [2011.03.23 10:21:52 | 000,901,509 | ---- | M] () -- C:\Programme\3CXPhone\ffdshow\xvidcore.dll
MOD - [2011.03.23 10:21:52 | 000,270,336 | ---- | M] () -- C:\Programme\3CXPhone\avfilters\lame.ax
MOD - [2011.03.23 10:21:52 | 000,157,184 | ---- | M] () -- C:\Programme\3CXPhone\avfilters\libspeexdsp.dll
MOD - [2011.03.23 10:21:52 | 000,100,864 | ---- | M] () -- C:\Programme\3CXPhone\ffdshow\ff_wmv9.dll
MOD - [2011.03.23 10:21:52 | 000,024,848 | ---- | M] () -- C:\Programme\3CXPhone\avfilters\wavdest.ax
MOD - [2010.11.13 00:19:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV - [2013.02.08 09:37:24 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.07 08:48:37 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.06 12:07:42 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.02.06 12:07:33 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.01.24 23:43:03 | 002,319,504 | ---- | M] (COMODO) [Auto | Running] -- C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2013.01.24 23:42:41 | 000,127,184 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Programme\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV - [2013.01.09 17:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Programme\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2013.01.09 17:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Programme\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010.11.20 22:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009.08.18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - [2013.02.14 10:14:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2013.01.16 20:51:42 | 000,084,416 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2013.01.16 20:51:42 | 000,043,728 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2013.01.16 20:51:41 | 000,576,768 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2013.01.16 20:51:40 | 000,020,072 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmderd.sys -- (cmderd)
DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.11.27 10:01:26 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.11.22 15:51:13 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.11.22 15:50:51 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.08.27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.11.20 22:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 22:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010.11.20 22:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010.11.20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.20 22:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010.11.20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.08.18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.14 01:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009.07.14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B5 26 FC D8 04 05 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..extensions.enabledAddons: FFPDFArchitectConverter%40pdfarchitect.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\tanja\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\tanja\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files\PDF Architect\FFPDFArchitectExt [2013.01.30 09:57:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.07 08:48:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.07 08:48:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2013.01.30 09:48:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tanja\AppData\Roaming\mozilla\Extensions
[2013.01.30 10:05:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tanja\AppData\Roaming\mozilla\Firefox\Profiles\rpq8pfaq.default\extensions
[2013.01.30 10:05:06 | 000,000,000 | ---D | M] (SaveByclick) -- C:\Users\tanja\AppData\Roaming\mozilla\Firefox\Profiles\rpq8pfaq.default\extensions\5108dff31cf55@5108dff31cf8f.com
[2013.02.07 08:48:34 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.01.30 09:57:59 | 000,000,000 | ---D | M] (PDF Architect Converter For Firefox) -- C:\PROGRAM FILES\PDF ARCHITECT\FFPDFARCHITECTEXT
[2013.02.07 08:48:37 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.01.17 01:11:04 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.17 01:11:04 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013.01.17 01:11:04 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2013.01.17 01:11:04 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.01.17 01:11:04 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.01.17 01:11:04 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
[color=#E56717]========== Chrome ==========[/color]
CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\tanja\AppData\Local\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\tanja\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\tanja\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\tanja\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - Extension: Google Docs = C:\Users\tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.4_0\
CHR - Extension: Google Drive = C:\Users\tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SaveByclick = C:\Users\tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pefkmbnbicbddjcoekkpahgnfbncldob\1\
CHR - Extension: Google Mail = C:\Users\tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Programme\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Programme\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Programme\COMODO\COMODO Internet Security\cistray.exe (COMODO)
O4 - Startup: C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3CXPhone.lnk = C:\Programme\3CXPhone\3CXPhone.exe (3CX Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.180.1 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86EE4E0A-98C3-42A2-B170-301D182472BD}: DhcpNameServer = 192.168.180.1 0.0.0.0
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2013.02.14 10:14:17 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013.02.14 09:56:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2013.02.14 09:49:29 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Malwarebytes
[2013.02.14 09:49:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.14 09:49:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.14 09:49:17 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.02.14 09:49:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.02.14 09:24:10 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.02.14 09:22:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\tanja\Desktop\OTL.exe
[2013.02.07 08:48:33 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.02.04 08:18:21 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013.02.04 08:18:20 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013.02.04 08:18:18 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2013.02.04 08:18:18 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2013.01.31 18:32:45 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013.01.31 18:32:45 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2013.01.31 18:32:45 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013.01.31 18:08:29 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2013.01.31 18:08:28 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2013.01.31 18:07:39 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2013.01.31 18:07:38 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2013.01.31 18:07:38 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2013.01.31 18:05:33 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013.01.31 18:05:33 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.01.31 18:05:33 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.01.31 18:05:33 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.01.31 18:05:33 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.01.31 18:05:33 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013.01.31 18:05:33 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013.01.31 18:05:33 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013.01.31 18:05:33 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013.01.31 18:05:33 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.01.31 18:05:33 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2013.01.31 18:05:33 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013.01.31 18:05:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.01.31 18:05:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2013.01.31 18:05:33 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013.01.31 18:05:33 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013.01.31 18:05:33 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013.01.31 18:05:33 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013.01.31 18:05:33 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.01.31 18:05:33 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2013.01.31 18:05:33 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013.01.31 18:05:33 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013.01.31 18:05:33 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2013.01.31 18:05:33 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.01.31 18:05:33 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013.01.31 18:05:33 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013.01.31 18:05:33 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.01.31 18:05:33 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.01.31 18:05:33 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.01.31 18:05:33 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.01.31 18:05:33 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013.01.31 18:05:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013.01.31 18:05:33 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013.01.31 18:05:33 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013.01.31 18:05:33 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.01.31 18:05:33 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013.01.31 18:05:33 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013.01.31 18:04:22 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2013.01.31 13:13:48 | 000,000,000 | R--D | C] -- C:\Users\tanja\AppData\Roaming\Brother
[2013.01.31 13:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2013.01.31 12:46:30 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\PDF Architect
[2013.01.31 11:37:14 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\Adobe
[2013.01.31 09:19:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.01.31 09:19:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.01.31 09:13:40 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.01.31 09:13:39 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2013.01.31 09:13:12 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2013.01.31 09:13:12 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2013.01.31 09:12:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2013.01.31 09:12:21 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OxpsConverter.exe
[2013.01.31 09:12:18 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2013.01.31 09:12:17 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2013.01.31 09:12:17 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2013.01.31 09:12:17 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2013.01.31 09:12:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2013.01.31 09:11:58 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2013.01.31 09:11:58 | 000,187,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2013.01.31 09:11:58 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2013.01.31 09:11:58 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2013.01.31 09:11:58 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2013.01.31 09:11:55 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2013.01.31 09:11:49 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2013.01.31 09:11:49 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.01.31 09:11:49 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013.01.31 09:11:49 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013.01.31 09:11:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.31 09:11:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.31 09:11:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.31 09:11:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013.01.31 09:11:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013.01.31 09:11:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.31 09:11:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.31 09:11:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.31 09:11:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.31 09:11:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013.01.31 09:11:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.31 09:11:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.31 09:11:49 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013.01.31 09:11:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.31 09:11:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013.01.31 09:11:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013.01.31 09:11:40 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2013.01.31 09:11:40 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2013.01.31 09:11:40 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2013.01.31 09:11:40 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2013.01.31 09:11:40 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2013.01.31 09:11:40 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2013.01.31 09:11:38 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2013.01.31 09:11:34 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2013.01.31 09:11:34 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2013.01.31 09:11:33 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2013.01.31 09:11:32 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2013.01.31 09:11:32 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2013.01.31 09:11:31 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2013.01.31 09:11:30 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013.01.31 09:11:29 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2013.01.31 09:11:29 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2013.01.31 09:11:29 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2013.01.31 09:11:28 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013.01.31 09:11:28 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2013.01.31 09:11:21 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013.01.31 09:11:16 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.01.31 09:11:16 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.01.31 09:11:14 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013.01.31 09:11:00 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2013.01.31 09:11:00 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs
[2013.01.31 09:11:00 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs
[2013.01.31 09:11:00 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs
[2013.01.31 09:11:00 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs
[2013.01.31 09:11:00 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs
[2013.01.31 09:11:00 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs
[2013.01.31 09:11:00 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs
[2013.01.31 09:11:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs
[2013.01.31 09:11:00 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs
[2013.01.31 09:11:00 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs
[2013.01.31 09:10:59 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2013.01.31 09:10:59 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs
[2013.01.31 09:10:59 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs
[2013.01.31 09:10:59 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs
[2013.01.31 09:10:59 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs
[2013.01.31 09:10:53 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2013.01.31 09:10:52 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2013.01.31 09:10:51 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2013.01.31 09:10:51 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2013.01.31 09:10:51 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2013.01.31 09:10:51 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2013.01.31 09:10:51 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2013.01.31 09:10:51 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2013.01.31 09:10:49 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2013.01.31 09:10:49 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2013.01.31 09:10:49 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2013.01.31 09:10:48 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013.01.31 09:10:46 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2013.01.31 09:10:42 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013.01.31 09:10:42 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2013.01.31 09:10:39 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll
[2013.01.31 09:10:39 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2013.01.31 09:08:12 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2013.01.31 09:08:12 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2013.01.31 09:08:08 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2013.01.31 09:08:07 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2013.01.31 09:08:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013.01.31 09:07:56 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2013.01.31 09:01:26 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\Macromedia
[2013.01.30 12:09:20 | 000,000,000 | ---D | C] -- C:\Users\tanja\Desktop\TANJA
[2013.01.30 11:19:59 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\3CX VoIP Phone
[2013.01.30 11:19:16 | 000,000,000 | ---D | C] -- C:\Program Files\3CXPhone
[2013.01.30 11:19:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3CX Phone
[2013.01.30 10:30:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2013.01.30 10:30:11 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2013.01.30 10:30:11 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2013.01.30 10:30:11 | 001,379,760 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll
[2013.01.30 10:30:11 | 000,819,648 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll
[2013.01.30 10:30:11 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2013.01.30 10:30:11 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2013.01.30 10:30:11 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2013.01.30 10:30:11 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2013.01.30 10:30:11 | 000,134,584 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll
[2013.01.30 10:30:11 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll
[2013.01.30 10:30:10 | 003,173,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2013.01.30 10:30:10 | 002,417,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2013.01.30 10:30:10 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2013.01.30 10:30:10 | 000,645,776 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2013.01.30 10:30:10 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2013.01.30 10:30:10 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2013.01.30 10:30:10 | 000,192,104 | ---- | C] (Sony Corporation) -- C:\Windows\System32\SFSS_APO.dll
[2013.01.30 10:30:10 | 000,087,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInstII.dll
[2013.01.30 10:30:10 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2013.01.30 10:30:10 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2013.01.30 10:30:10 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2013.01.30 10:30:10 | 000,013,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoLDR.dll
[2013.01.30 10:30:09 | 007,783,768 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2013.01.30 10:30:09 | 007,161,696 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2013.01.30 10:30:09 | 005,096,448 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2013.01.30 10:30:09 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2013.01.30 10:30:09 | 001,185,112 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek2.dll
[2013.01.30 10:30:09 | 000,709,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPOShell.dll
[2013.01.30 10:30:09 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2013.01.30 10:30:09 | 000,351,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2013.01.30 10:30:09 | 000,350,552 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2013.01.30 10:30:09 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2013.01.30 10:30:09 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2013.01.30 10:30:09 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2013.01.30 10:30:09 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2013.01.30 10:30:09 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2013.01.30 10:30:09 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2013.01.30 10:30:09 | 000,105,824 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2013.01.30 10:30:09 | 000,091,488 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2013.01.30 10:30:09 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2013.01.30 10:30:09 | 000,061,792 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2013.01.30 10:30:08 | 002,193,472 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2013.01.30 10:30:08 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2013.01.30 10:30:08 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2013.01.30 10:30:08 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2013.01.30 10:30:08 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2013.01.30 10:30:08 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2013.01.30 10:30:08 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2013.01.30 10:30:08 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2013.01.30 10:30:08 | 000,421,744 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2013.01.30 10:30:08 | 000,398,192 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2013.01.30 10:30:08 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2013.01.30 10:30:08 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2013.01.30 10:30:08 | 000,335,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2013.01.30 10:30:08 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2013.01.30 10:30:08 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2013.01.30 10:30:08 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2013.01.30 10:30:08 | 000,176,736 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2013.01.30 10:30:08 | 000,095,840 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2013.01.30 10:30:08 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013.01.30 10:30:07 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2013.01.30 10:30:06 | 001,706,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013.01.30 10:30:06 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2013.01.30 10:30:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2013.01.30 10:10:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2013.01.30 10:09:58 | 000,000,000 | --SD | C] -- C:\ProgramData\Shared Space
[2013.01.30 10:09:39 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2013.01.30 10:09:39 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2013.01.30 10:09:39 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2013.01.30 10:09:39 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2013.01.30 10:09:39 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2013.01.30 10:09:39 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2013.01.30 10:09:39 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2013.01.30 10:09:38 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2013.01.30 10:09:38 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2013.01.30 10:09:38 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2013.01.30 10:09:38 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2013.01.30 10:09:38 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2013.01.30 10:09:38 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2013.01.30 10:09:38 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2013.01.30 10:09:38 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2013.01.30 10:09:38 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2013.01.30 10:09:37 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2013.01.30 10:09:37 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2013.01.30 10:09:37 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2013.01.30 10:09:37 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2013.01.30 10:09:37 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2013.01.30 10:09:37 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2013.01.30 10:09:36 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2013.01.30 10:09:36 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2013.01.30 10:09:36 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2013.01.30 10:09:36 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2013.01.30 10:09:36 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2013.01.30 10:09:36 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2013.01.30 10:09:36 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2013.01.30 10:09:36 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2013.01.30 10:09:36 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2013.01.30 10:09:36 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2013.01.30 10:09:36 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2013.01.30 10:09:35 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2013.01.30 10:09:35 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2013.01.30 10:09:35 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2013.01.30 10:09:35 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2013.01.30 10:09:35 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2013.01.30 10:09:35 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2013.01.30 10:09:35 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2013.01.30 10:09:35 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2013.01.30 10:09:35 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2013.01.30 10:09:35 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2013.01.30 10:09:34 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2013.01.30 10:09:34 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2013.01.30 10:09:34 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2013.01.30 10:09:34 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2013.01.30 10:09:34 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2013.01.30 10:09:34 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2013.01.30 10:09:34 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2013.01.30 10:09:34 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2013.01.30 10:09:34 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2013.01.30 10:09:33 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2013.01.30 10:09:33 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2013.01.30 10:09:33 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2013.01.30 10:09:33 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2013.01.30 10:09:33 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2013.01.30 10:09:33 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2013.01.30 10:09:32 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2013.01.30 10:09:32 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2013.01.30 10:09:32 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2013.01.30 10:09:32 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2013.01.30 10:09:32 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2013.01.30 10:09:32 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2013.01.30 10:09:32 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2013.01.30 10:09:32 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2013.01.30 10:09:31 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2013.01.30 10:09:31 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2013.01.30 10:09:31 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2013.01.30 10:09:31 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2013.01.30 10:09:31 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2013.01.30 10:09:31 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2013.01.30 10:09:31 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2013.01.30 10:09:30 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2013.01.30 10:09:30 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2013.01.30 10:09:30 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2013.01.30 10:09:30 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2013.01.30 10:09:30 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2013.01.30 10:09:30 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2013.01.30 10:09:30 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2013.01.30 10:09:30 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2013.01.30 10:09:30 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2013.01.30 10:09:28 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2013.01.30 10:09:28 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2013.01.30 10:09:28 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2013.01.30 10:09:28 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2013.01.30 10:09:28 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2013.01.30 10:09:28 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2013.01.30 10:09:27 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2013.01.30 10:09:27 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2013.01.30 10:09:27 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2013.01.30 10:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2013.01.30 10:08:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2013.01.30 10:08:53 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2013.01.30 10:06:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2013.01.30 10:04:34 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Avira
[2013.01.30 09:59:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.01.30 09:59:03 | 000,134,336 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013.01.30 09:59:03 | 000,083,944 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013.01.30 09:59:03 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013.01.30 09:59:03 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013.01.30 09:59:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.01.30 09:59:02 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2013.01.30 09:58:16 | 000,000,000 | ---D | C] -- C:\ProgramData\RightClick
[2013.01.30 09:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\SaveByClick
[2013.01.30 09:58:12 | 000,000,000 | ---D | C] -- C:\ProgramData\SaveByclick
[2013.01.30 09:58:10 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2013.01.30 09:58:03 | 000,000,000 | ---D | C] -- C:\Users\tanja\Documents\PDF Architect Files
[2013.01.30 09:58:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
[2013.01.30 09:57:57 | 000,000,000 | ---D | C] -- C:\Program Files\PDF Architect
[2013.01.30 09:57:51 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\pdfforge
[2013.01.30 09:57:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2013.01.30 09:57:49 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX
[2013.01.30 09:57:49 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX
[2013.01.30 09:57:49 | 000,088,576 | ---- | C] (pdfforge GbR) -- C:\Windows\System32\pdfcmon.dll
[2013.01.30 09:57:48 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6DE.DLL
[2013.01.30 09:57:47 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCDE.DLL
[2013.01.30 09:57:47 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2DE.DLL
[2013.01.30 09:57:47 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL
[2013.01.30 09:57:47 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2013.01.30 09:54:58 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\Programs
[2013.01.30 09:53:52 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\WinRAR
[2013.01.30 09:53:52 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.01.30 09:53:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.01.30 09:53:50 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.01.30 09:53:11 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.01.30 09:52:15 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013.01.30 09:52:10 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\Google
[2013.01.30 09:51:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013.01.30 09:51:16 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013.01.30 09:49:44 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Skype
[2013.01.30 09:49:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.01.30 09:49:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013.01.30 09:49:39 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013.01.30 09:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013.01.30 09:49:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013.01.30 09:48:14 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Mozilla
[2013.01.30 09:48:14 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\Mozilla
[2013.01.30 09:48:08 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.01.30 09:48:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.01.30 09:45:28 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Macromedia
[2013.01.30 09:45:28 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Adobe
[2013.01.30 09:45:21 | 000,697,712 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.01.30 09:45:21 | 000,074,096 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.01.30 09:45:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2013.01.30 09:43:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013.01.30 09:42:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2013.01.30 09:42:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.01.30 09:42:20 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013.01.30 09:42:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013.01.30 09:40:18 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\Microsoft Help
[2013.01.30 09:40:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.01.30 09:40:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013.01.30 09:38:36 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2013.01.30 09:38:15 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013.01.30 09:37:55 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013.01.30 09:35:03 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2013.01.30 09:35:03 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2013.01.30 09:35:00 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2013.01.30 09:35:00 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2013.01.30 09:35:00 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2013.01.30 09:34:53 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2013.01.30 09:34:53 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2013.01.30 09:34:46 | 000,000,000 | R--D | C] -- C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.01.30 09:34:46 | 000,000,000 | R--D | C] -- C:\Users\tanja\Searches
[2013.01.30 09:34:46 | 000,000,000 | R--D | C] -- C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.01.30 09:34:40 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Identities
[2013.01.30 09:34:39 | 000,000,000 | R--D | C] -- C:\Users\tanja\Contacts
[2013.01.30 09:34:36 | 000,000,000 | --SD | C] -- C:\Users\tanja\AppData\Roaming\Microsoft
[2013.01.30 09:34:36 | 000,000,000 | R--D | C] -- C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.01.30 09:34:36 | 000,000,000 | R--D | C] -- C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Vorlagen
[2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\AppData\Local\Verlauf
[2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\AppData\Local\Temporary Internet Files
[2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Startmenü
[2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\SendTo
[2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Recent
[2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Netzwerkumgebung
[2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Lokale Einstellungen
[2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Documents\Eigene Videos
[2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Documents\Eigene Musik
[2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Eigene Dateien
[2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Documents\Eigene Bilder
[2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Druckumgebung
[2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Cookies
[2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\AppData\Local\Anwendungsdaten
[2013.01.30 09:34:36 | 000,000,000 | -HSD | C] -- C:\Users\tanja\Anwendungsdaten
[2013.01.30 09:34:36 | 000,000,000 | -H-D | C] -- C:\Users\tanja\AppData
[2013.01.30 09:34:36 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\VirtualStore
[2013.01.30 09:34:36 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\Temp
[2013.01.30 09:34:36 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Local\Microsoft
[2013.01.30 09:34:36 | 000,000,000 | ---D | C] -- C:\Users\tanja\AppData\Roaming\Media Center Programs
[2013.01.30 09:34:35 | 000,000,000 | R--D | C] -- C:\Users\tanja\Videos
[2013.01.30 09:34:35 | 000,000,000 | R--D | C] -- C:\Users\tanja\Saved Games
[2013.01.30 09:34:35 | 000,000,000 | R--D | C] -- C:\Users\tanja\Pictures
[2013.01.30 09:34:35 | 000,000,000 | R--D | C] -- C:\Users\tanja\Music
[2013.01.30 09:34:35 | 000,000,000 | R--D | C] -- C:\Users\tanja\Links
[2013.01.30 09:34:35 | 000,000,000 | R--D | C] -- C:\Users\tanja\Favorites
[2013.01.30 09:34:35 | 000,000,000 | R--D | C] -- C:\Users\tanja\Downloads
[2013.01.30 09:34:35 | 000,000,000 | R--D | C] -- C:\Users\tanja\Documents
[2013.01.30 09:34:35 | 000,000,000 | R--D | C] -- C:\Users\tanja\Desktop
[2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\Programme
[2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2013.01.30 09:34:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2013.01.30 09:34:26 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.01.30 09:30:34 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013.01.30 09:30:18 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013.01.30 09:29:28 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2013.02.14 10:14:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013.02.14 10:13:58 | 000,001,959 | ---- | M] () -- C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3CXPhone.lnk
[2013.02.14 10:13:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.14 10:12:58 | 2414,485,504 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.14 10:12:27 | 000,026,352 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.14 10:12:27 | 000,026,352 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.14 10:08:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-128914377-670426599-1984384762-1000UA.job
[2013.02.14 09:49:20 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.02.14 09:36:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.14 09:31:12 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.14 09:31:12 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.14 09:31:12 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.14 09:31:12 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.14 09:17:19 | 000,056,228 | ---- | M] () -- C:\Users\tanja\Desktop\160088748.pdf
[2013.02.14 09:11:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tanja\Desktop\OTL.exe
[2013.02.14 09:08:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-128914377-670426599-1984384762-1000Core.job
[2013.02.12 14:08:58 | 000,056,687 | ---- | M] () -- C:\Users\tanja\Desktop\160089185.pdf
[2013.02.08 10:33:59 | 000,056,066 | ---- | M] () -- C:\Users\tanja\Desktop\160089100.pdf
[2013.02.08 10:14:51 | 000,017,865 | ---- | M] () -- C:\Users\tanja\Desktop\Status-zu-Sendung-634924479542.pdf
[2013.02.08 09:37:23 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.02.08 09:37:23 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.02.07 14:02:48 | 000,056,399 | ---- | M] () -- C:\Users\tanja\Desktop\160089054.pdf
[2013.02.07 13:56:57 | 000,210,810 | ---- | M] () -- C:\Users\tanja\Documents\Gerard-Butler-gerard-butler-16740958-1280-1024.jpg
[2013.02.07 12:41:01 | 000,009,661 | ---- | M] () -- C:\Users\tanja\Documents\helau.jpg
[2013.02.07 11:31:03 | 000,105,112 | ---- | M] () -- C:\Users\tanja\Desktop\S62254_AB_Vignobles Alain Jaum.pdf
[2013.02.07 11:04:06 | 000,003,880 | ---- | M] () -- C:\Users\tanja\Documents\th.jpg
[2013.02.04 08:08:22 | 000,289,696 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.01.31 18:05:33 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2013.01.31 18:05:33 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.01.31 18:05:33 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.01.31 18:05:33 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.01.31 18:05:33 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.01.31 18:05:33 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013.01.31 18:05:33 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013.01.31 18:05:33 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2013.01.31 18:05:33 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013.01.31 18:05:33 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.01.31 18:05:33 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2013.01.31 18:05:33 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2013.01.31 18:05:33 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.01.31 18:05:33 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2013.01.31 18:05:33 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2013.01.31 18:05:33 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2013.01.31 18:05:33 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2013.01.31 18:05:33 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2013.01.31 18:05:33 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.01.31 18:05:33 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2013.01.31 18:05:33 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013.01.31 18:05:33 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2013.01.31 18:05:33 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2013.01.31 18:05:33 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.01.31 18:05:33 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2013.01.31 18:05:33 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2013.01.31 18:05:33 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.01.31 18:05:33 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.01.31 18:05:33 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.01.31 18:05:33 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013.01.31 18:05:33 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.01.31 18:05:33 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2013.01.31 18:05:33 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2013.01.31 18:05:33 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013.01.31 18:05:33 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2013.01.31 18:05:33 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.01.31 18:05:33 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013.01.31 18:05:33 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013.01.31 14:50:07 | 000,005,696 | ---- | M] () -- C:\Users\tanja\Documents\210007668.pdf
[2013.01.31 13:10:28 | 000,000,416 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2013.01.31 12:46:27 | 000,120,294 | ---- | M] () -- C:\Users\tanja\Desktop\rg.php.pdf
[2013.01.31 10:53:17 | 2328,757,248 | ---- | M] () -- C:\Users\tanja\Desktop\archivorder-tanja.pst
[2013.01.30 11:33:09 | 000,001,440 | ---- | M] () -- C:\Users\tanja\Desktop\Skype - Tanja.lnk
[2013.01.30 11:18:12 | 000,001,534 | ---- | M] () -- C:\Users\tanja\Desktop\Public (192.168.180.3).lnk
[2013.01.30 09:32:48 | 000,161,548 | ---- | M] () -- C:\Windows\System32\license.rtf
[2013.01.30 09:31:31 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013.01.30 09:31:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.01.24 23:43:01 | 000,035,488 | ---- | M] (COMODO) -- C:\Windows\System32\cmdcsr.dll
[2013.01.24 23:43:00 | 000,354,752 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll
[2013.01.24 23:42:49 | 000,263,888 | ---- | M] (COMODO) -- C:\Windows\System32\cmdvrt32.dll
[2013.01.24 23:42:48 | 000,040,656 | ---- | M] (COMODO) -- C:\Windows\System32\cmdkbd32.dll
[2013.01.16 20:51:42 | 000,084,416 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\inspect.sys
[2013.01.16 20:51:42 | 000,043,728 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys
[2013.01.16 20:51:41 | 000,576,768 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdguard.sys
[2013.01.16 20:51:40 | 000,020,072 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmderd.sys
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2013.02.14 09:49:20 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.02.14 09:17:18 | 000,056,228 | ---- | C] () -- C:\Users\tanja\Desktop\160088748.pdf
[2013.02.12 14:08:58 | 000,056,687 | ---- | C] () -- C:\Users\tanja\Desktop\160089185.pdf
[2013.02.08 10:33:59 | 000,056,066 | ---- | C] () -- C:\Users\tanja\Desktop\160089100.pdf
[2013.02.08 10:14:51 | 000,017,865 | ---- | C] () -- C:\Users\tanja\Desktop\Status-zu-Sendung-634924479542.pdf
[2013.02.07 14:02:48 | 000,056,399 | ---- | C] () -- C:\Users\tanja\Desktop\160089054.pdf
[2013.02.07 13:56:55 | 000,210,810 | ---- | C] () -- C:\Users\tanja\Documents\Gerard-Butler-gerard-butler-16740958-1280-1024.jpg
[2013.02.07 12:41:01 | 000,009,661 | ---- | C] () -- C:\Users\tanja\Documents\helau.jpg
[2013.02.07 11:31:03 | 000,105,112 | ---- | C] () -- C:\Users\tanja\Desktop\S62254_AB_Vignobles Alain Jaum.pdf
[2013.02.07 11:04:05 | 000,003,880 | ---- | C] () -- C:\Users\tanja\Documents\th.jpg
[2013.01.31 18:08:31 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013.01.31 18:07:38 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013.01.31 18:05:33 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013.01.31 14:50:06 | 000,005,696 | ---- | C] () -- C:\Users\tanja\Documents\210007668.pdf
[2013.01.31 13:10:28 | 000,000,416 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2013.01.31 12:46:24 | 000,120,294 | ---- | C] () -- C:\Users\tanja\Desktop\rg.php.pdf
[2013.01.31 10:34:59 | 2328,757,248 | ---- | C] () -- C:\Users\tanja\Desktop\archivorder-tanja.pst
[2013.01.30 11:21:38 | 000,001,959 | ---- | C] () -- C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3CXPhone.lnk
[2013.01.30 11:17:44 | 000,001,534 | ---- | C] () -- C:\Users\tanja\Desktop\Public (192.168.180.3).lnk
[2013.01.30 11:17:16 | 000,001,440 | ---- | C] () -- C:\Users\tanja\Desktop\Skype - Tanja.lnk
[2013.01.30 10:30:09 | 000,293,889 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2013.01.30 09:52:10 | 000,001,128 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-128914377-670426599-1984384762-1000UA.job
[2013.01.30 09:52:10 | 000,001,076 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-128914377-670426599-1984384762-1000Core.job
[2013.01.30 09:51:25 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.01.30 09:48:09 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.01.30 09:45:22 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.30 09:34:47 | 000,001,409 | ---- | C] () -- C:\Users\tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.01.30 09:32:38 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013.01.30 09:32:36 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013.01.30 09:31:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.01.30 09:31:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.01.30 09:30:18 | 2414,485,504 | -HS- | C] () -- C:\hiberfil.sys
[2012.12.03 06:43:44 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI
[2012.12.03 06:43:42 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2012.12.03 06:43:42 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRADM08A.DAT
[2011.04.12 02:30:05 | 000,653,928 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2011.04.12 02:30:05 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2011.04.12 02:30:05 | 000,129,800 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2011.04.12 02:30:05 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
Vielen Dank für die Hilfe. Ich werde "leider" nach der erfolgreichen Behebung bei diesem Rechner mit weiteren Logs kommen.
Grüße
Kai |
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.