Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   weißer Bildschirm nach Hochfahren HP Netbook (https://www.trojaner-board.de/141970-weisser-bildschirm-hochfahren-hp-netbook.html)

Kollektiv 22.09.2013 15:48
weißer Bildschirm nach Hochfahren HP Netbook
 
alles soweit, hoffe ich :crazy:, erledigt..

vielen Dank im Voraus!

Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-09-2013
Ran by SYSTEM on MININT-DGVC9NP on 22-09-2013 16:34:09
Running from G:\
Windows 7 Starter (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-13] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [237568 2010-06-17] (Alcor Micro Corp.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2010-06-17] (IDT, Inc.)
HKLM\...\Run: [HP Quick Launch] - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168 2010-06-29] (Hewlett-Packard Company)
HKLM\...\Run: [ZumoDrive] - C:\Program Files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk [2038 2010-08-16] ()
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-08] (Hewlett-Packard Company)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [] - [x]
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [1644680 2013-02-08] (Ask)
HKLM\...\Run: [BingDesktop] - C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKU\Matika71\...\Winlogon: [Shell] explorer.exe,C:\Users\Matika71\AppData\Roaming\skype.dat [ 2011-11-16] () <==== ATTENTION
HKU\Matika71\...\Command Processor:  <===== ATTENTION!

========================== Services (Whitelisted) =================

S2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
S2 DvmMDES; C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe [338168 2010-07-20] (DeviceVM, Inc.)
S3 GameConsoleService; C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe [246520 2010-04-03] (WildTangent, Inc.)
S2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-07-08] (Hewlett-Packard Company)
S2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] ()
S2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [237650 2010-06-17] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [27136 2010-06-17] (Alcor Micro, Corp.)
S0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-13] (Microsoft Corporation)
S1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [18136 2009-11-11] (DeviceVM, Inc.)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [15896 2011-03-07] (HandSet Incorporated)
S2 5776; \??\C:\Users\Matika71\AppData\Local\Temp\5776.sys [x]
S3 cmnsusbser; system32\DRIVERS\cmnsusbser.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-22 16:33 - 2013-09-22 16:33 - 00000000 ____D C:\FRST

==================== One Month Modified Files and Folders =======

2013-09-22 16:33 - 2013-09-22 16:33 - 00000000 ____D C:\FRST
2013-09-22 06:24 - 2013-06-27 11:24 - 00000004 _____ C:\Users\Matika71\AppData\Roaming\skype.ini
2013-09-22 06:24 - 2011-03-19 13:18 - 00000000 ____D C:\Users\Matika71\AppData\Roaming\ZumoDrive
2013-09-22 06:24 - 2009-07-13 20:39 - 00079835 _____ C:\Windows\setupact.log
2013-09-15 08:20 - 2010-10-29 01:48 - 01644825 _____ C:\Windows\WindowsUpdate.log
2013-09-15 08:20 - 2009-09-06 15:02 - 01500254 _____ C:\Windows\System32\PerfStringBackup.INI
2013-09-15 08:20 - 2009-07-13 20:34 - 00014128 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-15 08:20 - 2009-07-13 20:34 - 00014128 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

Files to move or delete:
====================
C:\Users\Matika71\AppData\Roaming\skype.dat
C:\Users\Matika71\AppData\Roaming\skype.ini


Some content of TEMP:
====================
C:\Users\Matika71\AppData\Local\Temp\ApnStub.exe
C:\Users\Matika71\AppData\Local\Temp\eiiahdsk.dll
C:\Users\Matika71\AppData\Local\Temp\g_2eu4gh.dll
C:\Users\Matika71\AppData\Local\Temp\HPQSi.exe
C:\Users\Matika71\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Matika71\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Matika71\AppData\Local\Temp\Resource.exe
C:\Users\Matika71\AppData\Local\Temp\setup.exe
C:\Users\Matika71\AppData\Local\Temp\sp50843.exe.exe
C:\Users\Matika71\AppData\Local\Temp\sp54620.exe
C:\Users\Matika71\AppData\Local\Temp\swt-gdip-win32-3448.dll
C:\Users\Matika71\AppData\Local\Temp\swt-win32-3448.dll
C:\Users\Matika71\AppData\Local\Temp\Uninstaller.exe
C:\Users\Matika71\AppData\Local\Temp\UninstallerGer.dll
C:\Users\Matika71\AppData\Local\Temp\UninstallerIta.dll
C:\Users\Matika71\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Matika71\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Matika71\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Matika71\AppData\Local\Temp\WindowsAPI.dll
C:\Users\Matika71\AppData\Local\Temp\WtgDriverInstallX.dll


==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-03-21 10:56:35
Restore point made on: 2013-03-23 08:04:03
Restore point made on: 2013-03-24 03:52:25
Restore point made on: 2013-03-28 23:54:13
Restore point made on: 2013-03-29 13:22:42
Restore point made on: 2013-03-29 13:25:52
Restore point made on: 2013-03-30 00:52:39
Restore point made on: 2013-04-03 10:49:32
Restore point made on: 2013-04-07 09:54:23
Restore point made on: 2013-04-08 19:45:16
Restore point made on: 2013-04-14 11:32:57
Restore point made on: 2013-04-29 11:12:57
Restore point made on: 2013-04-29 12:02:34
Restore point made on: 2013-05-05 02:27:37
Restore point made on: 2013-05-12 01:37:35
Restore point made on: 2013-05-17 11:14:13
Restore point made on: 2013-05-26 11:33:09
Restore point made on: 2013-05-26 11:56:24
Restore point made on: 2013-06-15 11:31:23
Restore point made on: 2013-07-13 10:12:00

==================== Memory info ===========================

Percentage of memory in use: 49%
Total physical RAM: 1011.87 MB
Available physical RAM: 508.17 MB
Total Pagefile: 1011.87 MB
Available Pagefile: 508 MB
Total Virtual: 2047.88 MB
Available Virtual: 1944.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:214.73 GB) (Free:156.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (RECOVERY) (Fixed) (Total:17.86 GB) (Free:2.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive g: () (Removable) (Total:0.12 GB) (Free:0.12 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 24DA2EA1)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=215 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

========================================================
Disk: 1 (Size: 124 MB) (Disk ID: E6E408B9)
Partition 1: (Active) - (Size=124 MB) - (Type=0B)


LastRegBack: 2013-01-15 09:58

==================== End Of Log ============================

aharonov 22.09.2013 16:28
Hallo,

startet das Netbook nach diesem Fix wieder normal?


Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKU\Matika71\...\Winlogon: [Shell] explorer.exe,C:\Users\Matika71\AppData\Roaming\skype.dat [ 2011-11-16] () <==== ATTENTION
HKU\Matika71\...\Command Processor:  <===== ATTENTION!
S2 5776; \??\C:\Users\Matika71\AppData\Local\Temp\5776.sys [x]
C:\Users\Matika71\AppData\Roaming\skype.dat
C:\Users\Matika71\AppData\Roaming\skype.ini
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

Kollektiv 22.09.2013 19:45
Ja, super. Das netbook startet wieder normal :party:

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 20-09-2013
Ran by SYSTEM at 2013-09-22 20:40:38 Run:1
Running from G:\
Boot Mode: Recovery

==============================================

Content of fixlist:
*****************
HKU\Matika71\...\Winlogon: [Shell] explorer.exe,C:\Users\Matika71\AppData\Roaming\skype.dat [ 2011-11-16] () <==== ATTENTION
HKU\Matika71\...\Command Processor:  <===== ATTENTION!
S2 5776; \??\C:\Users\Matika71\AppData\Local\Temp\5776.sys [x]
C:\Users\Matika71\AppData\Roaming\skype.dat
C:\Users\Matika71\AppData\Roaming\skype.ini
*****************

HKU\Matika71\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKU\Matika71\Software\Microsoft\Command Processor\\AutoRun => Value deleted successfully.
5776 => Service deleted successfully.
C:\Users\Matika71\AppData\Roaming\skype.dat => Moved successfully.
C:\Users\Matika71\AppData\Roaming\skype.ini => Moved successfully.

==== End of Fixlog ====

aharonov 22.09.2013 19:53
Sehr gut. Verschiebe die frst.exe vom USB-Stick auf den Desktop.
  • Starte dann FRST.
  • Setze bei Optional Scan den Haken bei Addition.txt und drücke Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieser beiden Logfiles bitte hier in deinen Thread.

Kollektiv 22.09.2013 20:12
hat sich mein Onkel auf seinem Netbook ein Trojaner eingefangen oder was ist das? :-/

FRST:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-09-2013
Ran by Matika71 (administrator) on MATIKA71-HP on 22-09-2013 21:05:51
Running from C:\Users\Matika71\Desktop
Microsoft Windows 7 Starter  (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\aestsrv.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
(DeviceVM, Inc.) C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Alcor Micro Corp.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Zecter Inc.) C:\Program Files\Hewlett-Packard\HP CloudDrive\zumodrive.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Ask) C:\Program Files\Ask.com\Updater\Updater.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [237568 2010-06-18] (Alcor Micro Corp.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [HP Quick Launch] - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168 2010-06-29] (Hewlett-Packard Company)
HKLM\...\Run: [ZumoDrive] - C:\Program Files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk [2038 2010-08-16] ()
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-08] (Hewlett-Packard Company)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [] - [x]
HKLM\...\Run: [ApnUpdater] - C:\Program Files\Ask.com\Updater\Updater.exe [1644680 2013-02-08] (Ask)
HKLM\...\Run: [BingDesktop] - C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
MountPoints2: E - E:\autorun.exe
MountPoints2: {757b217f-525b-11e0-a2a5-68b599604e57} - E:\autorun.exe
MountPoints2: {95c75bf2-5f8c-11e1-8f51-68b599604e57} - F:\ZTE_Handset_USB_Driver.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gmx.net/?kid=A1000000
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.gmx.net/br/ie9_startpage
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
SearchScopes: HKLM - DefaultScope {939A9F98-47AF-4DCE-BDED-90902651FCD5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {3E03B772-DA98-48AD-91AB-5E1E59DDA5EB} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {939A9F98-47AF-4DCE-BDED-90902651FCD5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM - {F05CBE58-D54C-43C6-A4E1-6A5B49B592D0} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - DefaultScope {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {003892A2-652F-4B6E-8A1C-D9639FD69BCA} URL = hxxp://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKCU - {01CB7F43-F6D1-4D89-8577-51BD4A22B431} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=8DC1D0CD-58AA-4440-B054-303F87B9D575&apn_sauid=28522C81-BCB0-441D-9587-78E16BAC1267
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {3E03B772-DA98-48AD-91AB-5E1E59DDA5EB} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {40064957-18EB-412d-9146-3F57E8D92EEC} URL = hxxp://go.gmx.net/br/ie9_search_pic/?su={searchTerms}
SearchScopes: HKCU - {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {8D27B32E-89EE-460e-82D2-5FC354078EAD} URL = hxxp://go.gmx.net/br/ie9_search_produkte/?su={searchTerms}
SearchScopes: HKCU - {939A9F98-47AF-4DCE-BDED-90902651FCD5} URL =
SearchScopes: HKCU - {DCE59F23-A446-45a5-9459-E68FDC0DE38D} URL = hxxp://go.gmx.net/br/ie9_search_maps/?su={searchTerms}
SearchScopes: HKCU - {F05CBE58-D54C-43C6-A4E1-6A5B49B592D0} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  No File
Toolbar: HKCU -Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

========================== Services (Whitelisted) =================

R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
R2 DvmMDES; C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe [338168 2010-07-20] (DeviceVM, Inc.)
S3 GameConsoleService; C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe [246520 2010-04-04] (WildTangent, Inc.)
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-07-08] (Hewlett-Packard Company)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [237650 2010-06-18] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [27136 2010-06-17] (Alcor Micro, Corp.)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [18136 2009-11-11] (DeviceVM, Inc.)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [15896 2011-03-07] (HandSet Incorporated)
S3 cmnsusbser; system32\DRIVERS\cmnsusbser.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-23 02:33 - 2013-09-23 02:33 - 00000000 ____D C:\FRST
2013-09-22 20:59 - 2013-09-22 13:56 - 01089757 _____ (Farbar) C:\Users\Matika71\Desktop\FRST.exe

==================== One Month Modified Files and Folders =======

2013-09-23 02:56 - 2013-04-04 07:03 - 00000000 ____D C:\ProgramData\Recovery
2013-09-23 02:33 - 2013-09-23 02:33 - 00000000 ____D C:\FRST
2013-09-22 21:05 - 2009-07-14 06:34 - 00014128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-22 21:05 - 2009-07-14 06:34 - 00014128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-22 21:01 - 2010-10-29 11:48 - 01781134 _____ C:\Windows\WindowsUpdate.log
2013-09-22 21:00 - 2009-09-07 01:02 - 01500254 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-22 20:57 - 2011-03-19 23:18 - 00000000 ____D C:\Users\Matika71\AppData\Roaming\ZumoDrive
2013-09-22 20:57 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-22 20:57 - 2009-07-14 06:39 - 00080227 _____ C:\Windows\setupact.log
2013-09-22 20:45 - 2012-04-13 20:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-22 20:34 - 2011-04-03 21:12 - 00000000 ____D C:\Users\Matika71\AppData\Local\CrashDumps
2013-09-22 13:56 - 2013-09-22 20:59 - 01089757 _____ (Farbar) C:\Users\Matika71\Desktop\FRST.exe
2013-09-15 18:15 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT

Some content of TEMP:
====================
C:\Users\Matika71\AppData\Local\Temp\ApnStub.exe
C:\Users\Matika71\AppData\Local\Temp\eiiahdsk.dll
C:\Users\Matika71\AppData\Local\Temp\g_2eu4gh.dll
C:\Users\Matika71\AppData\Local\Temp\HPQSi.exe
C:\Users\Matika71\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Matika71\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Matika71\AppData\Local\Temp\Resource.exe
C:\Users\Matika71\AppData\Local\Temp\setup.exe
C:\Users\Matika71\AppData\Local\Temp\sp50843.exe.exe
C:\Users\Matika71\AppData\Local\Temp\sp54620.exe
C:\Users\Matika71\AppData\Local\Temp\swt-gdip-win32-3448.dll
C:\Users\Matika71\AppData\Local\Temp\swt-win32-3448.dll
C:\Users\Matika71\AppData\Local\Temp\Uninstaller.exe
C:\Users\Matika71\AppData\Local\Temp\UninstallerGer.dll
C:\Users\Matika71\AppData\Local\Temp\UninstallerIta.dll
C:\Users\Matika71\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Matika71\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Matika71\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Matika71\AppData\Local\Temp\WindowsAPI.dll
C:\Users\Matika71\AppData\Local\Temp\WtgDriverInstallX.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-01-15 19:58

==================== End Of Log ============================
--- --- ---

--- --- ---

ADDITION:

Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-09-2013
Ran by Matika71 at 2013-09-22 21:06:44
Running from C:\Users\Matika71\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs ======================

Acrobat.com (Version: 1.6.65)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
Alcor Micro USB Card Reader (Version: 1.9.17.35420)
Ask Toolbar (Version: 1.15.15.0)
Ask Toolbar Updater (HKCU Version: 1.2.4.36191)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 7.1.391.0)
Bing-Desktop (Version: 1.3.171.0)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.350.6)
Chuzzle Deluxe (Version: 2.2.0.95)
CyberLink DVD Suite (Version: 7.0.3003)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dream Chronicles (Version: 2.2.0.95)
Energy Star Digital Logo (Version: 1.0.1)
ESU for Microsoft Windows 7 (Version: 1.0.0)
Evernote (Version: 3.5.4.2326)
FATE (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP CloudDrive
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Documentation (Version: 1.1.0.0)
HP Game Console
HP Games (Version: 1.0.1.3)
HP HomeBase (Version: 3.2.2.90)
HP Power Manager (Version: 1.0.3)
HP Quick Launch (Version: 2.1.5)
HP QuickSync (Version: 6.2.684.10454)
HP QuickWeb Installer (Version: 1.3.12.1)
HP Setup (Version: 8.1.4186.3400)
HP Software Framework (Version: 4.0.51.1)
HP Support Assistant (Version: 6.1.12.1)
HP Wireless Assistant (Version: 4.0.10.0)
IDT Audio (Version: 1.0.6289.0)
Insaniquarium Deluxe (Version: 2.2.0.95)
Intel(R) Graphics Media Accelerator Driver (Version: 8.14.10.2230)
Intel(R) Matrix Storage Manager
Java Auto Updater (Version: 2.0.7.2)
Java(TM) 6 Update 39 (Version: 6.0.390)
Jewel Quest - Heritage (Version: 2.2.0.95)
Jewel Quest II (Version: 2.2.0.95)
Jewel Quest Solitaire (Version: 2.2.0.95)
JNLP
JoJo's Fashion Show (Version: 2.2.0.95)
Junk Mail filter update (Version: 14.0.8117.416)
Mahjongg Artifacts (Version: 2.2.0.95)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSVCRT (Version: 14.0.1468.721)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Power2Go (Version: 6.1.4204)
Ravensburger tiptoi
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.23.623.2010)
Recovery Manager (Version: 5.5.3023)
Skip-Bo - Castaway Caper (Version: 2.2.0.95)
Slingo Deluxe (Version: 2.2.0.95)
Synaptics Pointing Device Driver (Version: 15.3.29.0)
Tradewinds Legends (Version: 2.2.0.95)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Virtual Villagers - The Secret City (Version: 2.2.0.95)
Wedding Dash (Version: 2.2.0.95)
Windows Live Anmelde-Assistent (Version: 5.000.818.5)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Fotogalerie (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
ZTE Handset USB Driver 5.2066.1.8B02 (Version: 5.2066.1.8B02)
Zuma Deluxe (Version: 2.2.0.95)

==================== Restore Points  =========================

21-03-2013 18:55:56 Windows Update
23-03-2013 16:03:34 Windows Update
24-03-2013 11:51:54 Windows Update
29-03-2013 07:53:01 Windows Update
29-03-2013 21:22:22 Windows Update
29-03-2013 21:25:28 Windows Update
30-03-2013 08:51:56 Windows Update
03-04-2013 18:48:58 Windows Update
07-04-2013 17:53:37 Windows Update
09-04-2013 03:44:55 Windows Update
14-04-2013 19:32:07 Windows Update
29-04-2013 19:12:15 Windows Update
29-04-2013 20:02:03 Windows Update
05-05-2013 10:26:55 Windows Update
12-05-2013 09:36:55 Windows Update
17-05-2013 19:13:37 Windows Update
26-05-2013 19:31:32 Windows Update
26-05-2013 19:56:02 Windows Update
15-06-2013 19:30:46 Windows Update
13-07-2013 18:11:37 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:04 - 2012-09-20 21:58 - 00000761 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost
::1            localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0C63D910-2E3F-464E-94A2-ABAF6D0A0437} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-11] (Microsoft Corporation)
Task: {0D9B5D92-3A22-486D-A887-3AA21597CF27} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {1CCA08FF-ACD8-4930-9E93-F709E0ADB331} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2013-02-08] ()
Task: {3013270E-63AC-41CD-9DD1-E01F8C5CA5B3} - System32\Tasks\RecoveryCDWin7 => C:\Program Files\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {39627D46-ADEB-42F0-8B8C-B09A11A914C3} - System32\Tasks\ServicePlan => C:\Program Files\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {4A9E599C-6E1C-4855-B836-72E925AC3C96} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {62753186-FF01-414C-B414-7C4B59E271B6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {8AC0F69D-5B8A-42B2-99F9-2757D1405600} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-17] (Adobe Systems Incorporated)
Task: {997F4255-3915-4E66-A2B8-8CC4D152411B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {AE0988BF-90CF-453A-AFF6-89BC0D70FA73} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: {B6A134AC-1DE6-48F3-8DCE-D4109C2B5B10} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2012-10-29] (Microsoft)
Task: {C2E88D9F-1D57-4C6E-9DF0-DDFB200C4FA2} - System32\Tasks\task1295728 => C:\Users\Matika71\AppData\Local\Temp\0.30801820755179976.exe
Task: {CF8C537C-3B89-44B5-BD9F-C83BDD1EC1C9} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {D86AA9FA-0548-4D12-B813-3D3008610EDD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {E0B71292-EE69-4142-B5AE-FB6B1062B9B4} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {FFF507F0-86A4-4046-B796-199D4537C581} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-03-29 00:22 - 2010-03-29 00:22 - 00718848 _____ (Versionate Inc.) C:\Program Files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
2010-10-29 12:01 - 2010-06-18 07:10 - 00527872 ____N (IDT, Inc.) C:\Windows\system32\stapi32.dll
2011-03-19 23:18 - 2013-09-22 20:57 - 00198144 _____ () C:\Users\Matika71\AppData\Local\Temp\WindowsAPI.dll
2011-03-19 23:18 - 2011-03-19 23:18 - 00335872 _____ (Eclipse Foundation) C:\Users\Matika71\AppData\Local\Temp\swt-win32-3448.dll
2011-03-19 23:18 - 2011-03-19 23:18 - 00077824 _____ (Eclipse Foundation) C:\Users\Matika71\AppData\Local\Temp\swt-gdip-win32-3448.dll
2013-09-22 20:57 - 2013-09-22 20:57 - 00379904 _____ () C:\Users\Matika71\AppData\Local\Temp\libsqlitejdbc-8509225782492325096.lib
2010-07-08 13:46 - 2010-07-08 13:46 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-07-08 13:45 - 2010-07-08 13:45 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2010-07-08 13:46 - 2010-07-08 13:46 - 00028216 _____ (Root-Project) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\LocalizeExtension.dll

==================== Alternate Data Streams (whitelisted) ======


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/22/2013 08:52:44 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (09/22/2013 08:33:52 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7600.16768, Zeitstempel: 0x4d6878c3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915, Zeitstempel: 0x4ec49caf
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0004683e
ID des fehlerhaften Prozesses: 0x670
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (09/22/2013 05:06:02 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7600.16768, Zeitstempel: 0x4d6878c3
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915, Zeitstempel: 0x4ec49caf
Ausnahmecode: 0xc0000420
Fehleroffset: 0x000c33bb
ID des fehlerhaften Prozesses: 0x678
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (08/09/2013 08:31:32 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (07/28/2013 10:56:09 AM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (07/07/2013 09:24:42 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (07/02/2013 08:16:47 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (06/15/2013 09:18:17 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (05/26/2013 10:02:53 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (05/26/2013 09:50:04 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.


System errors:
=============
Error: (09/22/2013 08:57:33 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/22/2013 08:42:44 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/22/2013 08:33:50 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/22/2013 08:33:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "5776" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/22/2013 08:28:43 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/22/2013 08:28:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "5776" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/22/2013 08:25:27 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (09/22/2013 08:25:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "5776" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/22/2013 05:06:45 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (09/22/2013 05:06:00 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom


Microsoft Office Sessions:
=========================
Error: (09/22/2013 08:52:44 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (09/22/2013 08:33:52 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7600.167684d6878c3ntdll.dll6.1.7600.169154ec49cafc00000050004683e67001ceb7c23afbf1f1C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll876ce0fc-23b5-11e3-a6fa-68b599604e57

Error: (09/22/2013 05:06:02 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7600.167684d6878c3ntdll.dll6.1.7600.169154ec49cafc0000420000c33bb67801ceb7a5347973acC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll7ec1c880-2398-11e3-8feb-68b599604e57

Error: (08/09/2013 08:31:32 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (07/28/2013 10:56:09 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (07/07/2013 09:24:42 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (07/02/2013 08:16:47 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (06/15/2013 09:18:17 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (05/26/2013 10:02:53 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

Error: (05/26/2013 09:50:04 PM) (Source: SideBySide)(User: )
Description: C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe0


==================== Memory info ===========================

Percentage of memory in use: 74%
Total physical RAM: 1011.87 MB
Available physical RAM: 254.6 MB
Total Pagefile: 2035.87 MB
Available Pagefile: 1142.1 MB
Total Virtual: 2047.88 MB
Available Virtual: 1921.38 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:214.73 GB) (Free:156.8 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:17.86 GB) (Free:2.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Removable) (Total:0.12 GB) (Free:0.12 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 24DA2EA1)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=215 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

========================================================
Disk: 1 (Size: 124 MB) (Disk ID: E6E408B9)
Partition 1: (Active) - (Size=124 MB) - (Type=0B)

==================== End Of Log ============================

aharonov 22.09.2013 21:08
Hallo,

ja er hat sich da Malware eingefangen. Und auch sonst ist das System nicht sicher. Wir sollten noch kontrollieren und absichern, damit das zukünftig nicht mehr passiert.


Hinweis: Kein Antivirenprogramm

Ich sehe in deinen Logfiles kein laufendes Antivirenprogramm mit Hintergrundwächter.

Das ist gefährlich. Auch wenn so ein Wächter niemals alle Bedrohungen abwehren kann, ist er doch ein wichtiger Bestandteil, um den Rechner sauber zu halten.
Downloade und installiere bitte ein Antivirenprogramm mit Hintergrundwächter. Hier sind zwei mögliche Vorschläge:



Schritt 1
  • Gehe zu Start --> Systemsteuerung und öffne Programme und Funktionen.
  • Suche und deinstalliere dort der Reihe nach folgende Einträge:
    • Ask Toolbar
    • Ask Toolbar Updater
  • Schliesse das Fenster wieder und führe einen Neustart durch, wenn das gefordert wurde.



Schritt 2

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Schritt 3

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.



Bitte poste in deiner nächsten Antwort:
  • Log von AdwCleaner
  • Log von FRST

Kollektiv 22.09.2013 21:38
kann man bei euch das lernen, wie man anderen usern hilft? finde das echt nice, wie du mir hier per ferndiagnose geholfen hast!!

ADW:

Code:
# AdwCleaner v3.004 - Bericht erstellt am 22/09/2013 um 22:31:13
# Updated 15/09/2013 von Xplode
# Betriebssystem : Windows 7 Starter  (32 bits)
# Benutzername : Matika71 - MATIKA71-HP
# Gestartet von : C:\Users\Matika71\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : DvmMDES

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Ask
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Produkt Gelöscht : Bing Bar

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16457


*************************

AdwCleaner[R0].txt - [1537 octets] - [22/09/2013 22:29:36]
AdwCleaner[S0].txt - [1380 octets] - [22/09/2013 22:31:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1440 octets] ##########
FRST:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-09-2013
Ran by Matika71 (administrator) on MATIKA71-HP on 22-09-2013 22:35:28
Running from C:\Users\Matika71\Desktop
Microsoft Windows 7 Starter  (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\aestsrv.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Alcor Micro Corp.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
() C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Zecter Inc.) C:\Program Files\Hewlett-Packard\HP CloudDrive\zumodrive.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [237568 2010-06-18] (Alcor Micro Corp.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [HP Quick Launch] - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168 2010-06-29] (Hewlett-Packard Company)
HKLM\...\Run: [ZumoDrive] - C:\Program Files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk [2038 2010-08-16] ()
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-08] (Hewlett-Packard Company)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [BingDesktop] - C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [995184 2013-07-18] (Microsoft Corporation)
MountPoints2: E - E:\autorun.exe
MountPoints2: {757b217f-525b-11e0-a2a5-68b599604e57} - E:\autorun.exe
MountPoints2: {95c75bf2-5f8c-11e1-8f51-68b599604e57} - F:\ZTE_Handset_USB_Driver.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gmx.net/?kid=A1000000
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.gmx.net/br/ie9_startpage
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {3E03B772-DA98-48AD-91AB-5E1E59DDA5EB} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {939A9F98-47AF-4DCE-BDED-90902651FCD5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM - {F05CBE58-D54C-43C6-A4E1-6A5B49B592D0} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {003892A2-652F-4B6E-8A1C-D9639FD69BCA} URL = hxxp://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKCU - {01CB7F43-F6D1-4D89-8577-51BD4A22B431} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=8DC1D0CD-58AA-4440-B054-303F87B9D575&apn_sauid=28522C81-BCB0-441D-9587-78E16BAC1267
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {3E03B772-DA98-48AD-91AB-5E1E59DDA5EB} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {40064957-18EB-412d-9146-3F57E8D92EEC} URL = hxxp://go.gmx.net/br/ie9_search_pic/?su={searchTerms}
SearchScopes: HKCU - {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {8D27B32E-89EE-460e-82D2-5FC354078EAD} URL = hxxp://go.gmx.net/br/ie9_search_produkte/?su={searchTerms}
SearchScopes: HKCU - {939A9F98-47AF-4DCE-BDED-90902651FCD5} URL =
SearchScopes: HKCU - {DCE59F23-A446-45a5-9459-E68FDC0DE38D} URL = hxxp://go.gmx.net/br/ie9_search_maps/?su={searchTerms}
SearchScopes: HKCU - {F05CBE58-D54C-43C6-A4E1-6A5B49B592D0} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

========================== Services (Whitelisted) =================

R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
S3 GameConsoleService; C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe [246520 2010-04-04] (WildTangent, Inc.)
S2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-07-08] (Hewlett-Packard Company)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2013-07-18] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-07-18] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [237650 2010-06-18] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [27136 2010-06-17] (Alcor Micro, Corp.)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [18136 2009-11-11] (DeviceVM, Inc.)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [15896 2011-03-07] (HandSet Incorporated)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
S3 cmnsusbser; system32\DRIVERS\cmnsusbser.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-23 02:33 - 2013-09-23 02:33 - 00000000 ____D C:\FRST
2013-09-22 22:29 - 2013-09-22 22:32 - 00000000 ____D C:\AdwCleaner
2013-09-22 22:27 - 2013-09-22 22:27 - 00002154 _____ C:\Windows\epplauncher.mif
2013-09-22 22:25 - 2013-09-22 22:26 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-09-22 22:25 - 2010-04-09 09:24 - 00240008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-09-22 22:23 - 2013-09-22 22:20 - 11261784 _____ (Microsoft Corporation) C:\Users\Matika71\Desktop\mseinstall.exe
2013-09-22 22:23 - 2013-09-22 22:20 - 01039554 _____ C:\Users\Matika71\Desktop\adwcleaner.exe
2013-09-22 21:06 - 2013-09-22 21:07 - 00019875 _____ C:\Users\Matika71\Desktop\Addition.txt
2013-09-22 20:59 - 2013-09-22 13:56 - 01089757 _____ (Farbar) C:\Users\Matika71\Desktop\FRST.exe

==================== One Month Modified Files and Folders =======

2013-09-23 02:56 - 2013-04-04 07:03 - 00000000 ____D C:\ProgramData\Recovery
2013-09-23 02:33 - 2013-09-23 02:33 - 00000000 ____D C:\FRST
2013-09-22 22:34 - 2010-10-29 11:48 - 02023309 _____ C:\Windows\WindowsUpdate.log
2013-09-22 22:33 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-22 22:33 - 2009-07-14 06:39 - 00080395 _____ C:\Windows\setupact.log
2013-09-22 22:32 - 2013-09-22 22:29 - 00000000 ____D C:\AdwCleaner
2013-09-22 22:32 - 2009-07-14 06:34 - 00014128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-22 22:32 - 2009-07-14 06:34 - 00014128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-22 22:29 - 2011-03-19 23:18 - 00000000 ____D C:\Users\Matika71\AppData\Roaming\ZumoDrive
2013-09-22 22:27 - 2013-09-22 22:27 - 00002154 _____ C:\Windows\epplauncher.mif
2013-09-22 22:26 - 2013-09-22 22:25 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-09-22 22:20 - 2013-09-22 22:23 - 11261784 _____ (Microsoft Corporation) C:\Users\Matika71\Desktop\mseinstall.exe
2013-09-22 22:20 - 2013-09-22 22:23 - 01039554 _____ C:\Users\Matika71\Desktop\adwcleaner.exe
2013-09-22 22:20 - 2013-02-11 20:01 - 00000000 ____D C:\Firefox
2013-09-22 21:45 - 2012-04-13 20:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-22 21:07 - 2013-09-22 21:06 - 00019875 _____ C:\Users\Matika71\Desktop\Addition.txt
2013-09-22 21:00 - 2009-09-07 01:02 - 01500254 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-22 20:34 - 2011-04-03 21:12 - 00000000 ____D C:\Users\Matika71\AppData\Local\CrashDumps
2013-09-22 13:56 - 2013-09-22 20:59 - 01089757 _____ (Farbar) C:\Users\Matika71\Desktop\FRST.exe
2013-09-15 18:15 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT

Some content of TEMP:
====================
C:\Users\Matika71\AppData\Local\Temp\ApnStub.exe
C:\Users\Matika71\AppData\Local\Temp\eiiahdsk.dll
C:\Users\Matika71\AppData\Local\Temp\g_2eu4gh.dll
C:\Users\Matika71\AppData\Local\Temp\HPQSi.exe
C:\Users\Matika71\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Matika71\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Matika71\AppData\Local\Temp\Quarantine.exe
C:\Users\Matika71\AppData\Local\Temp\Resource.exe
C:\Users\Matika71\AppData\Local\Temp\setup.exe
C:\Users\Matika71\AppData\Local\Temp\sp50843.exe.exe
C:\Users\Matika71\AppData\Local\Temp\sp54620.exe
C:\Users\Matika71\AppData\Local\Temp\swt-gdip-win32-3448.dll
C:\Users\Matika71\AppData\Local\Temp\swt-win32-3448.dll
C:\Users\Matika71\AppData\Local\Temp\Uninstaller.exe
C:\Users\Matika71\AppData\Local\Temp\UninstallerGer.dll
C:\Users\Matika71\AppData\Local\Temp\UninstallerIta.dll
C:\Users\Matika71\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Matika71\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Matika71\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Matika71\AppData\Local\Temp\WindowsAPI.dll
C:\Users\Matika71\AppData\Local\Temp\WtgDriverInstallX.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-22 21:26

==================== End Of Log ============================
--- --- ---

aharonov 22.09.2013 21:43
Hi,

Zitat:
kann man bei euch das lernen, wie man anderen usern hilft?
Ja, wir haben eine Ausbildung hier: http://www.trojaner-board.de/88896-a...ner-board.html
Im Moment gibt es grad keine freien Plätze darin, aber das wird sich wieder ändern.

Wie läuft der Rechner jeztzt?


Schritt 1

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




Schritt 2


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Kollektiv 23.09.2013 18:38
Zitat:
Hi,

Zitat:
kann man bei euch das lernen, wie man anderen usern hilft?
Ja, wir haben eine Ausbildung hier: Ausbildung auf dem Trojaner-Board
Im Moment gibt es grad keine freien Plätze darin, aber das wird sich wieder ändern.
Hört sich gut an. Dann werde ich die Tage da mal reinschauen und die Augen nach einem freien Plätzchen offen halten.


Netbook läuft stabil. ALLERDINGS funktioniert WLAN nicht und eine Tethering-Verbindung über Iphone (USB) wird auch nicht aufgebaut ... LAN kann ich leider erst morgen überprüfen!

zu 1. (ohne Update des Malewarebytes aufgrund der fehlenden Internetverbindung)

nichts gefunden:

Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.04.04.07

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Matika71 :: MATIKA71-HP [Administrator]

Schutz: Aktiviert

23.09.2013 19:15:56
mbam-log-2013-09-23 (19-15-56).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: Dateisystem | P2P
Durchsuchte Objekte: 189555
Laufzeit: 3 Minute(n), 29 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
zu 2.

kann ich leider nicht ausführen - kein inet

habe das programm auch nicht in einer vollen Version finden können :-( ...

aharonov 23.09.2013 21:01
Hallo,

ja ohne Internet geht der ESET-Scan nicht. Und die Datenbank von MBAM ist zu alt. ;)
Schauen wir mal, ob das Problem zu sehen ist. Das neue Tool auf einem anderen Rechner runterladen und per USB-Stick transferieren, falls das Internet immer noch nicht läuft.


Schritt 1

Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.





Schritt 2

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Kollektiv 23.09.2013 22:35
zu 1

Code:
Farbar Service Scanner Version: 13-09-2013
Ran by Matika71 (administrator) on 23-09-2013 at 22:51:34
Running from "C:\Users\Matika71\Desktop"
Microsoft Windows 7 Starter  (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error.
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-06-01 16:13] - [2012-03-30 12:29] - 1287024 ____A (Microsoft Corporation) 55E9965552741F3850CB22CBBA9671ED

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll
[2011-03-27 19:40] - [2010-12-21 07:38] - 0073728 ____A (Microsoft Corporation) A661A76333057B383A06E65F0073222F

C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-10-21 20:06] - [2012-06-02 06:45] - 0139264 ____A (Microsoft Corporation) F2FDE6C8DBAAD44CC58D1E07E4AF4EED

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****
zu 2


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-09-2013
Ran by Matika71 (administrator) on MATIKA71-HP on 23-09-2013 23:00:12
Running from C:\Users\Matika71\Desktop
Microsoft Windows 7 Starter  (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\aestsrv.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Alcor Micro Corp.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Zecter Inc.) C:\Program Files\Hewlett-Packard\HP CloudDrive\zumodrive.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Farbar) C:\Users\Matika71\Desktop\FSS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [237568 2010-06-18] (Alcor Micro Corp.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [HP Quick Launch] - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168 2010-06-29] (Hewlett-Packard Company)
HKLM\...\Run: [ZumoDrive] - C:\Program Files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk [2038 2010-08-16] ()
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-08] (Hewlett-Packard Company)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [BingDesktop] - C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [995184 2013-07-18] (Microsoft Corporation)
MountPoints2: E - E:\autorun.exe
MountPoints2: {757b217f-525b-11e0-a2a5-68b599604e57} - E:\autorun.exe
MountPoints2: {95c75bf2-5f8c-11e1-8f51-68b599604e57} - F:\ZTE_Handset_USB_Driver.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gmx.net/?kid=A1000000
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.gmx.net/br/ie9_startpage
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {3E03B772-DA98-48AD-91AB-5E1E59DDA5EB} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {939A9F98-47AF-4DCE-BDED-90902651FCD5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM - {F05CBE58-D54C-43C6-A4E1-6A5B49B592D0} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - DefaultScope {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {003892A2-652F-4B6E-8A1C-D9639FD69BCA} URL = hxxp://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKCU - {01CB7F43-F6D1-4D89-8577-51BD4A22B431} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=8DC1D0CD-58AA-4440-B054-303F87B9D575&apn_sauid=28522C81-BCB0-441D-9587-78E16BAC1267
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {3E03B772-DA98-48AD-91AB-5E1E59DDA5EB} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {40064957-18EB-412d-9146-3F57E8D92EEC} URL = hxxp://go.gmx.net/br/ie9_search_pic/?su={searchTerms}
SearchScopes: HKCU - {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {8D27B32E-89EE-460e-82D2-5FC354078EAD} URL = hxxp://go.gmx.net/br/ie9_search_produkte/?su={searchTerms}
SearchScopes: HKCU - {939A9F98-47AF-4DCE-BDED-90902651FCD5} URL =
SearchScopes: HKCU - {DCE59F23-A446-45a5-9459-E68FDC0DE38D} URL = hxxp://go.gmx.net/br/ie9_search_maps/?su={searchTerms}
SearchScopes: HKCU - {F05CBE58-D54C-43C6-A4E1-6A5B49B592D0} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

========================== Services (Whitelisted) =================

R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
S3 GameConsoleService; C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe [246520 2010-04-04] (WildTangent, Inc.)
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-07-08] (Hewlett-Packard Company)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2013-07-18] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-07-18] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [237650 2010-06-18] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [27136 2010-06-17] (Alcor Micro, Corp.)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [18136 2009-11-11] (DeviceVM, Inc.)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [15896 2011-03-07] (HandSet Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
S3 cmnsusbser; system32\DRIVERS\cmnsusbser.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-23 22:51 - 2013-09-23 22:52 - 00002861 _____ C:\Users\Matika71\Desktop\FSS.txt
2013-09-23 22:50 - 2013-09-23 22:49 - 00358923 _____ (Farbar) C:\Users\Matika71\Desktop\FSS.exe
2013-09-23 19:26 - 2013-09-23 19:26 - 00000000 ____D C:\Program Files\ESET
2013-09-23 19:12 - 2013-09-23 19:12 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-23 19:12 - 2013-09-23 19:12 - 00000000 ____D C:\Users\Matika71\AppData\Roaming\Malwarebytes
2013-09-23 19:12 - 2013-09-23 19:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-23 19:12 - 2013-09-23 19:12 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-23 19:12 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-23 19:10 - 2013-09-23 19:03 - 02347384 _____ (ESET) C:\Users\Matika71\Desktop\esetsmartinstaller_enu.exe
2013-09-23 19:10 - 2013-09-23 19:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Matika71\Desktop\mbam-setup-1.75.0.1300.exe
2013-09-23 02:33 - 2013-09-23 02:33 - 00000000 ____D C:\FRST
2013-09-22 22:29 - 2013-09-22 22:32 - 00000000 ____D C:\AdwCleaner
2013-09-22 22:27 - 2013-09-22 22:27 - 00002154 _____ C:\Windows\epplauncher.mif
2013-09-22 22:25 - 2013-09-22 22:26 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-09-22 22:25 - 2010-04-09 09:24 - 00240008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-09-22 22:23 - 2013-09-22 22:20 - 11261784 _____ (Microsoft Corporation) C:\Users\Matika71\Desktop\mseinstall.exe
2013-09-22 22:23 - 2013-09-22 22:20 - 01039554 _____ C:\Users\Matika71\Desktop\adwcleaner.exe
2013-09-22 21:06 - 2013-09-22 21:07 - 00019875 _____ C:\Users\Matika71\Desktop\Addition.txt
2013-09-22 20:59 - 2013-09-22 13:56 - 01089757 _____ (Farbar) C:\Users\Matika71\Desktop\FRST.exe

==================== One Month Modified Files and Folders =======

2013-09-23 22:57 - 2009-07-14 06:34 - 00014128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-23 22:57 - 2009-07-14 06:34 - 00014128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-23 22:56 - 2010-10-29 11:48 - 01438406 _____ C:\Windows\WindowsUpdate.log
2013-09-23 22:53 - 2009-09-07 01:02 - 01500254 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-23 22:52 - 2013-09-23 22:51 - 00002861 _____ C:\Users\Matika71\Desktop\FSS.txt
2013-09-23 22:50 - 2011-03-19 23:18 - 00000000 ____D C:\Users\Matika71\AppData\Roaming\ZumoDrive
2013-09-23 22:49 - 2013-09-23 22:50 - 00358923 _____ (Farbar) C:\Users\Matika71\Desktop\FSS.exe
2013-09-23 22:49 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-23 22:49 - 2009-07-14 06:39 - 00081540 _____ C:\Windows\setupact.log
2013-09-23 19:26 - 2013-09-23 19:26 - 00000000 ____D C:\Program Files\ESET
2013-09-23 19:12 - 2013-09-23 19:12 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-23 19:12 - 2013-09-23 19:12 - 00000000 ____D C:\Users\Matika71\AppData\Roaming\Malwarebytes
2013-09-23 19:12 - 2013-09-23 19:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-23 19:12 - 2013-09-23 19:12 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-23 19:03 - 2013-09-23 19:10 - 02347384 _____ (ESET) C:\Users\Matika71\Desktop\esetsmartinstaller_enu.exe
2013-09-23 19:02 - 2013-09-23 19:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Matika71\Desktop\mbam-setup-1.75.0.1300.exe
2013-09-23 14:45 - 2012-04-13 20:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-23 09:07 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-09-23 02:56 - 2013-04-04 07:03 - 00000000 ____D C:\ProgramData\Recovery
2013-09-23 02:33 - 2013-09-23 02:33 - 00000000 ____D C:\FRST
2013-09-22 22:32 - 2013-09-22 22:29 - 00000000 ____D C:\AdwCleaner
2013-09-22 22:27 - 2013-09-22 22:27 - 00002154 _____ C:\Windows\epplauncher.mif
2013-09-22 22:26 - 2013-09-22 22:25 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-09-22 22:20 - 2013-09-22 22:23 - 11261784 _____ (Microsoft Corporation) C:\Users\Matika71\Desktop\mseinstall.exe
2013-09-22 22:20 - 2013-09-22 22:23 - 01039554 _____ C:\Users\Matika71\Desktop\adwcleaner.exe
2013-09-22 22:20 - 2013-02-11 20:01 - 00000000 ____D C:\Firefox
2013-09-22 21:07 - 2013-09-22 21:06 - 00019875 _____ C:\Users\Matika71\Desktop\Addition.txt
2013-09-22 20:34 - 2011-04-03 21:12 - 00000000 ____D C:\Users\Matika71\AppData\Local\CrashDumps
2013-09-22 13:56 - 2013-09-22 20:59 - 01089757 _____ (Farbar) C:\Users\Matika71\Desktop\FRST.exe
2013-09-15 18:15 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT

Some content of TEMP:
====================
C:\Users\Matika71\AppData\Local\Temp\ApnStub.exe
C:\Users\Matika71\AppData\Local\Temp\eiiahdsk.dll
C:\Users\Matika71\AppData\Local\Temp\g_2eu4gh.dll
C:\Users\Matika71\AppData\Local\Temp\HPQSi.exe
C:\Users\Matika71\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Matika71\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Matika71\AppData\Local\Temp\Quarantine.exe
C:\Users\Matika71\AppData\Local\Temp\Resource.exe
C:\Users\Matika71\AppData\Local\Temp\setup.exe
C:\Users\Matika71\AppData\Local\Temp\sp50843.exe.exe
C:\Users\Matika71\AppData\Local\Temp\sp54620.exe
C:\Users\Matika71\AppData\Local\Temp\swt-gdip-win32-3448.dll
C:\Users\Matika71\AppData\Local\Temp\swt-win32-3448.dll
C:\Users\Matika71\AppData\Local\Temp\Uninstaller.exe
C:\Users\Matika71\AppData\Local\Temp\UninstallerGer.dll
C:\Users\Matika71\AppData\Local\Temp\UninstallerIta.dll
C:\Users\Matika71\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Matika71\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Matika71\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Matika71\AppData\Local\Temp\WindowsAPI.dll
C:\Users\Matika71\AppData\Local\Temp\WtgDriverInstallX.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-22 21:26

==================== End Of Log ============================
--- --- ---

--- --- ---


zu 1

Code:
Farbar Service Scanner Version: 13-09-2013
Ran by Matika71 (administrator) on 23-09-2013 at 22:51:34
Running from "C:\Users\Matika71\Desktop"
Microsoft Windows 7 Starter  (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error.
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-06-01 16:13] - [2012-03-30 12:29] - 1287024 ____A (Microsoft Corporation) 55E9965552741F3850CB22CBBA9671ED

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll
[2011-03-27 19:40] - [2010-12-21 07:38] - 0073728 ____A (Microsoft Corporation) A661A76333057B383A06E65F0073222F

C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-10-21 20:06] - [2012-06-02 06:45] - 0139264 ____A (Microsoft Corporation) F2FDE6C8DBAAD44CC58D1E07E4AF4EED

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****
zu 2


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-09-2013
Ran by Matika71 (administrator) on MATIKA71-HP on 23-09-2013 23:00:12
Running from C:\Users\Matika71\Desktop
Microsoft Windows 7 Starter  (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\aestsrv.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Alcor Micro Corp.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Zecter Inc.) C:\Program Files\Hewlett-Packard\HP CloudDrive\zumodrive.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Farbar) C:\Users\Matika71\Desktop\FSS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [237568 2010-06-18] (Alcor Micro Corp.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [HP Quick Launch] - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168 2010-06-29] (Hewlett-Packard Company)
HKLM\...\Run: [ZumoDrive] - C:\Program Files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk [2038 2010-08-16] ()
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-08] (Hewlett-Packard Company)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254896 2012-09-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [BingDesktop] - C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [995184 2013-07-18] (Microsoft Corporation)
MountPoints2: E - E:\autorun.exe
MountPoints2: {757b217f-525b-11e0-a2a5-68b599604e57} - E:\autorun.exe
MountPoints2: {95c75bf2-5f8c-11e1-8f51-68b599604e57} - F:\ZTE_Handset_USB_Driver.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gmx.net/?kid=A1000000
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.gmx.net/br/ie9_startpage
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {3E03B772-DA98-48AD-91AB-5E1E59DDA5EB} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {939A9F98-47AF-4DCE-BDED-90902651FCD5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM - {F05CBE58-D54C-43C6-A4E1-6A5B49B592D0} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - DefaultScope {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {003892A2-652F-4B6E-8A1C-D9639FD69BCA} URL = hxxp://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKCU - {01CB7F43-F6D1-4D89-8577-51BD4A22B431} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=8DC1D0CD-58AA-4440-B054-303F87B9D575&apn_sauid=28522C81-BCB0-441D-9587-78E16BAC1267
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {3E03B772-DA98-48AD-91AB-5E1E59DDA5EB} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {40064957-18EB-412d-9146-3F57E8D92EEC} URL = hxxp://go.gmx.net/br/ie9_search_pic/?su={searchTerms}
SearchScopes: HKCU - {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {8D27B32E-89EE-460e-82D2-5FC354078EAD} URL = hxxp://go.gmx.net/br/ie9_search_produkte/?su={searchTerms}
SearchScopes: HKCU - {939A9F98-47AF-4DCE-BDED-90902651FCD5} URL =
SearchScopes: HKCU - {DCE59F23-A446-45a5-9459-E68FDC0DE38D} URL = hxxp://go.gmx.net/br/ie9_search_maps/?su={searchTerms}
SearchScopes: HKCU - {F05CBE58-D54C-43C6-A4E1-6A5B49B592D0} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

========================== Services (Whitelisted) =================

R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
S3 GameConsoleService; C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe [246520 2010-04-04] (WildTangent, Inc.)
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-07-08] (Hewlett-Packard Company)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2013-07-18] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-07-18] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [237650 2010-06-18] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [27136 2010-06-17] (Alcor Micro, Corp.)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [18136 2009-11-11] (DeviceVM, Inc.)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [15896 2011-03-07] (HandSet Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
S3 cmnsusbser; system32\DRIVERS\cmnsusbser.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-23 22:51 - 2013-09-23 22:52 - 00002861 _____ C:\Users\Matika71\Desktop\FSS.txt
2013-09-23 22:50 - 2013-09-23 22:49 - 00358923 _____ (Farbar) C:\Users\Matika71\Desktop\FSS.exe
2013-09-23 19:26 - 2013-09-23 19:26 - 00000000 ____D C:\Program Files\ESET
2013-09-23 19:12 - 2013-09-23 19:12 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-23 19:12 - 2013-09-23 19:12 - 00000000 ____D C:\Users\Matika71\AppData\Roaming\Malwarebytes
2013-09-23 19:12 - 2013-09-23 19:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-23 19:12 - 2013-09-23 19:12 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-23 19:12 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-23 19:10 - 2013-09-23 19:03 - 02347384 _____ (ESET) C:\Users\Matika71\Desktop\esetsmartinstaller_enu.exe
2013-09-23 19:10 - 2013-09-23 19:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Matika71\Desktop\mbam-setup-1.75.0.1300.exe
2013-09-23 02:33 - 2013-09-23 02:33 - 00000000 ____D C:\FRST
2013-09-22 22:29 - 2013-09-22 22:32 - 00000000 ____D C:\AdwCleaner
2013-09-22 22:27 - 2013-09-22 22:27 - 00002154 _____ C:\Windows\epplauncher.mif
2013-09-22 22:25 - 2013-09-22 22:26 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-09-22 22:25 - 2010-04-09 09:24 - 00240008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-09-22 22:23 - 2013-09-22 22:20 - 11261784 _____ (Microsoft Corporation) C:\Users\Matika71\Desktop\mseinstall.exe
2013-09-22 22:23 - 2013-09-22 22:20 - 01039554 _____ C:\Users\Matika71\Desktop\adwcleaner.exe
2013-09-22 21:06 - 2013-09-22 21:07 - 00019875 _____ C:\Users\Matika71\Desktop\Addition.txt
2013-09-22 20:59 - 2013-09-22 13:56 - 01089757 _____ (Farbar) C:\Users\Matika71\Desktop\FRST.exe

==================== One Month Modified Files and Folders =======

2013-09-23 22:57 - 2009-07-14 06:34 - 00014128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-23 22:57 - 2009-07-14 06:34 - 00014128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-23 22:56 - 2010-10-29 11:48 - 01438406 _____ C:\Windows\WindowsUpdate.log
2013-09-23 22:53 - 2009-09-07 01:02 - 01500254 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-23 22:52 - 2013-09-23 22:51 - 00002861 _____ C:\Users\Matika71\Desktop\FSS.txt
2013-09-23 22:50 - 2011-03-19 23:18 - 00000000 ____D C:\Users\Matika71\AppData\Roaming\ZumoDrive
2013-09-23 22:49 - 2013-09-23 22:50 - 00358923 _____ (Farbar) C:\Users\Matika71\Desktop\FSS.exe
2013-09-23 22:49 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-23 22:49 - 2009-07-14 06:39 - 00081540 _____ C:\Windows\setupact.log
2013-09-23 19:26 - 2013-09-23 19:26 - 00000000 ____D C:\Program Files\ESET
2013-09-23 19:12 - 2013-09-23 19:12 - 00001071 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-23 19:12 - 2013-09-23 19:12 - 00000000 ____D C:\Users\Matika71\AppData\Roaming\Malwarebytes
2013-09-23 19:12 - 2013-09-23 19:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-23 19:12 - 2013-09-23 19:12 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-23 19:03 - 2013-09-23 19:10 - 02347384 _____ (ESET) C:\Users\Matika71\Desktop\esetsmartinstaller_enu.exe
2013-09-23 19:02 - 2013-09-23 19:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Matika71\Desktop\mbam-setup-1.75.0.1300.exe
2013-09-23 14:45 - 2012-04-13 20:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-23 09:07 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-09-23 02:56 - 2013-04-04 07:03 - 00000000 ____D C:\ProgramData\Recovery
2013-09-23 02:33 - 2013-09-23 02:33 - 00000000 ____D C:\FRST
2013-09-22 22:32 - 2013-09-22 22:29 - 00000000 ____D C:\AdwCleaner
2013-09-22 22:27 - 2013-09-22 22:27 - 00002154 _____ C:\Windows\epplauncher.mif
2013-09-22 22:26 - 2013-09-22 22:25 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-09-22 22:20 - 2013-09-22 22:23 - 11261784 _____ (Microsoft Corporation) C:\Users\Matika71\Desktop\mseinstall.exe
2013-09-22 22:20 - 2013-09-22 22:23 - 01039554 _____ C:\Users\Matika71\Desktop\adwcleaner.exe
2013-09-22 22:20 - 2013-02-11 20:01 - 00000000 ____D C:\Firefox
2013-09-22 21:07 - 2013-09-22 21:06 - 00019875 _____ C:\Users\Matika71\Desktop\Addition.txt
2013-09-22 20:34 - 2011-04-03 21:12 - 00000000 ____D C:\Users\Matika71\AppData\Local\CrashDumps
2013-09-22 13:56 - 2013-09-22 20:59 - 01089757 _____ (Farbar) C:\Users\Matika71\Desktop\FRST.exe
2013-09-15 18:15 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT

Some content of TEMP:
====================
C:\Users\Matika71\AppData\Local\Temp\ApnStub.exe
C:\Users\Matika71\AppData\Local\Temp\eiiahdsk.dll
C:\Users\Matika71\AppData\Local\Temp\g_2eu4gh.dll
C:\Users\Matika71\AppData\Local\Temp\HPQSi.exe
C:\Users\Matika71\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Matika71\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Matika71\AppData\Local\Temp\Quarantine.exe
C:\Users\Matika71\AppData\Local\Temp\Resource.exe
C:\Users\Matika71\AppData\Local\Temp\setup.exe
C:\Users\Matika71\AppData\Local\Temp\sp50843.exe.exe
C:\Users\Matika71\AppData\Local\Temp\sp54620.exe
C:\Users\Matika71\AppData\Local\Temp\swt-gdip-win32-3448.dll
C:\Users\Matika71\AppData\Local\Temp\swt-win32-3448.dll
C:\Users\Matika71\AppData\Local\Temp\Uninstaller.exe
C:\Users\Matika71\AppData\Local\Temp\UninstallerGer.dll
C:\Users\Matika71\AppData\Local\Temp\UninstallerIta.dll
C:\Users\Matika71\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Matika71\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Matika71\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Matika71\AppData\Local\Temp\WindowsAPI.dll
C:\Users\Matika71\AppData\Local\Temp\WtgDriverInstallX.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-22 21:26

==================== End Of Log ============================
--- --- ---

--- --- ---

aharonov 23.09.2013 23:34
Ist es überhaupt der Internetanschluss selbst, der nicht funktioniert, oder liegt das Problem beim Netbook? (Sprich: Funktioniert das Internet bei anderen Geräten oder auch nicht.)

Kollektiv 26.09.2013 20:37
Der Internetánschluss selbst funktioniert tadellos. Ích bin nebenbei noch mit anderen Geräten über WLAN online. Níchts desto trotz bin ich mit dem Netbook gerade über LAN ´über den selben Internetanschluss online, in den ich nicht mit dem WLAN komme.

Egal. darum kümmere ich mich später. Mit dem Netbook müssen unteranderem ein paar Updates (Windows) gemacht werden. Vielleicht hat sich dieses Prob dann schon von selbst geklärt.

Da ich nun online bin, hier die Ergebnisse von #8 auf Seite 1


ESET:

Code:
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b6a7507ed4fa704f8d2376a7bcb970ee
# engine=15243
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-24 05:24:47
# local_time=2013-09-24 07:24:47 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=5893 16776574 100 94 162264 131674678 0 0
# scanned=5505
# found=1
# cleaned=0
# scan_time=833
sh=3FCF92288F9A03474631F3F20CDC47CE30DE6AD2 ft=1 fh=60de6cf8dcae6931 vn="a variant of Win32/Kryptik.BEWL trojan" ac=I fn="C:\FRST\Quarantine\skype.dat"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b6a7507ed4fa704f8d2376a7bcb970ee
# engine=15272
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-26 06:33:24
# local_time=2013-09-26 08:33:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=5893 16776574 100 94 339181 131851595 0 0
# scanned=180986
# found=5
# cleaned=0
# scan_time=8756
sh=3FCF92288F9A03474631F3F20CDC47CE30DE6AD2 ft=1 fh=60de6cf8dcae6931 vn="a variant of Win32/Kryptik.BEWL trojan" ac=I fn="C:\FRST\Quarantine\skype.dat"
sh=D17E9A3F6EC055D1FFFB46C6AEE514916A3DCB86 ft=0 fh=0000000000000000 vn="HTML/Iframe.B.Gen virus" ac=I fn="C:\Users\Matika71\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\5XIAK649\best-xxx-galleries_net[1].htm"
sh=12491244671CA443571C6CD141B32CEDE34AF8D2 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.Agent.OWH trojan" ac=I fn="C:\Users\Matika71\AppData\Local\Temp\jar_cache1538847915892707551.tmp"
sh=B1C9290D91773A64EFC4A02FFEF88A037B215CCB ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Matika71\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\3eca2467-189f61f5"
sh=5DD18DA437DD61E34A1C875823DC032EACC493A4 ft=1 fh=c4c81d8f6f087adc vn="Win32/Simda.B trojan" ac=I fn="C:\Users\Matika71\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\78b63309-2083896e"
MALEWARE:


Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.24.07

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Matika71 :: MATIKA71-HP [Administrator]

Schutz: Aktiviert

24.09.2013 18:28:47
mbam-log-2013-09-24 (18-28-47).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 190434
Laufzeit: 15 Minute(n), 32 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\Matika71\AppData\Local\Temp\7213.tmp (Trojan.FakeAlert.FSA28) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Matika71\AppData\Local\Temp\qupfqdy (Malware.Packer.RH1Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
p.s.

beim schnellen scan hat er nur 2 treffer gehabt..ich hatte vorhin mal kompletten scan durchlaufen lassen, da habe ich aber nach 1:45 h abgebrochen, da ich kein ladegrät momentan für dass netbook bei habe, und dort zeigte er mir schon 4 Treffer (war noch nicht fertig)

Das müsste ich dann wohl nochmal wiederholen?!^^

aharonov 26.09.2013 21:26
Das ist ok so.
Aber die Software ist massiv outdated. Das muss noch korrigiert werden.


Schritt 1

Downloade dir bitte Windows Repair (all in one) und entpacke das Archiv auf den Desktop.
  • Starte nun die darin enthaltene Repair_Windows.exe.
  • Wähle den Reiter Step 2 (optional) und drücke auf Do It. Der Rechner wird neu gestartet.
  • Öffne das Programm erneut und klicke im Reiter Step 3 (optional) ebenfalls auf Do It. Starte danach den Rechner neu.
  • Im Reiter Step 4 (optional) drücke dann unter System Restore auf Create.
  • Danach drücke im Reiter Start Repairs auf Start.
  • Klicke auf Select All, setze den Haken bei Restart/Shutdown System When Finished und wähle die Option Restart System.
  • Deaktiviere temporär dein Antivirenprogramm und drücke auf Start.



Schritt 2

Lade das Service Pack 1 für Windows 7 herunter und installiere es.



Schritt 3
  • Gehe bitte zu Start --> Alle Programme --> Windows Update.
  • Klicke dann links auf Nach Updates suchen und warte, bis die Suche beendet ist.
  • Drücke dann auf Updates installieren.
  • Starte nach Beendigung der Installation den Rechner neu auf.
  • Wiederhole diese Schritte, bis keine neuen Updates mehr verfügbar sind.



Schritt 4

Dein Java ist nicht mehr aktuell. Ältere Versionen enthalten Sicherheitslücken, die von Malware zur Infizierung per Drive-by Download missbraucht werden können.

Die aktuelle Version ist Java 7 Update 40.
  • Gehe zu
    Start --> Systemsteuerung --> Programme und Funktionen (bei Vista / Win 7)
    Start --> Systemsteuerung --> Software (bei Win XP)
    und deinstalliere alle älteren Java-Versionen.
In wenigen Fällen wird Java wirklich benötigt. Auch werden immer wieder neue, noch nicht geschlossene Sicherheitslücken ausgenutzt.
Überleg dir also, ob du eine Java-Installation wirklich brauchst.
Falls du Java weiterhin verwenden möchtest, dann:
  • Lade dir die neueste Java-Version herunter.
  • Schliesse alle laufenden Programme, speziell den Browser.
  • Starte die heruntergeladene jxpiinstall.exe und folge den Anweisungen.
  • Entferne während der Installation den Haken bei "Installieren Sie die Ask-Toolbar ...".



Schritt 5

Dein Flashplayer ist veraltet. Installiere folgendermassen die aktuelle Version:
  • Besuche diese Seite von Adobe.
  • Entferne gegebenenfalls den Haken bei McAfee Security Scan bzw. Google Chrome.
  • Drücke auf Jetzt herunterladen und installiere die neuste Version.



Schritt 6

Starte noch einmal FRST.
  • Setze bei Optional Scan den Haken bei Addition.txt und drücke Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieser beiden Logfiles bitte hier in deinen Thread.

Kollektiv 29.09.2013 18:29
ok. ich habe alles erledigt.

ein problem ist mir gleich aufgefallen:

Ich kann irgendwie nicht die WINDOWS UPDATES, alles was mit FRAMEWORK zu tun hat, installieren. da sagt er mir, dass es bei der Konfiguration probleme gibt und er die installation rückgängig machen muss.

WLAN funktioniert wieder!!!

FRST:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2013 01
Ran by Matika71 (administrator) on MATIKA71-HP on 29-09-2013 19:09:25
Running from C:\Users\Matika71\Downloads
Microsoft Windows 7 Starter  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\aestsrv.exe
(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE
(Alcor Micro Corp.) C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Zecter Inc.) C:\Program Files\Hewlett-Packard\HP CloudDrive\zumodrive.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [AmIcoSinglun] - C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [237568 2010-06-18] (Alcor Micro Corp.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [HP Quick Launch] - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168 2010-06-29] (Hewlett-Packard Company)
HKLM\...\Run: [ZumoDrive] - C:\Program Files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk [2038 2010-08-16] ()
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-08] (Hewlett-Packard Company)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [BingDesktop] - C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [995184 2013-07-18] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
MountPoints2: E - E:\autorun.exe
MountPoints2: {757b217f-525b-11e0-a2a5-68b599604e57} - E:\autorun.exe
MountPoints2: {95c75bf2-5f8c-11e1-8f51-68b599604e57} - F:\ZTE_Handset_USB_Driver.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gmx.net/?kid=A1000000
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.gmx.net/br/ie9_startpage
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {3E03B772-DA98-48AD-91AB-5E1E59DDA5EB} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {939A9F98-47AF-4DCE-BDED-90902651FCD5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM - {F05CBE58-D54C-43C6-A4E1-6A5B49B592D0} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - DefaultScope {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {003892A2-652F-4B6E-8A1C-D9639FD69BCA} URL = hxxp://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKCU - {01CB7F43-F6D1-4D89-8577-51BD4A22B431} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=8DC1D0CD-58AA-4440-B054-303F87B9D575&apn_sauid=28522C81-BCB0-441D-9587-78E16BAC1267
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {3E03B772-DA98-48AD-91AB-5E1E59DDA5EB} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {40064957-18EB-412d-9146-3F57E8D92EEC} URL = hxxp://go.gmx.net/br/ie9_search_pic/?su={searchTerms}
SearchScopes: HKCU - {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKCU - {8D27B32E-89EE-460e-82D2-5FC354078EAD} URL = hxxp://go.gmx.net/br/ie9_search_produkte/?su={searchTerms}
SearchScopes: HKCU - {939A9F98-47AF-4DCE-BDED-90902651FCD5} URL =
SearchScopes: HKCU - {DCE59F23-A446-45a5-9459-E68FDC0DE38D} URL = hxxp://go.gmx.net/br/ie9_search_maps/?su={searchTerms}
SearchScopes: HKCU - {F05CBE58-D54C-43C6-A4E1-6A5B49B592D0} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

========================== Services (Whitelisted) =================

R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
S3 GameConsoleService; C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe [246520 2010-04-04] (WildTangent, Inc.)
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-07-08] (Hewlett-Packard Company)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2013-07-18] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-07-18] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [237650 2010-06-18] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [27136 2010-06-17] (Alcor Micro, Corp.)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R1 DVMIO; C:\Windows\System32\DRIVERS\dvmio.sys [18136 2009-11-11] (DeviceVM, Inc.)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [15896 2011-03-07] (HandSet Incorporated)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
S3 cmnsusbser; system32\DRIVERS\cmnsusbser.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-29 17:50 - 2012-08-23 16:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2013-09-29 17:50 - 2012-08-23 16:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2013-09-29 17:50 - 2012-08-23 16:40 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2013-09-29 17:50 - 2012-08-23 16:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-09-29 17:50 - 2012-08-23 16:10 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-09-29 17:50 - 2012-08-23 15:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-09-29 17:50 - 2012-08-23 15:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2013-09-29 17:50 - 2012-08-23 15:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2013-09-29 17:50 - 2012-08-23 15:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-09-29 17:50 - 2012-08-23 15:18 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-09-29 17:50 - 2012-08-23 13:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-09-29 17:50 - 2012-08-23 13:32 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2013-09-29 17:50 - 2012-08-23 13:15 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-09-29 17:50 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2013-09-29 17:50 - 2012-08-23 12:39 - 01048064 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-09-29 17:50 - 2012-08-23 12:08 - 02739712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2013-09-29 17:50 - 2012-08-23 10:19 - 04916224 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-09-29 17:22 - 2013-01-13 21:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-09-29 17:21 - 2013-01-13 23:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-29 17:21 - 2013-01-13 23:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-29 17:21 - 2013-01-13 23:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-29 17:21 - 2013-01-13 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-29 17:21 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-29 17:21 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-29 17:21 - 2013-01-13 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-29 17:21 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-29 17:21 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-29 17:21 - 2013-01-13 22:30 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-09-29 17:21 - 2013-01-13 22:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-09-29 17:21 - 2013-01-13 22:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-09-29 17:21 - 2013-01-13 22:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-09-29 17:21 - 2013-01-13 22:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-09-29 17:21 - 2013-01-13 21:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-09-29 17:21 - 2013-01-13 21:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-09-29 17:21 - 2013-01-13 21:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-09-29 17:21 - 2013-01-13 21:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-09-29 17:21 - 2013-01-13 21:43 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-09-29 17:21 - 2013-01-13 21:37 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-09-29 17:21 - 2013-01-13 21:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-09-29 17:21 - 2013-01-13 20:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-09-29 17:21 - 2013-01-13 19:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-09-29 17:21 - 2013-01-04 08:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-09-29 17:17 - 2013-09-29 17:20 - 01086873 _____ (Farbar) C:\Users\Matika71\Downloads\FRST.exe
2013-09-28 21:44 - 2013-09-28 21:44 - 00144872 _____ C:\Windows\Minidump\092813-49421-01.dmp
2013-09-28 20:33 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-09-28 17:57 - 2013-09-28 17:57 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-09-28 17:54 - 2013-09-28 17:54 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-09-28 17:53 - 2013-09-29 18:35 - 00047032 _____ C:\Windows\IE10_main.log
2013-09-28 17:50 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-09-28 17:50 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-09-28 17:50 - 2012-10-03 18:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2013-09-28 17:50 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2013-09-28 17:50 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2013-09-28 17:50 - 2012-10-03 18:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2013-09-28 17:50 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2013-09-28 17:50 - 2012-10-03 18:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-09-28 17:50 - 2012-10-03 17:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2013-09-28 17:49 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-28 17:49 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-28 17:49 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-28 17:48 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-09-28 17:48 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-28 17:48 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-28 17:48 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-09-28 17:48 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-09-28 17:48 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-09-28 17:48 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-09-28 17:48 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-09-28 17:48 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-09-28 17:48 - 2012-08-24 19:05 - 00136560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-09-28 17:48 - 2012-08-24 19:02 - 00369856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-09-28 17:48 - 2012-08-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-09-28 17:48 - 2012-08-24 18:56 - 01039360 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-09-28 17:48 - 2012-08-21 22:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2013-09-28 17:48 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-09-28 17:47 - 2013-08-08 03:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-28 17:47 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-09-28 17:47 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-09-28 17:47 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-09-28 17:47 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-09-28 17:47 - 2013-04-10 07:18 - 00728424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-09-28 17:47 - 2013-04-10 07:18 - 00218984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-09-28 17:47 - 2013-03-19 06:53 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-09-28 17:47 - 2013-03-19 05:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-09-28 17:47 - 2012-08-22 19:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-09-28 17:47 - 2012-07-04 21:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2013-09-28 17:45 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2013-09-28 17:45 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2013-09-28 17:37 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-28 17:37 - 2013-08-02 03:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-28 17:37 - 2013-08-02 03:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-28 17:37 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-28 17:37 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-28 17:37 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-09-28 17:37 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-09-28 17:37 - 2013-02-27 07:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-09-28 17:37 - 2013-02-27 06:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-09-28 17:37 - 2013-02-27 06:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-09-28 05:32 - 2013-09-28 05:35 - 00000000 ____D C:\Windows\system32\MRT
2013-09-27 23:22 - 2013-09-27 23:22 - 00000000 ____D C:\Windows\system32\SPReview
2013-09-27 22:23 - 2010-11-20 04:36 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2013-09-27 22:23 - 2010-11-20 04:36 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\NAPHLPR.DLL
2013-09-27 22:23 - 2010-11-20 04:32 - 05066752 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2013-09-27 22:23 - 2010-11-20 04:30 - 00520064 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2013-09-27 22:23 - 2010-11-20 04:30 - 00245632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-09-27 22:23 - 2010-11-20 04:30 - 00173440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2013-09-27 22:23 - 2010-11-20 04:30 - 00085376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys
2013-09-27 22:23 - 2010-11-20 04:30 - 00078208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2013-09-27 22:23 - 2010-11-20 04:30 - 00028032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
2013-09-27 22:23 - 2010-11-20 04:29 - 02217856 _____ (Microsoft Corporation) C:\Windows\system32\bootres.dll
2013-09-27 22:23 - 2010-11-20 04:29 - 00274304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2013-09-27 22:23 - 2010-11-20 04:29 - 00194432 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2013-09-27 22:23 - 2010-11-20 04:29 - 00194432 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2013-09-27 22:23 - 2010-11-20 04:29 - 00137088 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2013-09-27 22:23 - 2010-11-20 04:24 - 00271664 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2013-09-27 22:23 - 2010-11-20 04:23 - 00144768 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 02755072 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 02157568 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 01128448 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 01115136 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00974336 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\Vault.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2013-09-27 22:23 - 2010-11-20 04:21 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00755200 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00577024 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\wiadefui.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\unattend.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\wmpsrcwp.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2013-09-27 22:23 - 2010-11-20 04:21 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\remotepg.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\twext.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\recovery.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2013-09-27 22:23 - 2010-11-20 04:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00051200 _____ (Twain Working Group) C:\Windows\twain_32.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\samcli.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\umb.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wtsapi32.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\utildll.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TRAPI.dll
2013-09-27 22:23 - 2010-11-20 04:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\onexui.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00395264 _____ (Microsoft Corporation) C:\Windows\system32\prnfldr.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\nshipsec.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2013-09-27 22:23 - 2010-11-20 04:20 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL
2013-09-27 22:23 - 2010-11-20 04:20 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\mydocs.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\QCLIPROV.DLL
2013-09-27 22:23 - 2010-11-20 04:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\PrintIsolationProxy.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\netutils.dll
2013-09-27 22:23 - 2010-11-20 04:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\perfts.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 02151936 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 01493504 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 01066496 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00732160 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL
2013-09-27 22:23 - 2010-11-20 04:19 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mstask.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2013-09-27 22:23 - 2010-11-20 04:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\fphc.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00093696 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\fms.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\KMSVC.DLL
2013-09-27 22:23 - 2010-11-20 04:19 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\FXSMON.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\mciqtz32.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\lsmproxy.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2013-09-27 22:23 - 2010-11-20 04:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 03727872 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 01828352 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 01334272 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 01040384 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 01003520 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\biocpl.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2013-09-27 22:23 - 2010-11-20 04:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00252928 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\activeds.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-09-27 22:23 - 2010-11-20 04:18 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\adsldp.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\amstream.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsauth.dll
2013-09-27 22:23 - 2010-11-20 04:18 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\C_ISCII.DLL
2013-09-27 22:23 - 2010-11-20 04:17 - 03367424 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\FXSSVC.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00098816 _____ (Microsoft) C:\Windows\system32\Robocopy.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\cmstp.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\MuiUnattend.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tzutil.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\unlodctr.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\proquota.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe
2013-09-27 22:23 - 2010-11-20 04:17 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\LogonUI.exe
2013-09-27 22:23 - 2010-11-20 04:16 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\Bubbles.scr
2013-09-27 22:23 - 2010-11-20 04:16 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2013-09-27 22:23 - 2010-11-20 04:16 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2013-09-27 22:23 - 2010-11-20 04:16 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2013-09-27 22:23 - 2010-11-20 04:16 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2013-09-27 22:23 - 2010-11-20 04:16 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2013-09-27 22:23 - 2010-11-20 04:16 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr
2013-09-27 22:23 - 2010-11-20 04:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\Mystify.scr
2013-09-27 22:23 - 2010-11-20 04:16 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\bitsadmin.exe
2013-09-27 22:23 - 2010-11-20 04:16 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2013-09-27 22:23 - 2010-11-20 04:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\kstvtune.ax
2013-09-27 22:23 - 2010-11-20 04:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ksxbar.ax
2013-09-27 22:23 - 2010-11-20 04:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\vbisurf.ax
2013-09-27 22:23 - 2010-11-20 04:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll
2013-09-27 22:23 - 2010-11-20 04:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2013-09-27 22:23 - 2010-11-20 04:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\RDPENCDD.dll
2013-09-27 22:23 - 2010-11-20 04:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\pifmgr.dll
2013-09-27 22:23 - 2010-11-20 04:00 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2013-09-27 22:23 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUQ.DLL
2013-09-27 22:23 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUF.DLL
2013-09-27 22:23 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDPO.DLL
2013-09-27 22:23 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDNEPR.DLL
2013-09-27 22:23 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDINBEN.DLL
2013-09-27 22:23 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDUS.DLL
2013-09-27 22:23 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTEL.DLL
2013-09-27 22:23 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBULG.DLL
2013-09-27 22:23 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBLR.DLL
2013-09-27 22:23 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2013-09-27 22:23 - 2010-11-20 02:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys
2013-09-27 22:23 - 2010-11-20 02:07 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2013-09-27 22:23 - 2010-11-20 02:07 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2013-09-27 22:23 - 2010-11-20 02:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2013-09-27 22:23 - 2010-11-20 02:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys
2013-09-27 22:23 - 2010-11-20 02:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-09-27 22:23 - 2010-11-20 02:00 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2013-09-27 22:23 - 2010-11-20 02:00 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys
2013-09-27 22:23 - 2010-11-20 01:59 - 00132224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-09-27 22:23 - 2010-11-20 01:59 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-09-27 22:23 - 2010-11-20 01:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2013-09-27 22:23 - 2010-11-20 01:50 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2013-09-27 22:23 - 2010-11-20 01:19 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2013-09-27 22:23 - 2010-11-20 00:42 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-09-27 22:23 - 2010-11-19 21:23 - 00053600 _____ C:\Windows\system32\dosx.exe
2013-09-27 22:23 - 2010-11-04 18:20 - 00146852 _____ C:\Windows\system32\systemsf.ebd
2013-09-27 22:23 - 2010-11-04 17:58 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2013-09-27 22:23 - 2010-11-04 17:58 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2013-09-27 22:23 - 2010-11-04 17:58 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2013-09-27 22:22 - 2010-11-20 04:36 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL
2013-09-27 22:22 - 2010-11-20 04:30 - 00233344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2013-09-27 22:22 - 2010-11-20 04:30 - 00160128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2013-09-27 22:22 - 2010-11-20 04:30 - 00153984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2013-09-27 22:22 - 2010-11-20 04:30 - 00140160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys
2013-09-27 22:22 - 2010-11-20 04:30 - 00130432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys
2013-09-27 22:22 - 2010-11-20 04:30 - 00116096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys
2013-09-27 22:22 - 2010-11-20 04:30 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2013-09-27 22:22 - 2010-11-20 04:30 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2013-09-27 22:22 - 2010-11-20 04:29 - 00014208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
2013-09-27 22:22 - 2010-11-20 04:24 - 00690680 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2013-09-27 22:22 - 2010-11-20 04:24 - 00508904 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-09-27 22:22 - 2010-11-20 04:24 - 00442720 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-09-27 22:22 - 2010-11-20 04:21 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 02983424 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 01712640 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 01624064 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 01363456 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 01326592 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 01175040 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 01086976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 01003008 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00782336 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00750592 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\sdcpl.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2013-09-27 22:22 - 2010-11-20 04:21 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2013-09-27 22:22 - 2010-11-20 04:21 - 00521216 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00463360 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00436736 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00428544 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese30.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00307712 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\taskbarcpl.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\wiavideo.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\sppinst.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\QUTIL.DLL
2013-09-27 22:22 - 2010-11-20 04:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountControlSettings.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\unimdmat.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\vfwwdm32.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\sppuinotify.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rdpd3d.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\RpcRtRemote.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\shimgvw.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\wdiasqmmodule.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\vpnikeapi.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\rdprefdrvapi.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\shgina.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\sisbkup.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\schedcli.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\syssetup.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wshirda.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcfgex.dll
2013-09-27 22:22 - 2010-11-20 04:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2013-09-27 22:22 - 2010-11-20 04:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 02504192 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2013-09-27 22:22 - 2010-11-20 04:20 - 02494464 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 02130944 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 01750528 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 01661440 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 01644032 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 01414144 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00932352 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00656384 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00283136 _____ (Microsoft Corporation) C:\Windows\system32\qdv.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\OnLineIDCpl.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\qcap.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceSyncProvider.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\netjoin.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\prncache.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\nci.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\olethk32.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\napdsnap.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
2013-09-27 22:22 - 2010-11-20 04:20 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 03207680 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\FirewallControlPanel.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2013-09-27 22:22 - 2010-11-20 04:19 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-09-27 22:22 - 2010-11-20 04:19 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00592384 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2013-09-27 22:22 - 2010-11-20 04:19 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-09-27 22:22 - 2010-11-20 04:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\hgprint.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00082944 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\inetmib1.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\luainstall.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\msdmo.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2013-09-27 22:22 - 2010-11-20 04:19 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 02522624 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 01400320 _____ (Microsoft Corporation) C:\Windows\system32\DxpTaskSync.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 01371136 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\DiagCpl.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00863744 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00854016 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00762880 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00685056 _____ (Microsoft Corporation) C:\Windows\system32\dsuiext.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00537600 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-09-27 22:22 - 2010-11-20 04:18 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2013-09-27 22:22 - 2010-11-20 04:18 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\audiodev.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\defaultlocationcpl.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingFolder.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\dnscmmc.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\cabinet.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\cca.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\CertPolEng.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\AzSqlExt.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\elsTrans.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\bitsperf.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2013-09-27 22:22 - 2010-11-20 04:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2013-09-27 22:22 - 2010-11-20 04:17 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 01203200 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00280576 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00257536 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgrade.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\iscsicli.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\setupugc.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\isoburn.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\djoin.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\repair-bde.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\MultiDigiMon.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\takeown.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\runonce.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\userinit.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\netcfg.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2013-09-27 22:22 - 2010-11-20 04:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2013-09-27 22:22 - 2010-11-20 04:16 - 00905216 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2013-09-27 22:22 - 2010-11-20 04:16 - 00776192 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2013-09-27 22:22 - 2010-11-20 04:16 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2013-09-27 22:22 - 2010-11-20 04:16 - 00668160 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-09-27 22:22 - 2010-11-20 04:16 - 00658944 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2013-09-27 22:22 - 2010-11-20 04:16 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2013-09-27 22:22 - 2010-11-20 04:16 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl
2013-09-27 22:22 - 2010-11-20 04:16 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\main.cpl
2013-09-27 22:22 - 2010-11-20 04:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2013-09-27 22:22 - 2010-11-20 04:16 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl
2013-09-27 22:22 - 2010-11-20 04:16 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2013-09-27 22:22 - 2010-11-20 04:16 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\Ribbons.scr
2013-09-27 22:22 - 2010-11-20 04:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2013-09-27 22:22 - 2010-11-20 04:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2013-09-27 22:22 - 2010-11-20 04:16 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
2013-09-27 22:22 - 2010-11-20 04:16 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2013-09-27 22:22 - 2010-11-20 04:16 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\desk.cpl
2013-09-27 22:22 - 2010-11-20 04:16 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
2013-09-27 22:22 - 2010-11-20 04:16 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2013-09-27 22:22 - 2010-11-20 04:16 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2013-09-27 22:22 - 2010-11-20 04:16 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\WSTPager.ax
2013-09-27 22:22 - 2010-11-20 04:16 - 00065024 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
2013-09-27 22:22 - 2010-11-20 04:16 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\g711codc.ax
2013-09-27 22:22 - 2010-11-20 04:08 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-09-27 22:22 - 2010-11-20 04:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2013-09-27 22:22 - 2010-11-20 04:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2013-09-27 22:22 - 2010-11-20 04:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDSG.DLL
2013-09-27 22:22 - 2010-11-20 04:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdlk41a.dll
2013-09-27 22:22 - 2010-11-20 04:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDCZ1.DLL
2013-09-27 22:22 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDSF.DLL
2013-09-27 22:22 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGR1.DLL
2013-09-27 22:22 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGKL.DLL
2013-09-27 22:22 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDUGHR1.DLL
2013-09-27 22:22 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTURME.DLL
2013-09-27 22:22 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAJIK.DLL
2013-09-27 22:22 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDMON.DLL
2013-09-27 22:22 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDMAORI.DLL
2013-09-27 22:22 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDLT1.DLL
2013-09-27 22:22 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTAM.DLL
2013-09-27 22:22 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINORI.DLL
2013-09-27 22:22 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINMAR.DLL
2013-09-27 22:22 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINKAN.DLL
2013-09-27 22:22 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINHIN.DLL
2013-09-27 22:22 - 2010-11-20 04:00 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDGEO.DLL
2013-09-27 22:22 - 2010-11-20 03:57 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2013-09-27 22:22 - 2010-11-20 03:56 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\BlbEvents.dll
2013-09-27 22:22 - 2010-11-20 03:54 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2013-09-27 22:22 - 2010-11-20 02:22 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\rdpdd.dll
2013-09-27 22:22 - 2010-11-20 02:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys
2013-09-27 22:22 - 2010-11-20 02:21 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\RDPREFDD.dll
2013-09-27 22:22 - 2010-11-20 02:06 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2013-09-27 22:22 - 2010-11-20 02:06 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2013-09-27 22:22 - 2010-11-20 02:06 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
2013-09-27 22:22 - 2010-11-20 02:00 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-09-27 22:22 - 2010-11-20 02:00 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys
2013-09-27 22:22 - 2010-11-20 01:59 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2013-09-27 22:22 - 2010-11-20 01:59 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-09-27 22:22 - 2010-11-20 01:59 - 00035968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys
2013-09-27 22:22 - 2010-11-20 01:59 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2013-09-27 22:22 - 2010-11-20 01:50 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys
2013-09-27 22:22 - 2010-11-20 01:50 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2013-09-27 22:22 - 2010-11-20 01:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2013-09-27 22:22 - 2010-11-20 01:24 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2013-09-27 22:22 - 2010-11-20 00:54 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-09-27 22:22 - 2010-11-20 00:47 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys
2013-09-27 22:22 - 2010-11-20 00:44 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2013-09-27 22:22 - 2010-11-20 00:42 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-09-27 22:22 - 2010-11-20 00:42 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2013-09-27 22:22 - 2010-11-20 00:40 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2013-09-27 22:22 - 2010-11-20 00:39 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2013-09-27 22:22 - 2010-11-20 00:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2013-09-27 22:22 - 2010-11-20 00:39 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys
2013-09-27 22:22 - 2010-11-20 00:38 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2013-09-27 22:22 - 2010-11-09 17:45 - 00010429 _____ C:\Windows\system32\ScavengeSpace.xml
2013-09-27 22:22 - 2010-11-04 18:20 - 00105559 _____ C:\Windows\system32\RacRules.xml
2013-09-27 22:22 - 2010-11-04 18:11 - 00312168 _____ (Microsoft Corporation) C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2013-09-27 22:22 - 2010-11-04 17:58 - 00155472 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2013-09-27 22:22 - 2010-11-04 17:58 - 00049488 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2013-09-27 22:22 - 2010-11-04 17:53 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2013-09-27 22:22 - 2010-11-04 17:53 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2013-09-27 21:58 - 2013-09-27 21:58 - 00000000 ____D C:\2467056a6c87213b71e43875d8
2013-09-27 20:50 - 2013-09-27 21:51 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-09-27 14:22 - 2013-09-27 14:22 - 00000000 ____D C:\Program Files\Common Files\Java
2013-09-27 14:22 - 2013-09-27 14:21 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-09-27 14:21 - 2013-09-27 14:21 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-09-27 14:21 - 2013-09-27 14:21 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-09-27 14:21 - 2013-09-27 14:21 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-09-27 14:21 - 2013-09-27 14:21 - 00000000 ____D C:\Program Files\Java
2013-09-27 14:17 - 2013-09-27 11:29 - 05369204 _____ C:\Users\Matika71\Desktop\windows_repair_aio_setup.exe
2013-09-27 14:16 - 2013-09-27 11:45 - 563934504 _____ (Microsoft Corporation) C:\Users\Matika71\Desktop\windows6.1-KB976932-X86.exe
2013-09-24 19:07 - 2013-09-24 19:07 - 00002800 _____ C:\Users\Matika71\Desktop\FSS.txt
2013-09-24 18:33 - 2013-09-24 18:33 - 00002143 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2013-09-24 18:27 - 2013-09-24 18:27 - 00000000 ____D C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2013-09-23 22:50 - 2013-09-23 22:49 - 00358923 _____ (Farbar) C:\Users\Matika71\Desktop\FSS.exe
2013-09-23 19:12 - 2013-09-23 19:12 - 00000000 ____D C:\Users\Matika71\AppData\Roaming\Malwarebytes
2013-09-23 19:12 - 2013-09-23 19:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-23 19:10 - 2013-09-23 19:03 - 02347384 _____ (ESET) C:\Users\Matika71\Desktop\esetsmartinstaller_enu.exe
2013-09-23 19:10 - 2013-09-23 19:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Matika71\Desktop\mbam-setup-1.75.0.1300.exe
2013-09-23 02:33 - 2013-09-23 02:33 - 00000000 ____D C:\FRST
2013-09-22 22:29 - 2013-09-22 22:32 - 00000000 ____D C:\AdwCleaner
2013-09-22 22:27 - 2013-09-22 22:27 - 00002154 _____ C:\Windows\epplauncher.mif
2013-09-22 22:25 - 2013-09-22 22:26 - 00000000 ____D C:\Program Files\Microsoft Security Client

==================== One Month Modified Files and Folders =======

2013-09-29 19:12 - 2010-10-29 11:48 - 01119523 _____ C:\Windows\WindowsUpdate.log
2013-09-29 19:10 - 2009-09-07 01:02 - 01500294 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-29 19:07 - 2011-03-19 23:18 - 00000000 ____D C:\Users\Matika71\AppData\Roaming\ZumoDrive
2013-09-29 19:07 - 2009-07-14 06:34 - 00014128 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-29 19:07 - 2009-07-14 06:34 - 00014128 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-29 19:02 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-29 19:02 - 2009-07-14 06:39 - 00083735 _____ C:\Windows\setupact.log
2013-09-29 19:02 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-09-29 18:45 - 2012-04-13 20:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-29 18:35 - 2013-09-28 17:53 - 00047032 _____ C:\Windows\IE10_main.log
2013-09-29 18:19 - 2011-03-19 23:16 - 00063312 _____ C:\Users\Matika71\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-29 18:17 - 2009-07-14 06:33 - 00269816 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-29 18:10 - 2010-08-16 20:15 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2013-09-29 18:10 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Windows Defender
2013-09-29 18:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-TW
2013-09-29 18:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-HK
2013-09-29 18:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-CN
2013-09-29 18:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\tr-TR
2013-09-29 18:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sv-SE
2013-09-29 18:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ru-RU
2013-09-29 18:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-PT
2013-09-29 18:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-BR
2013-09-29 18:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL
2013-09-29 18:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nl-NL
2013-09-29 18:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nb-NO
2013-09-29 18:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ko-KR
2013-09-29 18:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ja-JP
2013-09-29 18:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\it-IT
2013-09-29 18:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\hu-HU
2013-09-29 18:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fr-FR
2013-09-29 18:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fi-FI
2013-09-29 18:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\el-GR
2013-09-29 17:20 - 2013-09-29 17:17 - 01086873 _____ (Farbar) C:\Users\Matika71\Downloads\FRST.exe
2013-09-29 17:11 - 2012-04-13 20:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-29 17:11 - 2012-04-13 20:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-29 17:11 - 2011-09-05 21:20 - 00000000 ____D C:\Users\Matika71\AppData\Local\Adobe
2013-09-29 15:14 - 2011-03-19 21:02 - 00228878 _____ C:\Windows\PFRO.log
2013-09-29 10:04 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-28 21:44 - 2013-09-28 21:44 - 00144872 _____ C:\Windows\Minidump\092813-49421-01.dmp
2013-09-28 21:44 - 2012-10-28 22:56 - 189320074 _____ C:\Windows\MEMORY.DMP
2013-09-28 21:44 - 2012-10-28 22:56 - 00000000 ____D C:\Windows\Minidump
2013-09-28 21:06 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-09-28 17:57 - 2013-09-28 17:57 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-09-28 17:54 - 2013-09-28 17:54 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-09-28 05:35 - 2013-09-28 05:32 - 00000000 ____D C:\Windows\system32\MRT
2013-09-28 03:28 - 2010-08-16 13:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-09-28 03:11 - 2011-04-19 15:36 - 00000000 ____D C:\Program Files\Microsoft Application Virtualization Client
2013-09-27 23:27 - 2010-08-16 20:15 - 00000000 ____D C:\Windows\de-DE
2013-09-27 23:27 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-09-27 23:27 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-09-27 23:27 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-09-27 23:27 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\DVD Maker
2013-09-27 23:27 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2013-09-27 23:27 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\System
2013-09-27 23:22 - 2013-09-27 23:22 - 00000000 ____D C:\Windows\system32\SPReview
2013-09-27 23:04 - 2009-07-14 04:05 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2013-09-27 21:58 - 2013-09-27 21:58 - 00000000 ____D C:\2467056a6c87213b71e43875d8
2013-09-27 21:51 - 2013-09-27 20:50 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-09-27 21:19 - 2011-04-03 21:12 - 00000000 ____D C:\Users\Matika71\AppData\Local\CrashDumps
2013-09-27 14:22 - 2013-09-27 14:22 - 00000000 ____D C:\Program Files\Common Files\Java
2013-09-27 14:21 - 2013-09-27 14:22 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-09-27 14:21 - 2013-09-27 14:21 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-09-27 14:21 - 2013-09-27 14:21 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-09-27 14:21 - 2013-09-27 14:21 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-09-27 14:21 - 2013-09-27 14:21 - 00000000 ____D C:\Program Files\Java
2013-09-27 14:21 - 2012-10-21 20:11 - 00868264 _____ (Oracle Corporation) C:\Windows\system32\npdeployJava1.dll
2013-09-27 14:21 - 2010-08-16 13:12 - 00790440 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-09-27 11:45 - 2013-09-27 14:16 - 563934504 _____ (Microsoft Corporation) C:\Users\Matika71\Desktop\windows6.1-KB976932-X86.exe
2013-09-27 11:29 - 2013-09-27 14:17 - 05369204 _____ C:\Users\Matika71\Desktop\windows_repair_aio_setup.exe
2013-09-26 17:43 - 2009-07-14 06:56 - 00000000 ____D C:\Windows\DigitalLocker
2013-09-24 19:07 - 2013-09-24 19:07 - 00002800 _____ C:\Users\Matika71\Desktop\FSS.txt
2013-09-24 18:42 - 2010-08-16 11:06 - 00000000 ____D C:\Program Files\InstallShield Installation Information
2013-09-24 18:33 - 2013-09-24 18:33 - 00002143 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2013-09-24 18:33 - 2010-08-16 11:04 - 00000000 ____D C:\Program Files\Hewlett-Packard
2013-09-24 18:30 - 2011-03-19 23:18 - 00000000 ____D C:\Users\Matika71\AppData\Roaming\hpqLog
2013-09-24 18:27 - 2013-09-24 18:27 - 00000000 ____D C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2013-09-24 16:41 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-09-23 22:49 - 2013-09-23 22:50 - 00358923 _____ (Farbar) C:\Users\Matika71\Desktop\FSS.exe
2013-09-23 19:12 - 2013-09-23 19:12 - 00000000 ____D C:\Users\Matika71\AppData\Roaming\Malwarebytes
2013-09-23 19:12 - 2013-09-23 19:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-23 19:03 - 2013-09-23 19:10 - 02347384 _____ (ESET) C:\Users\Matika71\Desktop\esetsmartinstaller_enu.exe
2013-09-23 19:02 - 2013-09-23 19:10 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Matika71\Desktop\mbam-setup-1.75.0.1300.exe
2013-09-23 02:56 - 2013-04-04 07:03 - 00000000 ____D C:\ProgramData\Recovery
2013-09-23 02:33 - 2013-09-23 02:33 - 00000000 ____D C:\FRST
2013-09-22 22:32 - 2013-09-22 22:29 - 00000000 ____D C:\AdwCleaner
2013-09-22 22:27 - 2013-09-22 22:27 - 00002154 _____ C:\Windows\epplauncher.mif
2013-09-22 22:26 - 2013-09-22 22:25 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-09-22 22:20 - 2013-02-11 20:01 - 00000000 ____D C:\Firefox
2013-09-15 18:15 - 2009-07-14 06:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-01 16:57 - 2011-11-30 22:21 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Matika71\AppData\Local\Temp\swt-gdip-win32-3448.dll
C:\Users\Matika71\AppData\Local\Temp\swt-win32-3448.dll
C:\Users\Matika71\AppData\Local\Temp\WindowsAPI.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-22 21:26

==================== End Of Log ============================
--- --- ---


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:50 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19