Trojaner-Board
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   TR/ATRAPS.Gen2 auf Laptop/Vista (https://www.trojaner-board.de/144145-tr-atraps-gen2-laptop-vista.html)

schrauber 10.11.2013 19:08
Zitat:
Secunia läuft bei mir nicht. Er kann keine Verbindung herstellen. Irgend etwas mit proxy-Unterstützung??

Der TCF läuft bei mir auch nicht. Das Programm stürzte ab. Danach hatte ich einen blanken Bildschirm und musste über strg/Alt/entf. neustarten. Plötzlich hatte ich überall desktop.ini und Ordner mit Verknüpfungen. Das habe ich dann über die Ordnereinstellungen (google sei Dank) wieder (verstecken) können.

Gibt es eine Alternative zu diesem TCF?
Behalte den Ccleaner, aber nicht in der REgistry rum machen :)

Lesestoff:
Warum wir Avira nicht mehr empfehlen
Avira liefert seit einiger Zeit mit der Standardinstallation die Ask Toolbar mit aus. Diese Toolbar ist Voraussetzung dafür, dass der Webguard zuverlässig funktioniert. Die Ask Toolbar ist dafür bekannt, dass sie das Surfverhalten des Benutzers ausspioniert, um damit in letzter Konsequenz Geld zu verdienen. Daher wird von uns auf diesem Board als "schädlich" eingestuft. Mehr Informationen.

Eine Sicherheitsfirma, die dem Benutzer praktisch ungefragt schädliche Software "unterjubelt", scheidet für uns daher aus. Wir empfehlen daher allen Nutzern von Avira aufgrund dieser Geschäftspraktik, der teilweise äußerst schlechten Erkennungsrate und der überaus nervtötenden Werbung Avira zu deinstallieren und auf ein alternatives Produkt auszuweichen.

Solltest du dich zu einem Wechsel entscheiden, empfehlen wir dir nach der Deinstallation mit dem Avira-Cleaner alle Reste zu entfernen.



Zu WIndows Update:
Nur das eine Update? Lass das mal laufen
How do I reset Windows Update components?


Zu der Infektion:
Logo, so ne Warnung ist der Standardbaustein, poste ich auch, bei "echten bösen" Infektionen. ZA ist ungefähr so ausgeluscht wie en Trabi, jeder richtig ausgebildete Malware Removal Helper bereinigt das Ding (vor Ort) in 3 Minuten, zwischen Zähne putzen und waschen :)

Gast77 11.11.2013 22:27
Hallo nochmal,

ich habe wegen des Updates den von Dir verlinkten Support durchgeführt. Er fand 6 Fehler, von denen 4 behoben wurden. Leider besteht noch "Dienstregistrierung fehlt oder ist beschädigt" und "Probleme beim Installieren der letzten Aktualisierung".

Es ist das Servicepaket 2, das sich nicht installieren lässt.

Hat das was mit Trojaner zu tun? Oder ist das eine andere Baustelle? Weißt Du Rat?

LG, Martina

Guten Abend,

ich habe mich von Avira getrennt und nach Anleitung den Avira Cleaner benutzt. Dann habe ich Microsoft Security Essentials geladen.

Merkwürdigerweise hatte auch dieses Programm Probleme. Es zeigte "Fehler beim Update der Viren- und Spywaredefinition"; es kann keine Verbindung zum Internet/Netzwerk herstellen. (Bereits das Secunia konnte - wie bereits geschrieben - keine Verbindung herstellen und nicht installiert werden). Das finde ich doch ein wenig bedenklich.

Nach der Installation von MSE habe ich einen vollständigen Scan gemacht und er hat - Rogue:Win32/FakeVimes gefunden. Den habe ich in Quarantäne geschickt und dann nach Beschreibung von MSE sofort gelöscht.

Ist mit meinem Computer wirklich alles i. O?

LG, Martina

schrauber 12.11.2013 12:20
Poste mal ein frisches FRST log bitte.

Gast77 12.11.2013 12:41
Hallo,

hier die Ergebnisse:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
Ran by mehdi (administrator) on D9XTDN3J on 12-11-2013 12:32:23
Running from C:\Users\mehdi\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Windows\system32\aestsrv.exe
(B.H.A Corporation) C:\Windows\System32\bgsvcgen.exe
( ) C:\Windows\system32\dlcccoms.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(IDT, Inc.) C:\Windows\system32\STacSV.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(RealNetworks, Inc.) C:\Program Files\Real\realplayer\Update\realsched.exe
(SoftPerfect Research) C:\Program Files\NetWorx\networx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [159744 2007-09-24] (Alps Electric Co., Ltd.)
HKLM\...\Run: [OEM02Mon.exe] - C:\Windows\OEM02Mon.exe [36864 2007-12-03] (Creative Technology Ltd.)
HKLM\...\Run: [SigmatelSysTrayApp] - C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe [405504 2008-01-02] (IDT, Inc.)
HKLM\...\Run: [DLCCCATS] - rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NVHotkey] - rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\realplayer\Update\realsched.exe [295072 2013-01-21] (RealNetworks, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NetWorx] - C:\Program Files\NetWorx\networx.exe [3255696 2012-12-18] (SoftPerfect Research)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [125952 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [RocketDock] - "C:\Program Files\RocketDock\RocketDock.exe"
HKCU\...\Run: [ISUSPM] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [206112 2008-10-24] (Macrovision Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [WinPatrol] - C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe [456768 2013-10-19] (BillP Studios)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=800224F5&OHP=http%3A%2F%2Fwww.google.com&OSP=
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - ${searchCLSID} URL = hxxp://search-gala.com/?&uid=220&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll [223232] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default
FF NewTab: hxxp://www.google.de
FF SelectedSearchEngine: eBay
FF Homepage: hxxp://www.google.de
FF NetworkProxy: "backup.ftp", ""
FF NetworkProxy: "backup.ftp_port", 0
FF NetworkProxy: "backup.socks", ""
FF NetworkProxy: "backup.socks_port", 0
FF NetworkProxy: "backup.ssl", ""
FF NetworkProxy: "backup.ssl_port", 0
FF NetworkProxy: "ftp", "171.66.247.151"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "171.66.247.151"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "171.66.247.151"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "171.66.247.151"
FF NetworkProxy: "ssl_port", 80
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File
FF Plugin: @zylom.com/ZylomGamesPlayer - C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll No File
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\searchplugins\dailymotion.xml
FF SearchPlugin: C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\searchplugins\leo-deu-fra.xml
FF SearchPlugin: C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\searchplugins\myvideo.xml
FF SearchPlugin: C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\searchplugins\youtube-videosuche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: bookmarkfaviconchanger - C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\Extensions\bookmarkfaviconchanger@sonthakit.xpi
FF Extension: personas - C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\Extensions\personas@christopher.beard.xpi
FF Extension: noscript - C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Adblock Plus - C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Google Toolbar for Firefox - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\

========================== Services (Whitelisted) =================

R2 bgsvcgen; C:\Windows\System32\bgsvcgen.exe [145504 2007-06-15] (B.H.A Corporation)
R2 dlcc_device; C:\Windows\system32\dlcccoms.exe [538096 2007-02-14] ( )
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 RemoteAccess; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S2 gupdate1c9f579372d2820; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [x]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [x]

==================== Drivers (Whitelisted) ====================

R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-01-13] (DT Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [328192 2007-04-02] (Ralink Technology Corp.)
R1 networx; C:\Windows\System32\drivers\networx.sys [52728 2012-11-26] (NetFilterSDK.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2012-11-24] (Duplex Secure Ltd.)
U3 a3yq6pqn; C:\Windows\System32\Drivers\a3yq6pqn.sys [0 ] (Intel Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-12 12:32 - 2013-11-12 12:32 - 00000000 ____D C:\FRST
2013-11-12 12:31 - 2013-11-12 12:31 - 01090275 _____ (Farbar) C:\Users\mehdi\Desktop\FRST.exe
2013-11-11 18:11 - 2013-11-11 18:11 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-11 18:11 - 2013-11-11 18:11 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-11 17:45 - 2013-11-12 06:40 - 00196608 _____ C:\Windows\SPInstall.etl
2013-11-11 17:29 - 2013-11-11 17:33 - 365230920 _____ (Microsoft Corporation) C:\Users\mehdi\Desktop\Windows6.0-KB948465-X86.exe
2013-11-11 17:06 - 2013-11-11 17:06 - 00000326 _____ C:\Windows\PFRO.log
2013-11-11 17:01 - 2013-11-11 17:01 - 00000000 ____D C:\Program Files\Panda USB Vaccine
2013-11-11 16:58 - 2013-11-11 16:58 - 00000000 _____ C:\Windows\setuperr.log
2013-11-11 16:58 - 2013-11-11 16:58 - 00000000 _____ C:\Windows\setupact.log
2013-11-11 15:36 - 2013-11-11 16:23 - 00000000 ____D C:\Users\mehdi\Desktop\Neuer Ordner
2013-11-10 14:14 - 2013-11-10 14:14 - 00000000 ____D C:\ProgramData\Licenses
2013-11-10 14:13 - 2013-11-10 14:19 - 00000000 ____D C:\Program Files\SpywareBlaster
2013-11-10 14:03 - 2013-11-10 14:04 - 00000000 ____D C:\Users\mehdi\AppData\Roaming\WinPatrol
2013-11-10 13:56 - 2013-11-10 14:04 - 00000000 ____D C:\ProgramData\InstallMate
2013-11-10 13:56 - 2013-11-10 13:56 - 00000000 ____D C:\Program Files\BillP Studios
2013-11-10 13:36 - 2013-11-10 13:36 - 00000000 ____D C:\Users\mehdi\AppData\Local\Secunia PSI
2013-11-10 13:35 - 2013-11-10 13:35 - 00000000 ____D C:\Program Files\Secunia
2013-11-10 11:45 - 2013-11-10 11:45 - 00001971 _____ C:\Users\mehdi\DelFix.txt
2013-11-10 11:39 - 2013-11-10 11:39 - 00000000 ___SD C:\uninstall
2013-11-08 11:01 - 2013-11-10 11:42 - 00000000 ____D C:\Windows\ERUNT
2013-11-06 17:46 - 2013-11-10 11:39 - 00000000 ____D C:\Windows\erdnt
2013-11-05 13:46 - 2013-11-05 18:42 - 00000000 ____D C:\Users\mehdi\Documents\My Digital Editions
2013-11-05 13:46 - 2013-11-05 13:46 - 00000000 ____D C:\Users\mehdi\AppData\Local\Adobe_Systems_Incorporate
2013-11-03 17:44 - 2013-11-03 17:44 - 02793472 _____ C:\Users\mehdi\Rezept.wps
2013-11-01 11:54 - 2013-11-01 17:53 - 104569497 _____ C:\Windows\system32\久㈣᭄”
2013-10-31 17:10 - 2013-10-31 17:10 - 104348737 _____ C:\Windows\system32\촀仙᭄ˆ
2013-10-29 18:59 - 2013-10-30 11:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-28 18:52 - 2013-10-28 18:52 - 103746026 _____ C:\Windows\system32\访᭄—
2013-10-22 13:33 - 2013-10-23 11:42 - 00000000 ____D C:\Users\mehdi\AppData\Roaming\iPumper
2013-10-20 13:15 - 2013-11-12 10:14 - 00951840 _____ C:\Windows\WindowsUpdate.log
2013-10-16 17:36 - 2013-10-16 17:39 - 00019968 _____ C:\Users\mehdi\Brownies von Anita.wps

==================== One Month Modified Files and Folders =======

2013-11-12 12:32 - 2013-11-12 12:32 - 00000000 ____D C:\FRST
2013-11-12 12:31 - 2013-11-12 12:31 - 01090275 _____ (Farbar) C:\Users\mehdi\Desktop\FRST.exe
2013-11-12 12:28 - 2012-08-24 12:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-12 12:02 - 2006-11-02 13:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-12 12:02 - 2006-11-02 13:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-12 11:17 - 2009-03-21 15:09 - 00000000 ____D C:\Program Files\RocketDock
2013-11-12 10:28 - 2011-06-21 13:45 - 00048175 _____ C:\ProgramData\nvModes.dat
2013-11-12 10:28 - 2011-06-21 13:45 - 00048175 _____ C:\ProgramData\nvModes.001
2013-11-12 10:20 - 2008-05-02 11:08 - 00036948 _____ C:\Users\mehdi\AppData\Roaming\wklnhst.dat
2013-11-12 10:17 - 2006-11-02 11:33 - 01595424 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-12 10:14 - 2013-10-20 13:15 - 00951840 _____ C:\Windows\WindowsUpdate.log
2013-11-12 10:02 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-12 06:40 - 2013-11-11 17:45 - 00196608 _____ C:\Windows\SPInstall.etl
2013-11-12 06:40 - 2008-04-29 20:21 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-11-12 06:40 - 2006-11-02 14:01 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-11 19:42 - 2009-11-28 12:53 - 00000418 ____H C:\Windows\Tasks\User_Feed_Synchronization-{64E4BCF0-1ED8-41F7-936E-5E4A343D1B07}.job
2013-11-11 18:11 - 2013-11-11 18:11 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-11 18:11 - 2013-11-11 18:11 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-11 17:33 - 2013-11-11 17:29 - 365230920 _____ (Microsoft Corporation) C:\Users\mehdi\Desktop\Windows6.0-KB948465-X86.exe
2013-11-11 17:06 - 2013-11-11 17:06 - 00000326 _____ C:\Windows\PFRO.log
2013-11-11 17:01 - 2013-11-11 17:01 - 00000000 ____D C:\Program Files\Panda USB Vaccine
2013-11-11 16:58 - 2013-11-11 16:58 - 00000000 _____ C:\Windows\setuperr.log
2013-11-11 16:58 - 2013-11-11 16:58 - 00000000 _____ C:\Windows\setupact.log
2013-11-11 16:23 - 2013-11-11 15:36 - 00000000 ____D C:\Users\mehdi\Desktop\Neuer Ordner
2013-11-10 15:00 - 2008-05-02 08:38 - 00000000 ____D C:\Users\mehdi
2013-11-10 14:19 - 2013-11-10 14:13 - 00000000 ____D C:\Program Files\SpywareBlaster
2013-11-10 14:14 - 2013-11-10 14:14 - 00000000 ____D C:\ProgramData\Licenses
2013-11-10 14:04 - 2013-11-10 14:03 - 00000000 ____D C:\Users\mehdi\AppData\Roaming\WinPatrol
2013-11-10 14:04 - 2013-11-10 13:56 - 00000000 ____D C:\ProgramData\InstallMate
2013-11-10 13:56 - 2013-11-10 13:56 - 00000000 ____D C:\Program Files\BillP Studios
2013-11-10 13:36 - 2013-11-10 13:36 - 00000000 ____D C:\Users\mehdi\AppData\Local\Secunia PSI
2013-11-10 13:35 - 2013-11-10 13:35 - 00000000 ____D C:\Program Files\Secunia
2013-11-10 11:45 - 2013-11-10 11:45 - 00001971 _____ C:\Users\mehdi\DelFix.txt
2013-11-10 11:42 - 2013-11-08 11:01 - 00000000 ____D C:\Windows\ERUNT
2013-11-10 11:39 - 2013-11-10 11:39 - 00000000 ___SD C:\uninstall
2013-11-10 11:39 - 2013-11-06 17:46 - 00000000 ____D C:\Windows\erdnt
2013-11-08 10:56 - 2008-06-22 16:02 - 00000977 _____ C:\Users\mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-08 10:52 - 2009-04-26 13:03 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-11-07 13:16 - 2009-11-05 14:14 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-06 19:53 - 2011-07-15 19:37 - 00000000 ____D C:\Users\mehdi\AppData\Local\Apps\2.0
2013-11-06 19:52 - 2006-11-02 12:18 - 00000000 __RHD C:\Users\Default
2013-11-06 19:52 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Public
2013-11-06 18:07 - 2006-11-02 11:23 - 00000215 _____ C:\Windows\system.ini
2013-11-06 18:05 - 2012-05-06 11:14 - 00000306 __RSH C:\ProgramData\ntuser.pol
2013-11-06 17:58 - 2011-05-22 11:21 - 00000000 ____D C:\Install
2013-11-06 13:29 - 2012-08-24 12:10 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-11-06 13:29 - 2011-09-29 13:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-11-05 19:21 - 2008-04-29 20:41 - 00000000 ____D C:\Program Files\Google
2013-11-05 18:52 - 2008-06-08 13:25 - 00000000 ____D C:\Windows\Minidump
2013-11-05 18:46 - 2008-05-02 08:39 - 00000000 ____D C:\Users\mehdi\AppData\Local\Google
2013-11-05 18:42 - 2013-11-05 13:46 - 00000000 ____D C:\Users\mehdi\Documents\My Digital Editions
2013-11-05 16:54 - 2012-01-27 13:26 - 00000000 ____D C:\Users\mehdi\Documents\Zeitschriften und Bücher
2013-11-05 16:43 - 2008-05-02 14:52 - 00208896 _____ C:\Users\mehdi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-05 13:53 - 2013-06-17 11:31 - 00018432 _____ C:\Users\mehdi\Foren.wps
2013-11-05 13:46 - 2013-11-05 13:46 - 00000000 ____D C:\Users\mehdi\AppData\Local\Adobe_Systems_Incorporate
2013-11-05 13:46 - 2013-02-01 15:44 - 00000000 ____D C:\Program Files\Adobe
2013-11-03 17:44 - 2013-11-03 17:44 - 02793472 _____ C:\Users\mehdi\Rezept.wps
2013-11-02 18:56 - 2009-02-12 18:27 - 00000000 ____D C:\Users\mehdi\AppData\Roaming\vlc
2013-11-02 10:25 - 2008-05-02 11:09 - 00000000 ____D C:\Users\mehdi\Documents\Schriftverkehr
2013-11-01 17:53 - 2013-11-01 11:54 - 104569497 _____ C:\Windows\system32\久㈣᭄”
2013-10-31 17:10 - 2013-10-31 17:10 - 104348737 _____ C:\Windows\system32\촀仙᭄ˆ
2013-10-31 11:30 - 2012-05-05 10:46 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-30 11:59 - 2013-10-29 18:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-28 18:52 - 2013-10-28 18:52 - 103746026 _____ C:\Windows\system32\访᭄—
2013-10-26 10:27 - 2008-05-07 20:26 - 00008484 _____ C:\Users\mehdi\AppData\Local\d3d9caps.dat
2013-10-25 15:45 - 2012-12-29 18:40 - 00018944 _____ C:\Users\mehdi\Gebrannte DVDs.wps
2013-10-23 11:42 - 2013-10-22 13:33 - 00000000 ____D C:\Users\mehdi\AppData\Roaming\iPumper
2013-10-18 17:22 - 2010-08-28 10:56 - 00000000 ____D C:\Users\mehdi\Documents\Küche
2013-10-16 17:39 - 2013-10-16 17:36 - 00019968 _____ C:\Users\mehdi\Brownies von Anita.wps
2013-10-13 17:04 - 2013-10-08 10:15 - 100742045 _____ C:\Windows\system32\斵᭄§
2013-10-13 13:33 - 2009-09-29 16:44 - 00000000 ____D C:\Users\mehdi\Documents\Allgemeines

Files to move or delete:
====================
C:\Users\mehdi\AppData\Roaming\desktop.ini


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-12 10:11

==================== End Of Log ============================
--- --- ---



Code:
  Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-11-2013 01
Ran by mehdi at 2013-11-12 12:33:18
Running from C:\Users\mehdi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

32 Bit HP CIO Components Installer (Version: 1.0.0)
7-Zip 9.20
Adobe Digital Editions 2.0 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader X (10.1.8) - Deutsch (Version: 10.1.8)
Advanced Audio FX Engine
Advanced Video FX Engine
AIO_Scan (Version: 90.0.189.000)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Ashampoo Burning Studio 2010 (Version: 9.21)
Bonjour (Version: 3.0.0.10)
Broadcom Management Programs (Version: 10.15.03)
Browser Address Error Redirector (Version: 1.00.0000)
BufferChm (Version: 90.0.146.000)
C4380 (Version: 90.0.189.000)
C4380_doccd (Version: 90.0.189.000)
C4380_Help (Version: 90.0.189.000)
CCleaner (Version: 2.33)
Conexant HDA D330 MDC V.92 Modem
Copy (Version: 90.0.146.000)
CustomerResearchQFolder (Version: 1.00.0000)
DAEMON Tools Lite (Version: 4.46.1.0327)
Dell Driver Download Manager (HKCU Version: 2.1.0.0)
Dell Handbuch zum Einstieg (Version: 1.00.0000)
Dell Support Center (Version: 2.1.08060)
Dell Touchpad (Version: 7.1.102.7)
Dell Webcam Center
Dell Webcam Manager
Destination Component (Version: 090.000.091.086)
DeviceDiscovery (Version: 90.0.146.000)
DeviceManagementQFolder (Version: 1.00.0000)
Die ersten 10 Jahre (Version: 1.00.0000)
Digital Line Detect (Version: 1.21)
DocProc (Version: 9.0.0.0)
DocProcQFolder (Version: 1.00.0000)
DVD-Cover 1.5
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 90.0.146.000)
FotoSketcher 2.00
Free Audio Converter version 5.0.26.622 (Version: 5.0.26.622)
Free Studio version 4.8
Google Earth (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.165)
HD Tune 2.55
HP Customer Participation Program 9.0 (Version: 9.0)
HP Imaging Device Functions 9.0 (Version: 9.0)
HP OCR Software 9.0 (Version: 9.0)
HP Photosmart All-In-One Software 9.0 (Version: 9.0)
HP Photosmart Essential 2.01 (Version: 2.01)
HP Photosmart Essential2.01 (Version: 1.01.0000)
HP Smart Web Printing (Version: 2.15.7.0)
HP Solution Center 9.0 (Version: 9.0)
HP Update (Version: 4.000.006.002)
HPProductAssistant (Version: 90.0.146.000)
HPSSupply (Version: 2.2.0.0000)
ImagXpress (Version: 7.0.74.0)
Intel(R) PROSet/Wireless Software (Version: 11.01.0000)
IrfanView (remove only)
iTunes (Version: 11.1.1.11)
Java 7 Update 11 (Version: 7.0.110)
Java Auto Updater (Version: 2.1.9.0)
Java(TM) 6 Update 24 (Version: 6.0.240)
Java(TM) SE Runtime Environment 6 (Version: 1.6.0.0)
Laptop Integrated Webcam Driver (1.04.01.1011) 
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 90.0.146.000)
mCore (Version: 9.24.0000)
mHelp (Version: 9.24.0000)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Office Excel Viewer (Version: 12.0.6219.1000)
Microsoft Office Small Business Edition 2003 (Version: 11.0.5614.0)
Microsoft PowerPoint Viewer (Version: 14.0.4763.1000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
mMHouse (Version: 9.24.0000)
Modem-Diagnose-Tool (Version: 1.0.20.0)
Mozilla Firefox 17.0.10 (x86 de) (Version: 17.0.10)
Mozilla Maintenance Service (Version: 17.0.10)
mPfMgr (Version: 9.24.0000)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
mWMI (Version: 9.24.0000)
neroxml (Version: 1.0.0)
NetWaiting (Version: 2.5.44)
NetWorx 5.2.7
NVIDIA Drivers (Version: 1.3)
OpenAL
Panda USB Vaccine 1.0.1.4
PanoStandAlone (Version: 90.0.146.000)
PHOTOfunSTUDIO 5.1 HD Edition (Version: 5.01.127)
Picasa 3 (Version: 3.9)
PS_AIO_02_ProductContext (Version: 90.0.189.000)
PS_AIO_02_Software (Version: 90.0.189.000)
PS_AIO_02_Software_min (Version: 90.0.189.000)
PSSWCORE (Version: 2.01.0000)
QuickSet (Version: 8.0.11)
QuickTime (Version: 7.74.80.86)
RealDownloader (Version: 1.3.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
RealUpgrade 1.1 (Version: 1.1.0)
Scan (Version: 9.0.0.0)
Skype™ 4.1 (Version: 4.1.179)
SolutionCenter (Version: 90.0.146.000)
SpywareBlaster 5.0 (Version: 5.0.0)
Status (Version: 90.0.146.000)
Systemsteuerung "MobileMe" (Version: 2.1.0.24)
Toolbox (Version: 90.0.146.000)
TrayApp (Version: 90.0.146.000)
TxtEdit (Version: TxtEdit 4.5.2.0)
Uninstall 1.0.0.1
UnloadSupport (Version: 9.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
VideoToolkit01 (Version: 90.0.146.000)
VLC media player 2.0.0 (Version: 2.0.0)
WebReg (Version: 90.0.146.000)
WIDCOMM Bluetooth Software 6.0.1.3100 (Version: 6.0.1.3100)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinPatrol (Version: 29.0.2013)
XMedia Recode 2.3.2.9 (Version: 2.3.2.9)

==================== Restore Points  =========================

11-11-2013 16:26:55 Windows Update

==================== Scheduled Tasks (whitelisted) =============

Task: {1650DE5D-4151-4C81-8F05-7CAAC3290EA0} - System32\Tasks\Escolade => C:\Users\mehdi\AppData\Roaming\iPumper\Updater.exe
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {22098C17-98E2-47A4-A396-466A278FE7A9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-06] (Adobe Systems Incorporated)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {42D2424C-988C-4BBF-8597-FF67A1358D45} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {5274C749-6891-470D-A314-0D1C762D1884} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1649996617-3486868627-2645123033-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {58DB235B-0623-4897-A10E-1209D93DB6ED} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1649996617-3486868627-2645123033-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {873C341C-A611-472D-9601-591136CB209B} - System32\Tasks\Flash Player Helper 9 => C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
Task: {8E128933-95B9-4D01-AF5B-1CB400B3EDBF} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1649996617-3486868627-2645123033-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {A8212E06-FBC0-453F-8AAE-ED114BAB5DF2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => C:\Program Files\Windows Defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {B20B937A-0606-4B45-A420-705783894E90} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [2007-03-11] (Hewlett-Packard Co.)
Task: {B7FDEDAA-0864-437E-92BD-CE1DC74E5730} - System32\Tasks\Dell Support Center => C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2008-03-11] ( )
Task: {D583B7FE-B1A3-43B9-B922-24534EA3D49E} - System32\Tasks\PandaUSBVaccine => C:\Program Files\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {E0D465AA-1632-4EEB-8E3E-D9C4A2A51CF5} - System32\Tasks\Java Update Scheduler => C:\Program Files\Java\jre6\bin\jusched.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {EFA9416C-ED75-46D8-B0D5-D10B6702E9D1} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1649996617-3486868627-2645123033-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {F0A6DCF0-A6EF-412D-B337-7BC9127D8E56} - System32\Tasks\Real Networks Scheduler => C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Task: {F7835811-B636-45B4-B4FB-8E8B3096F4AA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{64E4BCF0-1ED8-41F7-936E-5E4A343D1B07}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2013-05-10 16:49 - 2011-09-17 10:48 - 00480256 _____ () C:\Program Files\NetWorx\sqlite.dll
2013-11-10 13:56 - 2013-07-15 18:29 - 00620718 ____N () C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
2013-10-29 18:59 - 2013-10-30 11:59 - 02402928 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\mehdi:zylomtest
AlternateDataStreams: C:\Users\mehdi:zylomtr{000HQ7FF-AD7A-3FG6-3908-27H0TJJBSVTT}
AlternateDataStreams: C:\ProgramData\TEMP:012BC84F
AlternateDataStreams: C:\ProgramData\TEMP:036AA5DD
AlternateDataStreams: C:\ProgramData\TEMP:0487F955
AlternateDataStreams: C:\ProgramData\TEMP:114C90CA
AlternateDataStreams: C:\ProgramData\TEMP:12D2EB9C
AlternateDataStreams: C:\ProgramData\TEMP:13019F4B
AlternateDataStreams: C:\ProgramData\TEMP:17EB5BAE
AlternateDataStreams: C:\ProgramData\TEMP:183A9046
AlternateDataStreams: C:\ProgramData\TEMP:1B389835
AlternateDataStreams: C:\ProgramData\TEMP:1D6B18F1
AlternateDataStreams: C:\ProgramData\TEMP:26499772
AlternateDataStreams: C:\ProgramData\TEMP:2652902F
AlternateDataStreams: C:\ProgramData\TEMP:2AF322BF
AlternateDataStreams: C:\ProgramData\TEMP:2B9555D8
AlternateDataStreams: C:\ProgramData\TEMP:2C86E2AD
AlternateDataStreams: C:\ProgramData\TEMP:3DB6F365
AlternateDataStreams: C:\ProgramData\TEMP:4673E9EA
AlternateDataStreams: C:\ProgramData\TEMP:474022C7
AlternateDataStreams: C:\ProgramData\TEMP:4C3D5A8B
AlternateDataStreams: C:\ProgramData\TEMP:4EC7F009
AlternateDataStreams: C:\ProgramData\TEMP:53DF59D1
AlternateDataStreams: C:\ProgramData\TEMP:54380FEC
AlternateDataStreams: C:\ProgramData\TEMP:57B2B96C
AlternateDataStreams: C:\ProgramData\TEMP:587F3582
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:5D351BC6
AlternateDataStreams: C:\ProgramData\TEMP:6A0A47E7
AlternateDataStreams: C:\ProgramData\TEMP:6C75AF4C
AlternateDataStreams: C:\ProgramData\TEMP:6E2D80C8
AlternateDataStreams: C:\ProgramData\TEMP:8029E75F
AlternateDataStreams: C:\ProgramData\TEMP:87A3A233
AlternateDataStreams: C:\ProgramData\TEMP:9398DBB4
AlternateDataStreams: C:\ProgramData\TEMP:943971F5
AlternateDataStreams: C:\ProgramData\TEMP:9C3AAD57
AlternateDataStreams: C:\ProgramData\TEMP:A31B5E9B
AlternateDataStreams: C:\ProgramData\TEMP:A42FABF7
AlternateDataStreams: C:\ProgramData\TEMP:A5CD91DF
AlternateDataStreams: C:\ProgramData\TEMP:A6E01F67
AlternateDataStreams: C:\ProgramData\TEMP:B3C7433B
AlternateDataStreams: C:\ProgramData\TEMP:B6E6C4EA
AlternateDataStreams: C:\ProgramData\TEMP:BB8B6B1E
AlternateDataStreams: C:\ProgramData\TEMP:BEACE4C8
AlternateDataStreams: C:\ProgramData\TEMP:BF6C81B2
AlternateDataStreams: C:\ProgramData\TEMP:BFE54417
AlternateDataStreams: C:\ProgramData\TEMP:C2F24DB5
AlternateDataStreams: C:\ProgramData\TEMP:C78DADEA
AlternateDataStreams: C:\ProgramData\TEMP:D4558A0B
AlternateDataStreams: C:\ProgramData\TEMP:E0888117
AlternateDataStreams: C:\ProgramData\TEMP:E40D7F76
AlternateDataStreams: C:\ProgramData\TEMP:E5B07840
AlternateDataStreams: C:\ProgramData\TEMP:ECF3C50F
AlternateDataStreams: C:\ProgramData\TEMP:ED0B32CA
AlternateDataStreams: C:\ProgramData\TEMP:EE198B1F
AlternateDataStreams: C:\ProgramData\TEMP:EEB25EAE
AlternateDataStreams: C:\ProgramData\TEMP:EF0C5444
AlternateDataStreams: C:\ProgramData\TEMP:F5D01D7C
AlternateDataStreams: C:\ProgramData\TEMP:F89F2593
AlternateDataStreams: C:\ProgramData\TEMP:FB4262DE

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: Microsoft-ISATAP-Adapter #4
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (11/12/2013 10:07:28 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/12/2013 10:03:15 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/12/2013 10:03:15 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/11/2013 06:15:28 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (11/11/2013 06:15:28 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (11/11/2013 04:17:29 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung WksWP.exe, Version 9.7.613.0, Zeitstempel 0x466fad27, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x00000000,
Prozess-ID 0xdb4, Anwendungsstartzeit WksWP.exe0.

Error: (11/10/2013 02:58:56 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/10/2013 02:58:56 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/10/2013 02:56:59 PM) (Source: Application Hang) (User: )
Description: Programm TFC.exe, Version 3.1.9.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: b20
Anfangszeit: 01cede1ca13253ad
Zeitpunkt der Beendigung: 16

Error: (11/10/2013 02:48:52 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung PSIA.exe, Version 3.0.0.8013, Zeitstempel 0x525b8f0c, fehlerhaftes Modul ntdll.dll, Version 6.0.6001.18538, Zeitstempel 0x4cb733dc, Ausnahmecode 0xc0000005, Fehleroffset 0x00067f8c,
Prozess-ID 0xae8, Anwendungsstartzeit PSIA.exe0.


System errors:
=============
Error: (11/12/2013 10:28:49 AM) (Source: netbt) (User: )
Description: Der Name "D9XTDN3J      :20" konnte nicht auf der Schnittstelle mit IP-Adresse 0.0.0.0
registriert werden. Der Computer mit IP-Adresse 192.168.2.102 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (11/12/2013 10:28:49 AM) (Source: Server) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{61475F17-884E-4750-9D16-BFDAD7B3DD99} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (11/12/2013 10:15:04 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %D9XTDN3J60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 0.0.0.0

        Aktualisierungsquelle: %D9XTDN3J51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %D9XTDN3J602

        Aktualisierungstyp: %D9XTDN3J604

        Benutzer: D9XTDN3J\mehdi

        Aktuelle Modulversion: %D9XTDN3J605

        Vorherige Modulversion: %D9XTDN3J606

        Fehlercode: %D9XTDN3J607

        Fehlerbeschreibung: %D9XTDN3J608

Error: (11/12/2013 10:15:02 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren des Moduls wurde von %D9XTDN3J60 ein Fehler festgestellt.

        Neue Modulversion:

        Vorherige Modulversion:

        Modultyp: %D9XTDN3J604

        Benutzer: D9XTDN3J\mehdi

        Fehlercode: %D9XTDN3J601

        Fehlerbeschreibung: %D9XTDN3J602

Error: (11/12/2013 10:15:02 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %D9XTDN3J60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion:

        Aktualisierungsquelle: %D9XTDN3J15

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %D9XTDN3J602

        Aktualisierungstyp: %D9XTDN3J604

        Benutzer: D9XTDN3J\mehdi

        Aktuelle Modulversion: %D9XTDN3J605

        Vorherige Modulversion: %D9XTDN3J606

        Fehlercode: %D9XTDN3J607

        Fehlerbeschreibung: %D9XTDN3J608

Error: (11/12/2013 10:09:16 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %D9XTDN3J60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 0.0.0.0

        Aktualisierungsquelle: %D9XTDN3J51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %D9XTDN3J602

        Aktualisierungstyp: %D9XTDN3J604

        Benutzer: D9XTDN3J\mehdi

        Aktuelle Modulversion: %D9XTDN3J605

        Vorherige Modulversion: %D9XTDN3J606

        Fehlercode: %D9XTDN3J607

        Fehlerbeschreibung: %D9XTDN3J608

Error: (11/12/2013 10:09:14 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren des Moduls wurde von %D9XTDN3J60 ein Fehler festgestellt.

        Neue Modulversion:

        Vorherige Modulversion:

        Modultyp: %D9XTDN3J604

        Benutzer: D9XTDN3J\mehdi

        Fehlercode: %D9XTDN3J601

        Fehlerbeschreibung: %D9XTDN3J602

Error: (11/12/2013 10:09:14 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %D9XTDN3J60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion:

        Aktualisierungsquelle: %D9XTDN3J15

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %D9XTDN3J602

        Aktualisierungstyp: %D9XTDN3J604

        Benutzer: D9XTDN3J\mehdi

        Aktuelle Modulversion: %D9XTDN3J605

        Vorherige Modulversion: %D9XTDN3J606

        Fehlercode: %D9XTDN3J607

        Fehlerbeschreibung: %D9XTDN3J608

Error: (11/12/2013 10:06:01 AM) (Source: Service Control Manager) (User: )
Description: Google Update Service (gupdate1c9f579372d2820)%%3

Error: (11/12/2013 10:04:00 AM) (Source: Service Control Manager) (User: )
Description: Diagnosesystemhost


Microsoft Office Sessions:
=========================
Error: (11/12/2013 10:07:28 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (11/12/2013 10:03:15 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (11/12/2013 10:03:15 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (11/11/2013 06:15:28 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (11/11/2013 06:15:28 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (11/11/2013 04:17:29 PM) (Source: Application Error)(User: )
Description: WksWP.exe9.7.613.0466fad27unknown0.0.0.000000000c000000500000000db401cedeec81cc7df4

Error: (11/10/2013 02:58:56 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (11/10/2013 02:58:56 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (11/10/2013 02:56:59 PM) (Source: Application Hang)(User: )
Description: TFC.exe3.1.9.0b2001cede1ca13253ad16

Error: (11/10/2013 02:48:52 PM) (Source: Application Error)(User: )
Description: PSIA.exe3.0.0.8013525b8f0cntdll.dll6.0.6001.185384cb733dcc000000500067f8cae801cede1a59e540ed


CodeIntegrity Errors:
===================================
  Date: 2013-11-12 12:32:59.602
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-12 12:32:59.462
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-12 12:32:59.306
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-12 12:32:59.150
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-12 12:32:58.978
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-12 12:32:58.822
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-12 12:32:58.682
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-12 12:32:58.526
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-12 12:28:32.666
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-12 12:28:32.510
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 46%
Total physical RAM: 3581.12 MB
Available physical RAM: 1917.11 MB
Total Pagefile: 7351.98 MB
Available Pagefile: 5856.4 MB
Total Virtual: 2047.88 MB
Available Virtual: 1910.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:285.47 GB) (Free:128.76 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (2. Laufwerk) (Fixed) (Total:10 GB) (Free:5.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 38000000)
Partition 1: (Not Active) - (Size=118 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=285 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3 GB) - (Type=OF Extended)

==================== End Of Log ============================
Hhm, langsam bin ich doch etwas beunruhigt. Mein Rocketdock funktioniert nicht mehr. Habe ich erst einmal deinstalliert und warte mit Neuinstallation bis alles (hoffentlich) i.O.

Danke nochmal und LG

Martina

schrauber 13.11.2013 08:23
Zitat:
Mein Rocketdock funktioniert nicht mehr
Wad fürn Ding? :)

Also ich sehe nur noch inaktive kleine Reste. Was genau hat kaspersky wo gefunden?

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll [223232] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Hosts: Hosts file not detected in the default directory
FF NetworkProxy: "backup.ftp", ""
FF NetworkProxy: "backup.ftp_port", 0
FF NetworkProxy: "backup.socks", ""
FF NetworkProxy: "backup.socks_port", 0
FF NetworkProxy: "backup.ssl", ""
FF NetworkProxy: "backup.ssl_port", 0
FF NetworkProxy: "ftp", "171.66.247.151"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "171.66.247.151"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "171.66.247.151"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "171.66.247.151"
FF NetworkProxy: "ssl_port", 80
C:\Users\mehdi\AppData\Roaming\desktop.ini
AlternateDataStreams: C:\Users\mehdi:zylomtest
AlternateDataStreams: C:\Users\mehdi:zylomtr{000HQ7FF-AD7A-3FG6-3908-27H0TJJBSVTT}
AlternateDataStreams: C:\ProgramData\TEMP:012BC84F
AlternateDataStreams: C:\ProgramData\TEMP:036AA5DD
AlternateDataStreams: C:\ProgramData\TEMP:0487F955
AlternateDataStreams: C:\ProgramData\TEMP:114C90CA
AlternateDataStreams: C:\ProgramData\TEMP:12D2EB9C
AlternateDataStreams: C:\ProgramData\TEMP:13019F4B
AlternateDataStreams: C:\ProgramData\TEMP:17EB5BAE
AlternateDataStreams: C:\ProgramData\TEMP:183A9046
AlternateDataStreams: C:\ProgramData\TEMP:1B389835
AlternateDataStreams: C:\ProgramData\TEMP:1D6B18F1
AlternateDataStreams: C:\ProgramData\TEMP:26499772
AlternateDataStreams: C:\ProgramData\TEMP:2652902F
AlternateDataStreams: C:\ProgramData\TEMP:2AF322BF
AlternateDataStreams: C:\ProgramData\TEMP:2B9555D8
AlternateDataStreams: C:\ProgramData\TEMP:2C86E2AD
AlternateDataStreams: C:\ProgramData\TEMP:3DB6F365
AlternateDataStreams: C:\ProgramData\TEMP:4673E9EA
AlternateDataStreams: C:\ProgramData\TEMP:474022C7
AlternateDataStreams: C:\ProgramData\TEMP:4C3D5A8B
AlternateDataStreams: C:\ProgramData\TEMP:4EC7F009
AlternateDataStreams: C:\ProgramData\TEMP:53DF59D1
AlternateDataStreams: C:\ProgramData\TEMP:54380FEC
AlternateDataStreams: C:\ProgramData\TEMP:57B2B96C
AlternateDataStreams: C:\ProgramData\TEMP:587F3582
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:5D351BC6
AlternateDataStreams: C:\ProgramData\TEMP:6A0A47E7
AlternateDataStreams: C:\ProgramData\TEMP:6C75AF4C
AlternateDataStreams: C:\ProgramData\TEMP:6E2D80C8
AlternateDataStreams: C:\ProgramData\TEMP:8029E75F
AlternateDataStreams: C:\ProgramData\TEMP:87A3A233
AlternateDataStreams: C:\ProgramData\TEMP:9398DBB4
AlternateDataStreams: C:\ProgramData\TEMP:943971F5
AlternateDataStreams: C:\ProgramData\TEMP:9C3AAD57
AlternateDataStreams: C:\ProgramData\TEMP:A31B5E9B
AlternateDataStreams: C:\ProgramData\TEMP:A42FABF7
AlternateDataStreams: C:\ProgramData\TEMP:A5CD91DF
AlternateDataStreams: C:\ProgramData\TEMP:A6E01F67
AlternateDataStreams: C:\ProgramData\TEMP:B3C7433B
AlternateDataStreams: C:\ProgramData\TEMP:B6E6C4EA
AlternateDataStreams: C:\ProgramData\TEMP:BB8B6B1E
AlternateDataStreams: C:\ProgramData\TEMP:BEACE4C8
AlternateDataStreams: C:\ProgramData\TEMP:BF6C81B2
AlternateDataStreams: C:\ProgramData\TEMP:BFE54417
AlternateDataStreams: C:\ProgramData\TEMP:C2F24DB5
AlternateDataStreams: C:\ProgramData\TEMP:C78DADEA
AlternateDataStreams: C:\ProgramData\TEMP:D4558A0B
AlternateDataStreams: C:\ProgramData\TEMP:E0888117
AlternateDataStreams: C:\ProgramData\TEMP:E40D7F76
AlternateDataStreams: C:\ProgramData\TEMP:E5B07840
AlternateDataStreams: C:\ProgramData\TEMP:ECF3C50F
AlternateDataStreams: C:\ProgramData\TEMP:ED0B32CA
AlternateDataStreams: C:\ProgramData\TEMP:EE198B1F
AlternateDataStreams: C:\ProgramData\TEMP:EEB25EAE
AlternateDataStreams: C:\ProgramData\TEMP:EF0C5444
AlternateDataStreams: C:\ProgramData\TEMP:F5D01D7C
AlternateDataStreams: C:\ProgramData\TEMP:F89F2593
AlternateDataStreams: C:\ProgramData\TEMP:FB4262DE

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Gast77 13.11.2013 12:17
Hallo,

hier der logtext:

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-11-2013
Ran by mehdi at 2013-11-13 12:06:02 Run:1
Running from C:\Users\mehdi\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll [223232] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Hosts: Hosts file not detected in the default directory
FF NetworkProxy: "backup.ftp", ""
FF NetworkProxy: "backup.ftp_port", 0
FF NetworkProxy: "backup.socks", ""
FF NetworkProxy: "backup.socks_port", 0
FF NetworkProxy: "backup.ssl", ""
FF NetworkProxy: "backup.ssl_port", 0
FF NetworkProxy: "ftp", "171.66.247.151"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "171.66.247.151"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "171.66.247.151"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "171.66.247.151"
FF NetworkProxy: "ssl_port", 80
C:\Users\mehdi\AppData\Roaming\desktop.ini
AlternateDataStreams: C:\Users\mehdi:zylomtest
AlternateDataStreams: C:\Users\mehdi:zylomtr{000HQ7FF-AD7A-3FG6-3908-27H0TJJBSVTT}
AlternateDataStreams: C:\ProgramData\TEMP:012BC84F
AlternateDataStreams: C:\ProgramData\TEMP:036AA5DD
AlternateDataStreams: C:\ProgramData\TEMP:0487F955
AlternateDataStreams: C:\ProgramData\TEMP:114C90CA
AlternateDataStreams: C:\ProgramData\TEMP:12D2EB9C
AlternateDataStreams: C:\ProgramData\TEMP:13019F4B
AlternateDataStreams: C:\ProgramData\TEMP:17EB5BAE
AlternateDataStreams: C:\ProgramData\TEMP:183A9046
AlternateDataStreams: C:\ProgramData\TEMP:1B389835
AlternateDataStreams: C:\ProgramData\TEMP:1D6B18F1
AlternateDataStreams: C:\ProgramData\TEMP:26499772
AlternateDataStreams: C:\ProgramData\TEMP:2652902F
AlternateDataStreams: C:\ProgramData\TEMP:2AF322BF
AlternateDataStreams: C:\ProgramData\TEMP:2B9555D8
AlternateDataStreams: C:\ProgramData\TEMP:2C86E2AD
AlternateDataStreams: C:\ProgramData\TEMP:3DB6F365
AlternateDataStreams: C:\ProgramData\TEMP:4673E9EA
AlternateDataStreams: C:\ProgramData\TEMP:474022C7
AlternateDataStreams: C:\ProgramData\TEMP:4C3D5A8B
AlternateDataStreams: C:\ProgramData\TEMP:4EC7F009
AlternateDataStreams: C:\ProgramData\TEMP:53DF59D1
AlternateDataStreams: C:\ProgramData\TEMP:54380FEC
AlternateDataStreams: C:\ProgramData\TEMP:57B2B96C
AlternateDataStreams: C:\ProgramData\TEMP:587F3582
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:5D351BC6
AlternateDataStreams: C:\ProgramData\TEMP:6A0A47E7
AlternateDataStreams: C:\ProgramData\TEMP:6C75AF4C
AlternateDataStreams: C:\ProgramData\TEMP:6E2D80C8
AlternateDataStreams: C:\ProgramData\TEMP:8029E75F
AlternateDataStreams: C:\ProgramData\TEMP:87A3A233
AlternateDataStreams: C:\ProgramData\TEMP:9398DBB4
AlternateDataStreams: C:\ProgramData\TEMP:943971F5
AlternateDataStreams: C:\ProgramData\TEMP:9C3AAD57
AlternateDataStreams: C:\ProgramData\TEMP:A31B5E9B
AlternateDataStreams: C:\ProgramData\TEMP:A42FABF7
AlternateDataStreams: C:\ProgramData\TEMP:A5CD91DF
AlternateDataStreams: C:\ProgramData\TEMP:A6E01F67
AlternateDataStreams: C:\ProgramData\TEMP:B3C7433B
AlternateDataStreams: C:\ProgramData\TEMP:B6E6C4EA
AlternateDataStreams: C:\ProgramData\TEMP:BB8B6B1E
AlternateDataStreams: C:\ProgramData\TEMP:BEACE4C8
AlternateDataStreams: C:\ProgramData\TEMP:BF6C81B2
AlternateDataStreams: C:\ProgramData\TEMP:BFE54417
AlternateDataStreams: C:\ProgramData\TEMP:C2F24DB5
AlternateDataStreams: C:\ProgramData\TEMP:C78DADEA
AlternateDataStreams: C:\ProgramData\TEMP:D4558A0B
AlternateDataStreams: C:\ProgramData\TEMP:E0888117
AlternateDataStreams: C:\ProgramData\TEMP:E40D7F76
AlternateDataStreams: C:\ProgramData\TEMP:E5B07840
AlternateDataStreams: C:\ProgramData\TEMP:ECF3C50F
AlternateDataStreams: C:\ProgramData\TEMP:ED0B32CA
AlternateDataStreams: C:\ProgramData\TEMP:EE198B1F
AlternateDataStreams: C:\ProgramData\TEMP:EEB25EAE
AlternateDataStreams: C:\ProgramData\TEMP:EF0C5444
AlternateDataStreams: C:\ProgramData\TEMP:F5D01D7C
AlternateDataStreams: C:\ProgramData\TEMP:F89F2593
AlternateDataStreams: C:\ProgramData\TEMP:FB4262DE
       
*****************

Winsock: Catalog5 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\system32\NLAapi.dll
Hosts was reset successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
C:\Users\mehdi\AppData\Roaming\desktop.ini => Moved successfully.
C:\Users\mehdi => ":zylomtest" ADS removed successfully.
C:\Users\mehdi => ":zylomtr{000HQ7FF-AD7A-3FG6-3908-27H0TJJBSVTT}" ADS removed successfully.
C:\ProgramData\TEMP => ":012BC84F" ADS removed successfully.
C:\ProgramData\TEMP => ":036AA5DD" ADS removed successfully.
C:\ProgramData\TEMP => ":0487F955" ADS removed successfully.
C:\ProgramData\TEMP => ":114C90CA" ADS removed successfully.
C:\ProgramData\TEMP => ":12D2EB9C" ADS removed successfully.
C:\ProgramData\TEMP => ":13019F4B" ADS removed successfully.
C:\ProgramData\TEMP => ":17EB5BAE" ADS removed successfully.
C:\ProgramData\TEMP => ":183A9046" ADS removed successfully.
C:\ProgramData\TEMP => ":1B389835" ADS removed successfully.
C:\ProgramData\TEMP => ":1D6B18F1" ADS removed successfully.
C:\ProgramData\TEMP => ":26499772" ADS removed successfully.
C:\ProgramData\TEMP => ":2652902F" ADS removed successfully.
C:\ProgramData\TEMP => ":2AF322BF" ADS removed successfully.
C:\ProgramData\TEMP => ":2B9555D8" ADS removed successfully.
C:\ProgramData\TEMP => ":2C86E2AD" ADS removed successfully.
C:\ProgramData\TEMP => ":3DB6F365" ADS removed successfully.
C:\ProgramData\TEMP => ":4673E9EA" ADS removed successfully.
C:\ProgramData\TEMP => ":474022C7" ADS removed successfully.
C:\ProgramData\TEMP => ":4C3D5A8B" ADS removed successfully.
C:\ProgramData\TEMP => ":4EC7F009" ADS removed successfully.
C:\ProgramData\TEMP => ":53DF59D1" ADS removed successfully.
C:\ProgramData\TEMP => ":54380FEC" ADS removed successfully.
C:\ProgramData\TEMP => ":57B2B96C" ADS removed successfully.
C:\ProgramData\TEMP => ":587F3582" ADS removed successfully.
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully.
C:\ProgramData\TEMP => ":5D351BC6" ADS removed successfully.
C:\ProgramData\TEMP => ":6A0A47E7" ADS removed successfully.
C:\ProgramData\TEMP => ":6C75AF4C" ADS removed successfully.
C:\ProgramData\TEMP => ":6E2D80C8" ADS removed successfully.
C:\ProgramData\TEMP => ":8029E75F" ADS removed successfully.
C:\ProgramData\TEMP => ":87A3A233" ADS removed successfully.
C:\ProgramData\TEMP => ":9398DBB4" ADS removed successfully.
C:\ProgramData\TEMP => ":943971F5" ADS removed successfully.
C:\ProgramData\TEMP => ":9C3AAD57" ADS removed successfully.
C:\ProgramData\TEMP => ":A31B5E9B" ADS removed successfully.
C:\ProgramData\TEMP => ":A42FABF7" ADS removed successfully.
C:\ProgramData\TEMP => ":A5CD91DF" ADS removed successfully.
C:\ProgramData\TEMP => ":A6E01F67" ADS removed successfully.
C:\ProgramData\TEMP => ":B3C7433B" ADS removed successfully.
C:\ProgramData\TEMP => ":B6E6C4EA" ADS removed successfully.
C:\ProgramData\TEMP => ":BB8B6B1E" ADS removed successfully.
C:\ProgramData\TEMP => ":BEACE4C8" ADS removed successfully.
C:\ProgramData\TEMP => ":BF6C81B2" ADS removed successfully.
C:\ProgramData\TEMP => ":BFE54417" ADS removed successfully.
C:\ProgramData\TEMP => ":C2F24DB5" ADS removed successfully.
C:\ProgramData\TEMP => ":C78DADEA" ADS removed successfully.
C:\ProgramData\TEMP => ":D4558A0B" ADS removed successfully.
C:\ProgramData\TEMP => ":E0888117" ADS removed successfully.
C:\ProgramData\TEMP => ":E40D7F76" ADS removed successfully.
C:\ProgramData\TEMP => ":E5B07840" ADS removed successfully.
C:\ProgramData\TEMP => ":ECF3C50F" ADS removed successfully.
C:\ProgramData\TEMP => ":ED0B32CA" ADS removed successfully.
C:\ProgramData\TEMP => ":EE198B1F" ADS removed successfully.
C:\ProgramData\TEMP => ":EEB25EAE" ADS removed successfully.
C:\ProgramData\TEMP => ":EF0C5444" ADS removed successfully.
C:\ProgramData\TEMP => ":F5D01D7C" ADS removed successfully.
C:\ProgramData\TEMP => ":F89F2593" ADS removed successfully.
C:\ProgramData\TEMP => ":FB4262DE" ADS removed successfully.

==== End of Fixlog ====
...und Rocketdock ist eine Windows-Taskleiste, kleine nicht schädliche Spielerei :)

Kaspersky habe ich nicht. Wenn Du Microsoft Security Essentials meinst, das hatte ich geschrieben, mehr weiß ich auch nicht :confused:.

Was für mich eben nicht normal ist, dass die updates nicht funktionieren - wie beschrieben.

Wenn das nichts mit dem Trojaner zutun hat, Du das also ausschließen kannst, an wende ich mich denn wegen dieses Problems?

LG, Martina

schrauber 14.11.2013 08:53
poste bitte nochmal ein frisches FRST logfile, und das:

Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.



Gast77 14.11.2013 14:12
Hallo,

darf ich bitte die "3 Minuten vor Ort, Zwischen Zähneputzen und Waschen Version" haben :killpc: ?!

Hier das frische FRST logfile:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-11-2013
Ran by mehdi (administrator) on D9XTDN3J on 14-11-2013 13:57:15
Running from C:\Users\mehdi\Desktop\2. Durchlauf
Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Windows\system32\aestsrv.exe
(B.H.A Corporation) C:\Windows\System32\bgsvcgen.exe
( ) C:\Windows\system32\dlcccoms.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(IDT, Inc.) C:\Windows\system32\STacSV.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(SoftPerfect Research) C:\Program Files\NetWorx\networx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(RealNetworks, Inc.) c:\program files\real\realplayer\update\realsched.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [159744 2007-09-24] (Alps Electric Co., Ltd.)
HKLM\...\Run: [OEM02Mon.exe] - C:\Windows\OEM02Mon.exe [36864 2007-12-03] (Creative Technology Ltd.)
HKLM\...\Run: [SigmatelSysTrayApp] - C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe [405504 2008-01-02] (IDT, Inc.)
HKLM\...\Run: [DLCCCATS] - rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NVHotkey] - rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\realplayer\Update\realsched.exe [295072 2013-01-21] (RealNetworks, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NetWorx] - C:\Program Files\NetWorx\networx.exe [3255696 2012-12-18] (SoftPerfect Research)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [125952 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [RocketDock] - "C:\Program Files\RocketDock\RocketDock.exe"
HKCU\...\Run: [ISUSPM] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [206112 2008-10-24] (Macrovision Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [WinPatrol] - C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe [456768 2013-10-19] (BillP Studios)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=800224F5&OHP=http%3A%2F%2Fwww.google.com&OSP=
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - ${searchCLSID} URL = hxxp://search-gala.com/?&uid=220&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default
FF NewTab: hxxp://www.google.de
FF SelectedSearchEngine: LEO Deu-Fra
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File
FF Plugin: @zylom.com/ZylomGamesPlayer - C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll No File
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\searchplugins\dailymotion.xml
FF SearchPlugin: C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\searchplugins\leo-deu-fra.xml
FF SearchPlugin: C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\searchplugins\myvideo.xml
FF SearchPlugin: C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\searchplugins\youtube-videosuche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: bookmarkfaviconchanger - C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\Extensions\bookmarkfaviconchanger@sonthakit.xpi
FF Extension: personas - C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\Extensions\personas@christopher.beard.xpi
FF Extension: noscript - C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Adblock Plus - C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Google Toolbar for Firefox - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\

========================== Services (Whitelisted) =================

R2 bgsvcgen; C:\Windows\System32\bgsvcgen.exe [145504 2007-06-15] (B.H.A Corporation)
R2 dlcc_device; C:\Windows\system32\dlcccoms.exe [538096 2007-02-14] ( )
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 RemoteAccess; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S2 gupdate1c9f579372d2820; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [x]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [x]

==================== Drivers (Whitelisted) ====================

R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-01-13] (DT Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [328192 2007-04-02] (Ralink Technology Corp.)
R1 networx; C:\Windows\System32\drivers\networx.sys [52728 2012-11-26] (NetFilterSDK.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2012-11-24] (Duplex Secure Ltd.)
U3 a1ott5lv; C:\Windows\System32\Drivers\a1ott5lv.sys [0 ] (Intel Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-14 13:55 - 2013-11-14 13:55 - 00000104 _____ C:\Users\mehdi\Desktop\Papierkorb - Verknüpfung.lnk
2013-11-14 13:52 - 2013-11-14 13:57 - 00000000 ____D C:\Users\mehdi\Desktop\2. Durchlauf
2013-11-12 12:32 - 2013-11-12 12:32 - 00000000 ____D C:\FRST
2013-11-11 18:11 - 2013-11-11 18:11 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-11 18:11 - 2013-11-11 18:11 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-11 17:45 - 2013-11-12 06:40 - 00196608 _____ C:\Windows\SPInstall.etl
2013-11-11 17:29 - 2013-11-11 17:33 - 365230920 _____ (Microsoft Corporation) C:\Users\mehdi\Desktop\Windows6.0-KB948465-X86.exe
2013-11-11 17:06 - 2013-11-11 17:06 - 00000326 _____ C:\Windows\PFRO.log
2013-11-11 17:01 - 2013-11-11 17:01 - 00000000 ____D C:\Program Files\Panda USB Vaccine
2013-11-11 16:58 - 2013-11-11 16:58 - 00000000 _____ C:\Windows\setuperr.log
2013-11-11 16:58 - 2013-11-11 16:58 - 00000000 _____ C:\Windows\setupact.log
2013-11-11 15:36 - 2013-11-13 14:36 - 00000000 ____D C:\Users\mehdi\Desktop\Neuer Ordner
2013-11-10 14:14 - 2013-11-10 14:14 - 00000000 ____D C:\ProgramData\Licenses
2013-11-10 14:13 - 2013-11-10 14:19 - 00000000 ____D C:\Program Files\SpywareBlaster
2013-11-10 14:03 - 2013-11-10 14:04 - 00000000 ____D C:\Users\mehdi\AppData\Roaming\WinPatrol
2013-11-10 13:56 - 2013-11-10 14:04 - 00000000 ____D C:\ProgramData\InstallMate
2013-11-10 13:56 - 2013-11-10 13:56 - 00000000 ____D C:\Program Files\BillP Studios
2013-11-10 13:36 - 2013-11-10 13:36 - 00000000 ____D C:\Users\mehdi\AppData\Local\Secunia PSI
2013-11-10 13:35 - 2013-11-10 13:35 - 00000000 ____D C:\Program Files\Secunia
2013-11-10 11:45 - 2013-11-10 11:45 - 00001971 _____ C:\Users\mehdi\DelFix.txt
2013-11-10 11:39 - 2013-11-10 11:39 - 00000000 ___SD C:\uninstall
2013-11-08 11:01 - 2013-11-10 11:42 - 00000000 ____D C:\Windows\ERUNT
2013-11-06 17:46 - 2013-11-10 11:39 - 00000000 ____D C:\Windows\erdnt
2013-11-05 13:46 - 2013-11-05 18:42 - 00000000 ____D C:\Users\mehdi\Documents\My Digital Editions
2013-11-05 13:46 - 2013-11-05 13:46 - 00000000 ____D C:\Users\mehdi\AppData\Local\Adobe_Systems_Incorporate
2013-11-03 17:44 - 2013-11-03 17:44 - 02793472 _____ C:\Users\mehdi\Rezept.wps
2013-11-01 11:54 - 2013-11-01 17:53 - 104569497 _____ C:\Windows\system32\久㈣᭄”
2013-10-31 17:10 - 2013-10-31 17:10 - 104348737 _____ C:\Windows\system32\촀仙᭄ˆ
2013-10-29 18:59 - 2013-10-30 11:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-28 18:52 - 2013-10-28 18:52 - 103746026 _____ C:\Windows\system32\访᭄—
2013-10-22 13:33 - 2013-10-23 11:42 - 00000000 ____D C:\Users\mehdi\AppData\Roaming\iPumper
2013-10-20 13:15 - 2013-11-14 13:45 - 00974898 _____ C:\Windows\WindowsUpdate.log
2013-10-16 17:36 - 2013-10-16 17:39 - 00019968 _____ C:\Users\mehdi\Brownies von Anita.wps

==================== One Month Modified Files and Folders =======

2013-11-14 13:57 - 2013-11-14 13:52 - 00000000 ____D C:\Users\mehdi\Desktop\2. Durchlauf
2013-11-14 13:55 - 2013-11-14 13:55 - 00000104 _____ C:\Users\mehdi\Desktop\Papierkorb - Verknüpfung.lnk
2013-11-14 13:52 - 2011-06-21 13:45 - 00048175 _____ C:\ProgramData\nvModes.dat
2013-11-14 13:52 - 2011-06-21 13:45 - 00048175 _____ C:\ProgramData\nvModes.001
2013-11-14 13:45 - 2013-10-20 13:15 - 00974898 _____ C:\Windows\WindowsUpdate.log
2013-11-14 13:40 - 2009-11-28 12:53 - 00000418 ____H C:\Windows\Tasks\User_Feed_Synchronization-{64E4BCF0-1ED8-41F7-936E-5E4A343D1B07}.job
2013-11-13 18:14 - 2006-11-02 13:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-13 18:14 - 2006-11-02 13:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-13 15:28 - 2012-08-24 12:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-13 14:36 - 2013-11-11 15:36 - 00000000 ____D C:\Users\mehdi\Desktop\Neuer Ordner
2013-11-13 14:35 - 2008-05-02 11:08 - 00036884 _____ C:\Users\mehdi\AppData\Roaming\wklnhst.dat
2013-11-13 12:05 - 2008-05-02 08:38 - 00000000 ____D C:\Users\mehdi
2013-11-13 11:39 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-12 23:56 - 2008-04-29 20:21 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-11-12 23:56 - 2006-11-02 14:01 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-12 12:32 - 2013-11-12 12:32 - 00000000 ____D C:\FRST
2013-11-12 11:17 - 2009-03-21 15:09 - 00000000 ____D C:\Program Files\RocketDock
2013-11-12 10:17 - 2006-11-02 11:33 - 01595424 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-12 06:40 - 2013-11-11 17:45 - 00196608 _____ C:\Windows\SPInstall.etl
2013-11-11 18:11 - 2013-11-11 18:11 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-11 18:11 - 2013-11-11 18:11 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-11 17:33 - 2013-11-11 17:29 - 365230920 _____ (Microsoft Corporation) C:\Users\mehdi\Desktop\Windows6.0-KB948465-X86.exe
2013-11-11 17:06 - 2013-11-11 17:06 - 00000326 _____ C:\Windows\PFRO.log
2013-11-11 17:01 - 2013-11-11 17:01 - 00000000 ____D C:\Program Files\Panda USB Vaccine
2013-11-11 16:58 - 2013-11-11 16:58 - 00000000 _____ C:\Windows\setuperr.log
2013-11-11 16:58 - 2013-11-11 16:58 - 00000000 _____ C:\Windows\setupact.log
2013-11-10 14:19 - 2013-11-10 14:13 - 00000000 ____D C:\Program Files\SpywareBlaster
2013-11-10 14:14 - 2013-11-10 14:14 - 00000000 ____D C:\ProgramData\Licenses
2013-11-10 14:04 - 2013-11-10 14:03 - 00000000 ____D C:\Users\mehdi\AppData\Roaming\WinPatrol
2013-11-10 14:04 - 2013-11-10 13:56 - 00000000 ____D C:\ProgramData\InstallMate
2013-11-10 13:56 - 2013-11-10 13:56 - 00000000 ____D C:\Program Files\BillP Studios
2013-11-10 13:36 - 2013-11-10 13:36 - 00000000 ____D C:\Users\mehdi\AppData\Local\Secunia PSI
2013-11-10 13:35 - 2013-11-10 13:35 - 00000000 ____D C:\Program Files\Secunia
2013-11-10 11:45 - 2013-11-10 11:45 - 00001971 _____ C:\Users\mehdi\DelFix.txt
2013-11-10 11:42 - 2013-11-08 11:01 - 00000000 ____D C:\Windows\ERUNT
2013-11-10 11:39 - 2013-11-10 11:39 - 00000000 ___SD C:\uninstall
2013-11-10 11:39 - 2013-11-06 17:46 - 00000000 ____D C:\Windows\erdnt
2013-11-08 10:56 - 2008-06-22 16:02 - 00000977 _____ C:\Users\mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-08 10:52 - 2009-04-26 13:03 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-11-07 13:16 - 2009-11-05 14:14 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-06 19:53 - 2011-07-15 19:37 - 00000000 ____D C:\Users\mehdi\AppData\Local\Apps\2.0
2013-11-06 19:52 - 2006-11-02 12:18 - 00000000 __RHD C:\Users\Default
2013-11-06 19:52 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Public
2013-11-06 18:07 - 2006-11-02 11:23 - 00000215 _____ C:\Windows\system.ini
2013-11-06 18:05 - 2012-05-06 11:14 - 00000306 __RSH C:\ProgramData\ntuser.pol
2013-11-06 17:58 - 2011-05-22 11:21 - 00000000 ____D C:\Install
2013-11-06 13:29 - 2012-08-24 12:10 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-11-06 13:29 - 2011-09-29 13:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-11-05 19:21 - 2008-04-29 20:41 - 00000000 ____D C:\Program Files\Google
2013-11-05 18:52 - 2008-06-08 13:25 - 00000000 ____D C:\Windows\Minidump
2013-11-05 18:46 - 2008-05-02 08:39 - 00000000 ____D C:\Users\mehdi\AppData\Local\Google
2013-11-05 18:42 - 2013-11-05 13:46 - 00000000 ____D C:\Users\mehdi\Documents\My Digital Editions
2013-11-05 16:54 - 2012-01-27 13:26 - 00000000 ____D C:\Users\mehdi\Documents\Zeitschriften und Bücher
2013-11-05 16:43 - 2008-05-02 14:52 - 00208896 _____ C:\Users\mehdi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-05 13:53 - 2013-06-17 11:31 - 00018432 _____ C:\Users\mehdi\Foren.wps
2013-11-05 13:46 - 2013-11-05 13:46 - 00000000 ____D C:\Users\mehdi\AppData\Local\Adobe_Systems_Incorporate
2013-11-05 13:46 - 2013-02-01 15:44 - 00000000 ____D C:\Program Files\Adobe
2013-11-03 17:44 - 2013-11-03 17:44 - 02793472 _____ C:\Users\mehdi\Rezept.wps
2013-11-02 18:56 - 2009-02-12 18:27 - 00000000 ____D C:\Users\mehdi\AppData\Roaming\vlc
2013-11-02 10:25 - 2008-05-02 11:09 - 00000000 ____D C:\Users\mehdi\Documents\Schriftverkehr
2013-11-01 17:53 - 2013-11-01 11:54 - 104569497 _____ C:\Windows\system32\久㈣᭄”
2013-10-31 17:10 - 2013-10-31 17:10 - 104348737 _____ C:\Windows\system32\촀仙᭄ˆ
2013-10-31 11:30 - 2012-05-05 10:46 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-30 11:59 - 2013-10-29 18:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-28 18:52 - 2013-10-28 18:52 - 103746026 _____ C:\Windows\system32\访᭄—
2013-10-26 10:27 - 2008-05-07 20:26 - 00008484 _____ C:\Users\mehdi\AppData\Local\d3d9caps.dat
2013-10-25 15:45 - 2012-12-29 18:40 - 00018944 _____ C:\Users\mehdi\Gebrannte DVDs.wps
2013-10-23 11:42 - 2013-10-22 13:33 - 00000000 ____D C:\Users\mehdi\AppData\Roaming\iPumper
2013-10-18 17:22 - 2010-08-28 10:56 - 00000000 ____D C:\Users\mehdi\Documents\Küche
2013-10-16 17:39 - 2013-10-16 17:36 - 00019968 _____ C:\Users\mehdi\Brownies von Anita.wps

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-13 11:49

==================== End Of Log ============================
--- --- ---


und hier das andere:

Code:
Farbar Service Scanner Version: 10-11-2013
Ran by mehdi (administrator) on 14-11-2013 at 13:58:50
Running from "C:\Users\mehdi\Desktop\2. Durchlauf"
Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Attempt to access Google.com returned error: Google.com is offline
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Security Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{FD6905CE-952F-41F1-9A6F-135D9C6622CC} key. The key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking ServiceDll of RemoteAccess: ATTENTION!=====> Unable to open RemoteAccess registry key. The service key does not exist.



File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys
[2011-06-15 22:31] - [2011-04-21 14:16] - 0273408 ____A (Microsoft Corporation) 48EB99503533C27AC6135648E5474457

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2010-08-11 10:39] - [2010-06-16 16:59] - 0898952 ____A (Microsoft Corporation) 782568AB6A43160A159B6215B70BCCE9

C:\Windows\system32\dnsrslvr.dll
[2011-04-14 12:07] - [2011-03-02 15:49] - 0086528 ____A (Microsoft Corporation) 4805D9A6D281C7A7DEFD9094DEC6AF7D

C:\Windows\system32\mpssvc.dll
[2008-06-05 13:15] - [2008-01-19 08:34] - 0393216 ____A (Microsoft Corporation) D1639BA315B0D79DEC49A4B0E1FB929B

C:\Windows\system32\bfe.dll
[2008-06-05 13:15] - [2008-01-19 08:33] - 0328704 ____A (Microsoft Corporation) 8582E233C346AEFE759833E8A30DD697

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe
[2008-06-05 13:15] - [2008-01-19 08:33] - 1054720 ____A (Microsoft Corporation) D5FB73D19C46ADE183F968E13F186B23

C:\Windows\system32\wscsvc.dll
[2008-06-05 13:15] - [2008-01-19 08:37] - 0061440 ____A (Microsoft Corporation) 683DD16B590372F2C9661D277F35E49C

C:\Windows\system32\wbem\WMIsvc.dll
[2008-06-05 13:15] - [2008-01-19 08:36] - 0161792 ____A (Microsoft Corporation) 00B79A7C984678F24CF052E5BEB3A2F5

C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll
[2008-06-05 13:15] - [2008-01-19 08:36] - 0758272 ____A (Microsoft Corporation) 02ED7B4DBC2A3232A389106DA7515C3D

C:\Windows\system32\es.dll
[2008-08-14 12:01] - [2008-04-18 06:48] - 0269312 ____A (Microsoft Corporation) 3CB3343D720168B575133A0A20DC2465

C:\Windows\system32\cryptsvc.dll
[2008-06-05 13:14] - [2008-01-19 08:34] - 0128000 ____A (Microsoft Corporation) 6DE363F9F99334514C46AEC02D3E3678

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll
[2010-04-14 11:10] - [2010-02-18 15:11] - 0190464 ____A (Microsoft Corporation) 6A35D233693EDC29A12742049BC5E37F

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll
[2009-04-17 09:14] - [2009-03-03 05:39] - 0551424 ____A (Microsoft Corporation) 301AE00E12408650BADDC04DBC832830



**** End of log ****
LG, Martina

schrauber 15.11.2013 10:31
Wo wohnst Du denn? :D

Downloade dir bitte Windows Repair (All In One) von hier.

Gast77 15.11.2013 15:25
Hallo,

ok, bis zum 1. Advent hast Du noch zum Rumwerkeln. Dann will ich aber Vollservice http://www.smileyparadies.de/girls/smilie_girl_120.gif.

Habe alles durchgeführt. Und nun? Hätte die logs ja gepostet, sind aber 12 Stück. Ich weiß nicht, ob Du die alle sehen willst/musst?!

Soll ich noch mal versuchen die Updates zu installieren? Brauchst Du noch ein FRST log?

Ich nehme ja mal an, dass das Fehlschlagen des Downloads von TCF, das nicht durchführbare Update von Microsoft Sec. Essent. im Zusammenhang steht mit dem nicht durchführbaren Update von Windows und dieser Dienstregistrierung, oder?

Meld' Dich! Danke

LG, Martina

schrauber 16.11.2013 12:10
Ja versuchs mal und poste noch ein frisches FRST log :)

Gast77 17.11.2013 17:18
Hallo,

ein vorläufiges :dankeschoen:.

Das Update von Windows konnte jetzt tatsächlich installiert werden. Danach machte der Rechner einige Zicken, mehrfach abgestürzt, blauer, schwarzer Bildschirm, Bild eingefroren, etc. Ich glaube, jetzt hat er sich aber beruhigt.

Ich habe schon festgestellt, dass Du einer der ganz schweigsamen Zeitgenossen bist, aber vielleicht kannst Du zum Abschluss doch noch ein wenig Auskunft geben. Für mich als Unwissende ist das alles ja nicht so nachvollziehbar und die logs sind keine Offenbarung für mich.

Ist der Rechner jetzt sicher? Sollte ich die Passwörter ändern?
Merkwürdig ist jetzt die Freigabe der Ordner. Die Ordner sind jetzt mit 2 "Männeken" versehen. Das hatte ich vorher nicht. Auch ist unter Eigenschaften - Sicherheit eine ganze Reihe von Gruppen- und Benutzernamen, die vorher nicht da waren. Jetzt sind da "Jeder", "Ersteller-Besitzer", "System", "Mehdi", "Administratoren" und "Benutzer"???! Vorher waren da nur 2. Soll ich das ignorieren?

Und zum Schluss: Muss ich noch was reinigen oder löschen?

Die Logs bekomme ich nicht "eingearbeitet", da zuviele Zeichen. Soll ich eine zip-Datei daraus machen, wie fälschlicherweise bereits beim 1. Posting von mir gemacht?


LG, Martina

schrauber 18.11.2013 09:45
Welche Logs? Vom Repair Tool? Die brauch ich nicht. Poste einfach ein frisches FRST log, in Stücken wenn nötig, dann schau ich nochmal drüber, dann kann ich dir auch deine Fragen beantworten :)

Zitat:
Ich habe schon festgestellt, dass Du einer der ganz schweigsamen Zeitgenossen bist,
Eigentlich nicht, aber bei gefühlten 400 Usern gleichzeitig wirds schon eng :)

Gast77 18.11.2013 10:32
Hallo,

Code:
  Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-11-2013 02
Ran by mehdi (administrator) on D9XTDN3J on 17-11-2013 16:44:35
Running from C:\Users\mehdi\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Windows\system32\aestsrv.exe
(B.H.A Corporation) C:\Windows\System32\bgsvcgen.exe
( ) C:\Windows\system32\dlcccoms.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(SoftPerfect Research) C:\Program Files\NetWorx\networx.exe
(IDT, Inc.) C:\Windows\system32\STacSV.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Panda Security) C:\Program Files\Panda USB Vaccine\USBVaccine.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
() C:\Program Files\RocketDock\RocketDock.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [159744 2007-09-24] (Alps Electric Co., Ltd.)
HKLM\...\Run: [OEM02Mon.exe] - C:\Windows\OEM02Mon.exe [36864 2007-12-03] (Creative Technology Ltd.)
HKLM\...\Run: [DLCCCATS] - rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NVHotkey] - rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NetWorx] - C:\Program Files\NetWorx\networx.exe [3255696 2012-12-18] (SoftPerfect Research)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [SigmatelSysTrayApp] - C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe [405504 2008-01-02] (IDT, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [125952 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [RocketDock] - C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKCU\...\Run: [ISUSPM] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [206112 2008-10-24] (Macrovision Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKCU\...\Run: [WinPatrol] - C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe [456768 2013-10-19] (BillP Studios)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=800224F5&OHP=http%3A%2F%2Fwww.google.com&OSP=
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - ${searchCLSID} URL = hxxp://search-gala.com/?&uid=220&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default
FF NewTab: hxxp://www.google.de
FF SelectedSearchEngine: LEO Deu-Fra
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @zylom.com/ZylomGamesPlayer - C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll No File
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\searchplugins\dailymotion.xml
FF SearchPlugin: C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\searchplugins\leo-deu-fra.xml
FF SearchPlugin: C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\searchplugins\myvideo.xml
FF SearchPlugin: C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\searchplugins\youtube-videosuche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: bookmarkfaviconchanger - C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\Extensions\bookmarkfaviconchanger@sonthakit.xpi
FF Extension: personas - C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\Extensions\personas@christopher.beard.xpi
FF Extension: noscript - C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: Adblock Plus - C:\Users\mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\mh2d7bhm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Google Toolbar for Firefox - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

========================== Services (Whitelisted) =================

R2 bgsvcgen; C:\Windows\System32\bgsvcgen.exe [145504 2007-06-15] (B.H.A Corporation)
R2 dlcc_device; C:\Windows\system32\dlcccoms.exe [538096 2007-02-14] ( )
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 RemoteAccess; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S2 gupdate1c9f579372d2820; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [x]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [x]

==================== Drivers (Whitelisted) ====================

R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-01-13] (DT Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R1 MpKsl0c5906b3; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B9E00A65-D2E7-4C10-9AB2-09B0C90B1205}\MpKsl0c5906b3.sys [40392 2013-11-17] (Microsoft Corporation)
R1 MpKsl5b2a59e8; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B9E00A65-D2E7-4C10-9AB2-09B0C90B1205}\MpKsl5b2a59e8.sys [40392 2013-11-17] (Microsoft Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [328192 2007-04-02] (Ralink Technology Corp.)
R1 networx; C:\Windows\System32\drivers\networx.sys [52728 2012-11-26] (NetFilterSDK.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2012-11-24] (Duplex Secure Ltd.)
U3 awxl327t; C:\Windows\System32\Drivers\awxl327t.sys [0 ] (Intel Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-17 16:44 - 2013-11-17 16:45 - 00014875 _____ C:\Users\mehdi\Desktop\FRST.txt
2013-11-17 16:44 - 2013-11-17 16:44 - 00000000 ____D C:\FRST
2013-11-17 16:43 - 2013-11-17 16:44 - 01090935 _____ (Farbar) C:\Users\mehdi\Desktop\FRST.exe
2013-11-17 14:30 - 2013-11-17 14:29 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-17 14:29 - 2013-11-17 14:29 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-17 14:29 - 2013-11-17 14:29 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-17 14:29 - 2013-11-17 14:29 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-11-17 12:18 - 2013-11-17 12:19 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-17 11:58 - 2013-11-17 11:58 - 417333535 _____ C:\Windows\MEMORY.DMP
2013-11-17 11:58 - 2013-11-17 11:58 - 00153640 _____ C:\Windows\Minidump\Mini111713-01.dmp
2013-11-17 11:43 - 2013-08-27 03:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-11-17 11:43 - 2013-08-27 03:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-11-17 11:43 - 2013-08-27 03:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-11-17 11:43 - 2013-08-27 03:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-11-17 11:43 - 2013-08-27 02:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-11-17 11:43 - 2013-08-27 02:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-11-17 11:43 - 2013-08-27 02:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-11-17 11:43 - 2013-08-27 02:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-11-17 11:43 - 2013-08-27 02:28 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-11-17 11:43 - 2011-03-12 22:55 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-11-17 11:26 - 2013-11-17 11:26 - 00000000 ___RD C:\Program Files\Skype
2013-11-17 11:26 - 2013-11-17 11:26 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-11-17 11:09 - 2013-11-17 11:09 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-11-17 10:49 - 2013-11-17 10:49 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2013-11-17 10:48 - 2013-11-17 10:48 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2013-11-16 17:20 - 2009-09-10 03:01 - 03023360 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2013-11-16 17:20 - 2009-09-10 03:00 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2013-11-16 17:20 - 2009-09-10 03:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-11-16 17:17 - 2009-10-01 02:02 - 02537472 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2013-11-16 17:17 - 2009-10-01 02:02 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2013-11-16 17:17 - 2009-10-01 02:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2013-11-16 17:17 - 2009-10-01 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\BthMtpContextHandler.dll
2013-11-16 17:17 - 2009-10-01 02:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe
2013-11-16 17:17 - 2009-10-01 02:01 - 00546816 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2013-11-16 17:17 - 2009-10-01 02:01 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2013-11-16 17:17 - 2009-10-01 02:01 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll
2013-11-16 17:17 - 2009-10-01 02:01 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWMDRM.dll
2013-11-16 17:17 - 2009-10-01 02:01 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2013-11-16 17:17 - 2009-10-01 02:01 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2013-11-16 17:17 - 2009-10-01 02:01 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2013-11-16 17:17 - 2009-10-01 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll
2013-11-16 17:17 - 2009-10-01 02:01 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceConnectApi.dll
2013-11-16 17:17 - 2009-10-01 02:01 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUsb.sys
2013-11-16 17:17 - 2009-10-01 02:01 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\WpdConns.dll
2013-11-16 17:05 - 2012-02-29 16:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2013-11-16 17:05 - 2012-02-29 16:09 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-11-16 17:05 - 2012-02-29 14:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2013-11-16 16:50 - 2013-11-16 16:50 - 12344832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-16 16:50 - 2013-11-16 16:50 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-16 16:50 - 2013-11-16 16:50 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-16 16:50 - 2013-11-16 16:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-16 16:50 - 2013-11-16 16:50 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-16 16:50 - 2013-11-16 16:50 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-16 16:50 - 2013-11-16 16:50 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-16 16:50 - 2013-11-16 16:50 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-16 16:50 - 2013-11-16 16:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-16 16:50 - 2013-11-16 16:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-16 16:50 - 2013-11-16 16:50 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-16 16:50 - 2013-11-16 16:50 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-16 16:50 - 2013-11-16 16:50 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-16 16:49 - 2013-11-16 16:49 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 01554432 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 01075712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00979456 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2013-11-16 16:49 - 2013-11-16 16:49 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2013-11-16 16:49 - 2013-11-16 16:49 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2013-11-16 16:48 - 2013-11-16 16:48 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-11-16 16:48 - 2013-11-16 16:48 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-16 16:48 - 2013-11-16 16:48 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-16 16:48 - 2013-11-16 16:48 - 00321024 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2013-11-16 16:48 - 2013-11-16 16:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2013-11-16 16:48 - 2013-11-16 16:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2013-11-16 16:48 - 2013-11-16 16:48 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-11-16 16:46 - 2013-11-16 16:51 - 00004461 _____ C:\Windows\IE9_main.log
2013-11-16 16:25 - 2012-06-02 15:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-11-16 16:24 - 2012-07-26 04:39 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-11-16 16:24 - 2012-07-26 04:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-11-16 16:24 - 2012-07-26 04:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-11-16 16:24 - 2012-07-26 04:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-11-16 16:24 - 2012-07-26 04:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-11-16 16:24 - 2012-07-26 04:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-11-16 16:24 - 2012-07-26 03:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-11-16 16:24 - 2012-07-26 03:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-11-16 16:24 - 2012-07-26 03:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-11-16 16:24 - 2009-07-14 13:12 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\winusb.dll
2013-11-16 15:40 - 2013-08-01 04:16 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-11-16 15:40 - 2013-08-01 03:49 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-11-16 15:40 - 2012-06-05 17:47 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-11-16 15:39 - 2013-08-29 08:36 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-11-16 15:39 - 2013-07-20 11:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-11-16 15:39 - 2013-06-15 14:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-11-16 15:39 - 2013-06-15 12:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-11-16 15:39 - 2012-05-11 16:57 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-11-16 15:39 - 2011-10-14 17:03 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-11-16 15:39 - 2011-10-14 17:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\mciseq.dll
2013-11-16 15:39 - 2011-07-29 17:01 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2013-11-16 15:39 - 2011-07-29 17:01 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2013-11-16 15:39 - 2011-07-29 17:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2013-11-16 15:39 - 2011-07-29 17:00 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2013-11-16 15:39 - 2011-04-21 14:55 - 00508416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2013-11-16 15:39 - 2009-06-17 14:23 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2013-11-16 15:38 - 2013-07-17 20:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-11-16 15:38 - 2013-07-10 10:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-11-16 15:38 - 2013-07-05 05:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-16 15:38 - 2012-11-02 11:18 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-11-16 15:38 - 2012-11-02 09:26 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2013-11-16 15:38 - 2012-09-25 17:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2013-11-16 15:38 - 2012-08-21 12:47 - 00224640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-11-16 15:38 - 2012-06-29 17:01 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2013-11-16 15:38 - 2012-06-08 18:47 - 11586048 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-11-16 15:38 - 2012-03-21 00:28 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2013-11-16 15:38 - 2011-10-14 17:02 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2013-11-16 15:37 - 2013-03-03 20:07 - 01082232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-11-16 15:37 - 2012-11-20 05:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-16 15:37 - 2011-11-18 18:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2013-11-16 15:37 - 2011-02-22 15:13 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-11-16 15:36 - 2013-10-11 03:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-16 15:36 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-16 15:36 - 2013-10-11 01:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2013-11-16 15:36 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-16 15:36 - 2013-10-03 13:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-16 15:36 - 2013-08-02 05:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-11-16 15:36 - 2013-06-29 03:07 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-11-16 15:36 - 2013-06-29 03:07 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-11-16 15:36 - 2013-06-29 03:07 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-11-16 15:36 - 2013-06-29 03:06 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-11-16 15:36 - 2013-06-27 00:01 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-11-16 15:36 - 2013-05-02 05:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-11-16 15:36 - 2013-05-02 05:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-11-16 15:36 - 2013-04-24 05:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-11-16 15:36 - 2013-04-24 02:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-11-16 15:36 - 2012-11-22 04:54 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2013-11-16 15:36 - 2012-11-08 04:48 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2013-11-16 15:36 - 2012-11-02 11:19 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-11-16 15:36 - 2012-09-28 17:11 - 00892928 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-11-16 15:36 - 2011-12-14 17:17 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2013-11-16 15:36 - 2011-05-05 14:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-11-16 15:36 - 2011-05-05 14:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-11-16 15:35 - 2013-07-16 05:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-11-16 15:35 - 2013-07-09 13:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-16 15:35 - 2013-07-08 05:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-11-16 15:35 - 2013-07-08 05:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-16 15:35 - 2013-07-04 05:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-11-16 15:35 - 2013-06-04 05:16 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-11-16 15:35 - 2013-06-04 02:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-11-16 15:35 - 2013-06-01 05:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-11-16 15:35 - 2013-03-09 04:45 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-11-16 15:35 - 2013-03-09 02:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-11-16 15:35 - 2013-03-08 04:52 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-11-16 15:35 - 2011-11-16 17:23 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2013-11-16 15:35 - 2011-10-25 16:58 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-11-16 15:35 - 2011-08-25 17:15 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2013-11-16 15:35 - 2011-08-25 17:14 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-11-16 15:35 - 2011-08-25 17:14 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2013-11-16 15:35 - 2011-08-25 14:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\oleaccrc.dll
2013-11-16 15:35 - 2011-06-15 17:12 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2013-11-16 15:34 - 2013-07-03 05:27 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\wiafbdrv.dll
2013-11-16 15:34 - 2013-07-03 03:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-11-16 15:34 - 2013-07-03 03:10 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-11-16 15:34 - 2013-04-17 13:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-11-16 15:34 - 2013-03-08 04:53 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-11-16 15:34 - 2013-02-12 02:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-11-16 15:34 - 2012-06-04 16:26 - 00440704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-16 15:34 - 2012-06-02 01:04 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-16 15:34 - 2012-05-01 15:03 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-11-16 15:34 - 2011-11-16 17:23 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-16 15:34 - 2011-11-16 17:21 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-16 15:34 - 2011-11-16 15:12 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-16 15:34 - 2010-05-04 20:13 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll
2013-11-16 15:15 - 2013-07-08 05:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-11-16 15:15 - 2013-07-08 05:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-11-16 15:15 - 2013-07-08 05:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-11-16 15:12 - 2012-01-09 16:54 - 00613376 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2013-11-16 14:43 - 2012-06-02 23:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-11-16 14:43 - 2012-06-02 23:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-11-16 14:43 - 2012-06-02 23:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-11-16 14:43 - 2012-06-02 23:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-11-16 14:43 - 2012-06-02 23:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-11-16 14:43 - 2012-06-02 23:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-11-16 14:43 - 2012-06-02 23:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-11-16 14:42 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-11-16 14:42 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-11-16 14:21 - 2013-11-16 14:22 - 00000000 ____D C:\Windows\system32\ca-ES
2013-11-16 14:21 - 2013-11-16 14:21 - 00000000 ____D C:\Windows\system32\vi-VN
2013-11-16 14:21 - 2013-11-16 14:21 - 00000000 ____D C:\Windows\system32\eu-ES
2013-11-16 14:12 - 2013-11-16 14:12 - 00000000 ____D C:\Windows\system32\SPReview
2013-11-16 13:48 - 2009-04-10 23:28 - 00928768 _____ (Microsoft Corporation) C:\Windows\system32\scavenge.dll
2013-11-16 13:47 - 2009-04-10 23:27 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\compcln.exe
2013-11-16 13:46 - 2009-04-10 23:32 - 00149480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2013-11-16 13:46 - 2009-04-10 23:32 - 00043496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys
2013-11-16 13:46 - 2009-04-10 23:32 - 00014312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys
2013-11-16 13:46 - 2009-04-10 23:28 - 02153472 _____ (Microsoft Corporation) C:\Windows\system32\oobefldr.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 01823744 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 01107968 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00550400 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\pnpui.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2013-11-16 13:46 - 2009-04-10 23:28 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\RelMon.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\offfilt.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2013-11-16 13:46 - 2009-04-10 23:28 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\pnpsetup.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\rasmontr.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\nlhtml.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\ntmarta.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2013-11-16 13:46 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\PNPXAssoc.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\rtffilt.dll
2013-11-16 13:46 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\perfdisk.dll
2013-11-16 13:46 - 2009-04-10 23:27 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2013-11-16 13:46 - 2009-04-10 23:27 - 00241128 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2013-11-16 13:46 - 2009-04-10 23:27 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2013-11-16 13:46 - 2009-04-10 23:27 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2013-11-16 13:46 - 2009-04-10 23:27 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2013-11-16 13:46 - 2009-04-10 23:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2013-11-16 13:46 - 2009-04-10 23:27 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\rekeywiz.exe
2013-11-16 13:46 - 2009-04-10 23:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2013-11-16 13:46 - 2009-04-10 23:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\PnPutil.exe
2013-11-16 13:46 - 2009-04-10 23:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\rasdial.exe
2013-11-16 13:46 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2013-11-16 13:46 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2013-11-16 13:46 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2013-11-16 13:46 - 2009-04-10 23:23 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2013-11-16 13:46 - 2009-04-10 22:03 - 12240896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0007.dll
2013-11-16 13:46 - 2009-04-10 22:03 - 02644480 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2013-11-16 13:46 - 2009-04-10 21:46 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys
2013-11-16 13:46 - 2009-04-10 21:46 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys
2013-11-16 13:46 - 2009-04-10 21:46 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2013-11-16 13:46 - 2009-04-10 21:45 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2013-11-16 13:46 - 2009-04-10 21:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2013-11-16 13:46 - 2009-04-10 21:43 - 00392170 _____ C:\Windows\system32\onex.tmf
2013-11-16 13:46 - 2009-04-10 21:43 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2013-11-16 13:46 - 2009-04-10 21:43 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2013-11-16 13:46 - 2009-04-10 21:43 - 00062208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys
2013-11-16 13:46 - 2009-04-10 21:42 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-11-16 13:46 - 2009-04-10 21:19 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-11-16 13:46 - 2009-04-10 21:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2013-11-16 13:46 - 2009-02-19 17:20 - 00009212 _____ C:\Windows\system32\RacUR.xml
2013-11-16 13:46 - 2009-02-18 11:43 - 00000153 _____ C:\Windows\system32\RacUREx.xml
2013-11-16 13:45 - 2009-04-10 23:32 - 00265688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2013-11-16 13:45 - 2009-04-10 23:32 - 00190424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2013-11-16 13:45 - 2009-04-10 23:32 - 00141288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2013-11-16 13:45 - 2009-04-10 23:32 - 00109032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-11-16 13:45 - 2009-04-10 23:32 - 00099816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-11-16 13:45 - 2009-04-10 23:32 - 00053736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2013-11-16 13:45 - 2009-04-10 23:32 - 00050664 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL
2013-11-16 13:45 - 2009-04-10 23:32 - 00035304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2013-11-16 13:45 - 2009-04-10 23:32 - 00027624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys
2013-11-16 13:45 - 2009-04-10 23:32 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys
2013-11-16 13:45 - 2009-04-10 23:28 - 02515968 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 02134528 _____ (Microsoft Corporation) C:\Windows\system32\FunctionDiscoveryFolder.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 01985024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 01856512 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\apds.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 01645568 _____ (Microsoft Corporation) C:\Windows\system32\connect.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 01591296 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 01459200 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 01342464 _____ (Microsoft Corporation) C:\Windows\system32\brcpl.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 01324032 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2013-11-16 13:45 - 2009-04-10 23:28 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00516608 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\IasMigReader.exe
2013-11-16 13:45 - 2009-04-10 23:28 - 00454144 _____ (Microsoft) C:\Windows\system32\IasMigPlugin.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\devmgr.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-11-16 13:45 - 2009-04-10 23:28 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2013-11-16 13:45 - 2009-04-10 23:28 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2013-11-16 13:45 - 2009-04-10 23:28 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\adsldpc.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\fundisc.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\dsprop.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00117248 _____ C:\Windows\system32\EhStorAuthn.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\EhStorShell.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\dmsynth.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\dmusic.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\fdBth.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\propdefs.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\iashlpr.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\feclient.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\bthci.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\EhStorPwdMgr.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\bitsigd.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\hidserv.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2013-11-16 13:45 - 2009-04-10 23:28 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\fdBthProxy.dll
2013-11-16 13:45 - 2009-04-10 23:27 - 02926592 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 02092544 _____ (Microsoft Corporation) C:\Windows\system32\dfsr.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 01122304 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2013-11-16 13:45 - 2009-04-10 23:27 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00407040 _____ (Microsoft Corporation) C:\Windows\system32\dpapimig.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00130024 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2013-11-16 13:45 - 2009-04-10 23:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\hdwwiz.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\conime.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\reg.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\cmmon32.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\fc.exe
2013-11-16 13:45 - 2009-04-10 23:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\gpupdate.exe
2013-11-16 13:45 - 2009-04-10 23:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2013-11-16 13:45 - 2009-04-10 22:42 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2013-11-16 13:45 - 2009-04-10 21:48 - 00344698 _____ C:\Windows\system32\eaphost.tmf
2013-11-16 13:45 - 2009-04-10 21:43 - 00442788 _____ C:\Windows\system32\dot3.tmf
2013-11-16 13:45 - 2009-04-10 21:43 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2013-11-16 13:45 - 2009-04-10 21:42 - 00561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2013-11-16 13:45 - 2009-04-10 21:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-11-16 13:45 - 2009-04-10 21:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2013-11-16 13:45 - 2009-04-10 21:39 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2013-11-16 13:45 - 2009-04-10 21:39 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2013-11-16 13:45 - 2009-04-10 21:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys
2013-11-16 13:45 - 2009-04-10 21:14 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2013-11-16 13:45 - 2009-04-10 21:13 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2013-11-16 13:45 - 2009-04-10 21:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2013-11-16 13:45 - 2009-04-10 21:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2013-11-16 13:45 - 2009-02-18 11:39 - 00779136 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2013-11-16 13:44 - 2009-04-10 23:33 - 00614376 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2013-11-16 13:44 - 2009-04-10 23:32 - 00527848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-11-16 13:44 - 2009-04-10 23:32 - 00438744 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2013-11-16 13:44 - 2009-04-10 23:32 - 00245736 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys

Gast77 18.11.2013 10:40
2. Teil

Code:
  2013-11-16 13:44 - 2009-04-10 23:32 - 00223208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-11-16 13:44 - 2009-04-10 23:32 - 00180712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2013-11-16 13:44 - 2009-04-10 23:32 - 00161752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2013-11-16 13:44 - 2009-04-10 23:32 - 00125928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-11-16 13:44 - 2009-04-10 23:32 - 00048104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2013-11-16 13:44 - 2009-04-10 23:32 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2013-11-16 13:44 - 2009-04-10 23:32 - 00017896 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2013-11-16 13:44 - 2009-04-10 23:32 - 00017384 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 06103040 _____ (Microsoft Corporation) C:\Windows\system32\chtbrkr.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 03174400 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 03072000 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 02225664 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 02167808 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 02012160 _____ (Microsoft Corporation) C:\Windows\system32\milcore.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 01788416 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\chsbrkr.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 01589248 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 01524736 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 01502720 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 01480704 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\wercon.exe
2013-11-16 13:44 - 2009-04-10 23:28 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 01086464 _____ (Microsoft Corporation) C:\Windows\system32\NetProjW.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 01053696 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2013-11-16 13:44 - 2009-04-10 23:28 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00852992 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00807424 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\ipsecsnp.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2013-11-16 13:44 - 2009-04-10 23:28 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00670720 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollUI.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00618496 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2VDEC.DLL
2013-11-16 13:44 - 2009-04-10 23:28 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00507904 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\msvcp60.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00385536 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-11-16 13:44 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00368640 _____ C:\Windows\system32\msjetoledb40.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2013-11-16 13:44 - 2009-04-10 23:28 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\modemui.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\iassdo.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\mscandui.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2013-11-16 13:44 - 2009-04-10 23:28 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\iassam.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\wevtutil.exe
2013-11-16 13:44 - 2009-04-10 23:28 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\imapi.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2013-11-16 13:44 - 2009-04-10 23:28 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\msctfui.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mstlsapi.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\msctfp.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\iassvcs.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingProxy.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\mmci.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\l2nacp.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msstrc.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\networkitemfactory.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\msscb.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\whealogr.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\msimtf.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\ifmon.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\uxsms.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\version.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\NcdProp.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\MsCtfMonitor.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\vdmdbg.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\midimap.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mmcico.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2013-11-16 13:44 - 2009-04-10 23:28 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\CHxReadingStringIME.dll
2013-11-16 13:44 - 2009-04-10 23:27 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2013-11-16 13:44 - 2009-04-10 23:27 - 01102848 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2013-11-16 13:44 - 2009-04-10 23:27 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
2013-11-16 13:44 - 2009-04-10 23:27 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2013-11-16 13:44 - 2009-04-10 23:27 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2013-11-16 13:44 - 2009-04-10 23:27 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2013-11-16 13:44 - 2009-04-10 23:27 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe
2013-11-16 13:44 - 2009-04-10 23:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2013-11-16 13:44 - 2009-04-10 23:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-11-16 13:44 - 2009-04-10 23:27 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2013-11-16 13:44 - 2009-04-10 23:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2013-11-16 13:44 - 2009-04-10 23:27 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2013-11-16 13:44 - 2009-04-10 23:27 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\newdev.exe
2013-11-16 13:44 - 2009-04-10 23:27 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2013-11-16 13:44 - 2009-04-10 23:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingWizard.exe
2013-11-16 13:44 - 2009-04-10 23:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\cipher.exe
2013-11-16 13:44 - 2009-04-10 23:27 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2013-11-16 13:44 - 2009-04-10 23:27 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\csrstub.exe
2013-11-16 13:44 - 2009-04-10 23:27 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cbsra.exe
2013-11-16 13:44 - 2009-04-10 23:27 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\bthudtask.exe
2013-11-16 13:44 - 2009-04-10 23:27 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ipconfig.exe
2013-11-16 13:44 - 2009-04-10 23:27 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEject.exe
2013-11-16 13:44 - 2009-04-10 23:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.drv
2013-11-16 13:44 - 2009-04-10 23:23 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2013-11-16 13:44 - 2009-04-10 23:22 - 00883712 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2013-11-16 13:44 - 2009-04-10 23:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2013-11-16 13:44 - 2009-04-10 23:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2013-11-16 13:44 - 2009-04-10 21:46 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2013-11-16 13:44 - 2009-04-10 21:45 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2013-11-16 13:44 - 2009-04-10 21:42 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-11-16 13:44 - 2009-04-10 21:39 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2013-11-16 13:44 - 2009-04-10 21:39 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2013-11-16 13:44 - 2009-04-10 21:38 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2013-11-16 13:44 - 2009-04-10 21:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2013-11-16 13:44 - 2009-04-10 21:27 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2013-11-16 13:44 - 2009-04-10 21:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-11-16 13:44 - 2009-04-10 18:54 - 03662128 _____ C:\Windows\system32\locale.nls
2013-11-16 13:44 - 2009-03-29 21:42 - 00155456 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2013-11-16 13:44 - 2009-03-29 21:42 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2013-11-16 13:44 - 2009-02-18 11:38 - 00619864 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2013-11-16 13:44 - 2009-02-18 11:38 - 00099680 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2013-11-16 13:44 - 2009-02-18 11:38 - 00035168 _____ (Microsoft Corporation) C:\Windows\system32\infocardcpl.cpl
2013-11-16 13:44 - 2009-02-18 11:38 - 00009048 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2013-11-16 13:43 - 2009-04-10 23:33 - 00986600 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-11-16 13:43 - 2009-04-10 23:33 - 00926184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-11-16 13:43 - 2009-04-10 23:33 - 00292840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2013-11-16 13:43 - 2009-04-10 23:32 - 00122344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Storport.sys
2013-11-16 13:43 - 2009-04-10 23:28 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2013-11-16 13:43 - 2009-04-10 23:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 01580544 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 01575936 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2013-11-16 13:43 - 2009-04-10 23:28 - 01533440 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 01382912 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2013-11-16 13:43 - 2009-04-10 23:28 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 01055232 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2013-11-16 13:43 - 2009-04-10 23:28 - 00996352 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00968192 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz2.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00657408 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2013-11-16 13:43 - 2009-04-10 23:28 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe
2013-11-16 13:43 - 2009-04-10 23:28 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00532992 _____ (Microsoft Corporation) C:\Windows\system32\wpcao.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2013-11-16 13:43 - 2009-04-10 23:28 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\WscEapPr.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\wow32.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2013-11-16 13:43 - 2009-04-10 23:28 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\wscntfy.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\WcnNetsh.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-11-16 13:43 - 2009-04-10 23:28 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2013-11-16 13:43 - 2009-04-10 23:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wpcsvc.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\wshext.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\wlgpclnt.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\xmlfilter.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Storprop.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\wsepno.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\winrnr.dll
2013-11-16 13:43 - 2009-04-10 23:28 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wscisvif.dll
2013-11-16 13:43 - 2009-04-10 23:27 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2013-11-16 13:43 - 2009-04-10 23:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-11-16 13:43 - 2009-04-10 21:42 - 00052992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2013-11-16 13:43 - 2009-04-10 21:22 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys
2013-11-16 13:43 - 2009-04-10 18:59 - 00107612 _____ C:\Windows\system32\StructuredQuerySchema.bin
2013-11-16 13:42 - 2009-04-10 23:32 - 00053224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2013-11-16 13:42 - 2009-04-10 23:28 - 02205184 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 01576960 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 01152000 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 01081344 _____ (Microsoft Corporation) C:\Windows\system32\SLCExt.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00777216 _____ (Microsoft Corporation) C:\Windows\system32\slcc.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00582144 _____ (Microsoft Corporation) C:\Windows\system32\SLCommDlg.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\SLUI.exe
2013-11-16 13:42 - 2009-04-10 23:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\thawbrkr.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2013-11-16 13:42 - 2009-04-10 23:28 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\SLC.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2013-11-16 13:42 - 2009-04-10 23:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\sperror.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\SLLUA.exe
2013-11-16 13:42 - 2009-04-10 23:28 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\spoolss.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\softkbd.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2013-11-16 13:42 - 2009-04-10 23:28 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\ulib.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00083456 _____ (Microsoft) C:\Windows\system32\SMBHelperClass.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\slwmi.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\SLUINotify.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\slcinst.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\TSTheme.exe
2013-11-16 13:42 - 2009-04-10 23:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\spcmsg.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2013-11-16 13:42 - 2009-04-10 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\spwinsat.dll
2013-11-16 13:42 - 2009-04-10 23:27 - 03408896 _____ (Microsoft Corporation) C:\Windows\system32\SLsvc.exe
2013-11-16 13:42 - 2009-04-10 23:27 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2013-11-16 13:42 - 2009-04-10 23:27 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2013-11-16 13:42 - 2009-04-10 23:23 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2013-11-16 13:42 - 2009-04-10 21:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2013-11-16 13:42 - 2009-04-10 21:45 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys
2013-11-16 13:42 - 2009-04-10 21:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2013-11-16 13:42 - 2009-04-10 21:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys
2013-11-16 13:42 - 2009-04-10 21:14 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-11-16 13:42 - 2009-04-10 19:52 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys
2013-11-16 13:42 - 2009-03-06 18:11 - 00130008 _____ C:\Windows\system32\systemsf.ebd
2013-11-16 13:42 - 2009-02-19 17:20 - 00009239 _____ C:\Windows\system32\spcinstrumentation.man
2013-11-16 13:42 - 2009-02-18 11:39 - 00092918 _____ C:\Windows\system32\slmgr.vbs
2013-11-16 13:42 - 2009-02-18 11:39 - 00035680 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2013-11-15 15:07 - 2013-11-15 15:07 - 00000000 ____D C:\ProgramData\Panda Security
2013-11-15 14:46 - 2013-11-17 15:17 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-11-15 14:15 - 2013-11-15 14:44 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-11-15 14:04 - 2013-11-15 14:04 - 00000000 ____D C:\Windows\system32\slmgr
2013-11-11 18:11 - 2013-11-11 18:11 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-11 18:11 - 2013-11-11 18:11 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-11 17:45 - 2013-11-12 06:40 - 00196608 _____ C:\Windows\SPInstall.etl
2013-11-11 17:06 - 2013-11-17 13:06 - 00007784 _____ C:\Windows\PFRO.log
2013-11-11 17:01 - 2013-11-11 17:01 - 00000000 ____D C:\Program Files\Panda USB Vaccine
2013-11-11 16:58 - 2013-11-17 11:09 - 00073452 _____ C:\Windows\setupact.log
2013-11-11 16:58 - 2013-11-11 16:58 - 00000000 _____ C:\Windows\setuperr.log
2013-11-11 15:36 - 2013-11-13 14:36 - 00000000 ____D C:\Users\mehdi\Desktop\Neuer Ordner
2013-11-10 14:14 - 2013-11-10 14:14 - 00000000 ____D C:\ProgramData\Licenses
2013-11-10 14:13 - 2013-11-10 14:19 - 00000000 ____D C:\Program Files\SpywareBlaster
2013-11-10 14:03 - 2013-11-10 14:04 - 00000000 ____D C:\Users\mehdi\AppData\Roaming\WinPatrol
2013-11-10 13:56 - 2013-11-10 14:04 - 00000000 ____D C:\ProgramData\InstallMate
2013-11-10 13:56 - 2013-11-10 13:56 - 00000000 ____D C:\Program Files\BillP Studios
2013-11-10 13:36 - 2013-11-10 13:36 - 00000000 ____D C:\Users\mehdi\AppData\Local\Secunia PSI
2013-11-10 11:39 - 2013-11-10 11:39 - 00000000 ___SD C:\uninstall
2013-11-08 11:01 - 2013-11-10 11:42 - 00000000 ____D C:\Windows\ERUNT
2013-11-06 17:46 - 2013-11-10 11:39 - 00000000 ____D C:\Windows\erdnt
2013-11-05 13:46 - 2013-11-05 18:42 - 00000000 ____D C:\Users\mehdi\Documents\My Digital Editions
2013-11-05 13:46 - 2013-11-05 13:46 - 00000000 ____D C:\Users\mehdi\AppData\Local\Adobe_Systems_Incorporate
2013-11-03 17:44 - 2013-11-03 17:44 - 02793472 _____ C:\Users\mehdi\Rezept.wps
2013-11-01 11:54 - 2013-11-01 17:53 - 104569497 _____ C:\Windows\system32\久㈣᭄”
2013-10-31 17:10 - 2013-10-31 17:10 - 104348737 _____ C:\Windows\system32\촀仙᭄ˆ
2013-10-28 18:52 - 2013-10-28 18:52 - 103746026 _____ C:\Windows\system32\访᭄—
2013-10-22 13:33 - 2013-10-23 11:42 - 00000000 ____D C:\Users\mehdi\AppData\Roaming\iPumper
2013-10-20 13:15 - 2013-11-17 15:46 - 01168436 _____ C:\Windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

2013-11-17 16:45 - 2013-11-17 16:44 - 00014875 _____ C:\Users\mehdi\Desktop\FRST.txt
2013-11-17 16:44 - 2013-11-17 16:44 - 00000000 ____D C:\FRST
2013-11-17 16:44 - 2013-11-17 16:43 - 01090935 _____ (Farbar) C:\Users\mehdi\Desktop\FRST.exe
2013-11-17 16:28 - 2012-08-24 12:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-17 16:13 - 2006-11-02 13:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-17 16:13 - 2006-11-02 13:47 - 00003568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-17 15:46 - 2013-10-20 13:15 - 01168436 _____ C:\Windows\WindowsUpdate.log
2013-11-17 15:46 - 2009-03-21 15:09 - 00000000 ____D C:\Program Files\RocketDock
2013-11-17 15:22 - 2006-11-02 11:33 - 01595598 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-17 15:21 - 2012-08-24 12:10 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-11-17 15:21 - 2011-09-29 13:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-11-17 15:21 - 2011-06-21 13:45 - 00048175 _____ C:\ProgramData\nvModes.001
2013-11-17 15:17 - 2013-11-15 14:46 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-11-17 15:17 - 2011-06-21 13:45 - 00048175 _____ C:\ProgramData\nvModes.dat
2013-11-17 15:17 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-17 15:15 - 2008-04-29 20:21 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-11-17 15:15 - 2006-11-02 14:01 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-17 14:53 - 2008-05-02 11:08 - 00036846 _____ C:\Users\mehdi\AppData\Roaming\wklnhst.dat
2013-11-17 14:30 - 2008-04-29 20:31 - 00000000 ____D C:\Program Files\Common Files\Java
2013-11-17 14:29 - 2013-11-17 14:30 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-17 14:29 - 2013-11-17 14:29 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-17 14:29 - 2013-11-17 14:29 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-17 14:29 - 2013-11-17 14:29 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-11-17 13:06 - 2013-11-11 17:06 - 00007784 _____ C:\Windows\PFRO.log
2013-11-17 12:57 - 2006-11-02 12:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-11-17 12:54 - 2013-07-17 02:00 - 00000000 ____D C:\Windows\system32\MRT
2013-11-17 12:52 - 2006-11-02 11:24 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-11-17 12:19 - 2013-11-17 12:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-17 11:59 - 2012-05-06 11:14 - 00000306 __RSH C:\ProgramData\ntuser.pol
2013-11-17 11:58 - 2013-11-17 11:58 - 417333535 _____ C:\Windows\MEMORY.DMP
2013-11-17 11:58 - 2013-11-17 11:58 - 00153640 _____ C:\Windows\Minidump\Mini111713-01.dmp
2013-11-17 11:58 - 2008-06-08 13:25 - 00000000 ____D C:\Windows\Minidump
2013-11-17 11:55 - 2009-02-22 12:44 - 00000000 ____D C:\Users\mehdi\AppData\Roaming\Skype
2013-11-17 11:49 - 2008-05-02 08:38 - 00000000 ____D C:\Users\mehdi
2013-11-17 11:46 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2013-11-17 11:36 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-11-17 11:26 - 2013-11-17 11:26 - 00000000 ___RD C:\Program Files\Skype
2013-11-17 11:26 - 2013-11-17 11:26 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-11-17 11:26 - 2009-02-22 12:44 - 00000000 ____D C:\ProgramData\Skype
2013-11-17 11:19 - 2008-06-22 16:02 - 00000951 _____ C:\Users\mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-17 11:15 - 2006-11-02 13:47 - 00405216 _____ C:\Windows\system32\FNTCACHE.DAT
2013-11-17 11:09 - 2013-11-17 11:09 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-11-17 11:09 - 2013-11-11 16:58 - 00073452 _____ C:\Windows\setupact.log
2013-11-17 11:09 - 2006-11-02 16:31 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2013-11-17 11:09 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ___RD C:\Windows\Offline Web Pages
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\zh-TW
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\zh-HK
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\zh-CN
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\uk-UA
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\tr-TR
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\th-TH
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\sv-SE
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\sl-SI
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\sk-SK
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\ru-RU
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\ro-RO
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\pt-PT
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\pt-BR
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\pl-PL
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\nl-NL
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\nb-NO
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\lv-LV
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\lt-LT
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\ko-KR
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\ja-JP
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\it-IT
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\hu-HU
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\hr-HR
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\he-IL
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\fr-FR
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\fi-FI
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\et-EE
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\el-GR
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\bg-BG
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\ar-SA
2013-11-17 11:09 - 2006-11-02 12:18 - 00000000 ____D C:\Program Files\Common Files\System
2013-11-17 10:49 - 2013-11-17 10:49 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2013-11-17 10:48 - 2013-11-17 10:48 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2013-11-16 16:51 - 2013-11-16 16:46 - 00004461 _____ C:\Windows\IE9_main.log
2013-11-16 16:50 - 2013-11-16 16:50 - 12344832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-16 16:50 - 2013-11-16 16:50 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-16 16:50 - 2013-11-16 16:50 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-16 16:50 - 2013-11-16 16:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-16 16:50 - 2013-11-16 16:50 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-16 16:50 - 2013-11-16 16:50 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-16 16:50 - 2013-11-16 16:50 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-16 16:50 - 2013-11-16 16:50 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-16 16:50 - 2013-11-16 16:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-16 16:50 - 2013-11-16 16:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-16 16:50 - 2013-11-16 16:50 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-16 16:50 - 2013-11-16 16:50 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-16 16:50 - 2013-11-16 16:50 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-16 16:50 - 2013-11-16 16:50 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-16 16:50 - 2006-11-02 07:32 - 00008798 _____ C:\Windows\system32\icrav03.rat
2013-11-16 16:50 - 2006-11-02 07:32 - 00001988 _____ C:\Windows\system32\ticrf.rat
2013-11-16 16:49 - 2013-11-16 16:49 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 01554432 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 01075712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00979456 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2013-11-16 16:49 - 2013-11-16 16:49 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2013-11-16 16:49 - 2013-11-16 16:49 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2013-11-16 16:49 - 2013-11-16 16:49 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2013-11-16 16:48 - 2013-11-16 16:48 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-11-16 16:48 - 2013-11-16 16:48 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-16 16:48 - 2013-11-16 16:48 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-16 16:48 - 2013-11-16 16:48 - 00321024 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2013-11-16 16:48 - 2013-11-16 16:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2013-11-16 16:48 - 2013-11-16 16:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2013-11-16 16:48 - 2013-11-16 16:48 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-11-16 16:45 - 2008-04-29 20:45 - 00000000 ____D C:\Program Files\Microsoft Works
2013-11-16 14:35 - 2008-05-02 08:39 - 00000917 _____ C:\Users\mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2013-11-16 14:22 - 2013-11-16 14:21 - 00000000 ____D C:\Windows\system32\ca-ES
2013-11-16 14:22 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-11-16 14:22 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery
2013-11-16 14:22 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Defender
2013-11-16 14:22 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Calendar
2013-11-16 14:22 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Movie Maker
2013-11-16 14:22 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\IME
2013-11-16 14:21 - 2013-11-16 14:21 - 00000000 ____D C:\Windows\system32\vi-VN
2013-11-16 14:21 - 2013-11-16 14:21 - 00000000 ____D C:\Windows\system32\eu-ES
2013-11-16 14:21 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\SLUI
2013-11-16 14:21 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2013-11-16 14:12 - 2013-11-16 14:12 - 00000000 ____D C:\Windows\system32\SPReview
2013-11-15 15:07 - 2013-11-15 15:07 - 00000000 ____D C:\ProgramData\Panda Security
2013-11-15 14:48 - 2008-05-02 08:39 - 00110456 _____ C:\Users\mehdi\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-15 14:46 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Public
2013-11-15 14:44 - 2013-11-15 14:15 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-11-15 14:04 - 2013-11-15 14:04 - 00000000 ____D C:\Windows\system32\slmgr
2013-11-15 14:04 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\LogFiles
2013-11-13 14:36 - 2013-11-11 15:36 - 00000000 ____D C:\Users\mehdi\Desktop\Neuer Ordner
2013-11-12 06:40 - 2013-11-11 17:45 - 00196608 _____ C:\Windows\SPInstall.etl
2013-11-11 18:11 - 2013-11-11 18:11 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-11 18:11 - 2013-11-11 18:11 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-11 17:01 - 2013-11-11 17:01 - 00000000 ____D C:\Program Files\Panda USB Vaccine
2013-11-11 16:58 - 2013-11-11 16:58 - 00000000 _____ C:\Windows\setuperr.log
2013-11-10 14:19 - 2013-11-10 14:13 - 00000000 ____D C:\Program Files\SpywareBlaster
2013-11-10 14:14 - 2013-11-10 14:14 - 00000000 ____D C:\ProgramData\Licenses
2013-11-10 14:04 - 2013-11-10 14:03 - 00000000 ____D C:\Users\mehdi\AppData\Roaming\WinPatrol
2013-11-10 14:04 - 2013-11-10 13:56 - 00000000 ____D C:\ProgramData\InstallMate
2013-11-10 13:56 - 2013-11-10 13:56 - 00000000 ____D C:\Program Files\BillP Studios
2013-11-10 13:36 - 2013-11-10 13:36 - 00000000 ____D C:\Users\mehdi\AppData\Local\Secunia PSI
2013-11-10 11:42 - 2013-11-08 11:01 - 00000000 ____D C:\Windows\ERUNT
2013-11-10 11:39 - 2013-11-10 11:39 - 00000000 ___SD C:\uninstall
2013-11-10 11:39 - 2013-11-06 17:46 - 00000000 ____D C:\Windows\erdnt
2013-11-08 10:52 - 2009-04-26 13:03 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-11-07 13:16 - 2009-11-05 14:14 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-06 19:53 - 2011-07-15 19:37 - 00000000 ____D C:\Users\mehdi\AppData\Local\Apps\2.0
2013-11-06 19:52 - 2006-11-02 12:18 - 00000000 __RHD C:\Users\Default
2013-11-06 18:07 - 2006-11-02 11:23 - 00000215 _____ C:\Windows\system.ini
2013-11-06 17:58 - 2011-05-22 11:21 - 00000000 ____D C:\Install
2013-11-05 19:21 - 2008-04-29 20:41 - 00000000 ____D C:\Program Files\Google
2013-11-05 18:46 - 2008-05-02 08:39 - 00000000 ____D C:\Users\mehdi\AppData\Local\Google
2013-11-05 18:42 - 2013-11-05 13:46 - 00000000 ____D C:\Users\mehdi\Documents\My Digital Editions
2013-11-05 16:54 - 2012-01-27 13:26 - 00000000 ____D C:\Users\mehdi\Documents\Zeitschriften und Bücher
2013-11-05 16:43 - 2008-05-02 14:52 - 00208896 _____ C:\Users\mehdi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-05 13:53 - 2013-06-17 11:31 - 00018432 _____ C:\Users\mehdi\Foren.wps
2013-11-05 13:46 - 2013-11-05 13:46 - 00000000 ____D C:\Users\mehdi\AppData\Local\Adobe_Systems_Incorporate
2013-11-05 13:46 - 2013-02-01 15:44 - 00000000 ____D C:\Program Files\Adobe
2013-11-03 17:44 - 2013-11-03 17:44 - 02793472 _____ C:\Users\mehdi\Rezept.wps
2013-11-02 18:56 - 2009-02-12 18:27 - 00000000 ____D C:\Users\mehdi\AppData\Roaming\vlc
2013-11-02 10:25 - 2008-05-02 11:09 - 00000000 ____D C:\Users\mehdi\Documents\Schriftverkehr
2013-11-01 17:53 - 2013-11-01 11:54 - 104569497 _____ C:\Windows\system32\久㈣᭄”
2013-10-31 17:10 - 2013-10-31 17:10 - 104348737 _____ C:\Windows\system32\촀仙᭄ˆ
2013-10-31 11:30 - 2012-05-05 10:46 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-28 18:52 - 2013-10-28 18:52 - 103746026 _____ C:\Windows\system32\访᭄—
2013-10-26 10:27 - 2008-05-07 20:26 - 00008484 _____ C:\Users\mehdi\AppData\Local\d3d9caps.dat
2013-10-25 15:45 - 2012-12-29 18:40 - 00018944 _____ C:\Users\mehdi\Gebrannte DVDs.wps
2013-10-23 11:42 - 2013-10-22 13:33 - 00000000 ____D C:\Users\mehdi\AppData\Roaming\iPumper
2013-10-18 17:22 - 2010-08-28 10:56 - 00000000 ____D C:\Users\mehdi\Documents\Küche

Some content of TEMP:
====================
C:\Users\mehdi\AppData\Local\temp\jre-7u45-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-17 15:31

==================== End Of Log ============================
und das Addition log:

Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-11-2013 02
Ran by mehdi at 2013-11-17 16:46:24
Running from C:\Users\mehdi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

32 Bit HP CIO Components Installer (Version: 1.0.0)
7-Zip 9.20
Adobe Digital Editions 2.0 (Version: 2.0)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.152)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader X (10.1.8) - Deutsch (Version: 10.1.8)
Advanced Audio FX Engine
Advanced Video FX Engine
AIO_Scan (Version: 90.0.189.000)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Ashampoo Burning Studio 2010 (Version: 9.21)
Bonjour (Version: 3.0.0.10)
Broadcom Management Programs (Version: 10.15.03)
Browser Address Error Redirector (Version: 1.00.0000)
BufferChm (Version: 90.0.146.000)
C4380 (Version: 90.0.189.000)
C4380_doccd (Version: 90.0.189.000)
C4380_Help (Version: 90.0.189.000)
CCleaner (Version: 2.33)
Conexant HDA D330 MDC V.92 Modem
Copy (Version: 90.0.146.000)
CustomerResearchQFolder (Version: 1.00.0000)
DAEMON Tools Lite (Version: 4.46.1.0327)
Dell Driver Download Manager (HKCU Version: 2.1.0.0)
Dell Handbuch zum Einstieg (Version: 1.00.0000)
Dell Support Center (Version: 2.1.08060)
Dell Touchpad (Version: 7.1.102.7)
Dell Webcam Center
Dell Webcam Manager
Destination Component (Version: 090.000.091.086)
DeviceDiscovery (Version: 90.0.146.000)
DeviceManagementQFolder (Version: 1.00.0000)
Die ersten 10 Jahre (Version: 1.00.0000)
Digital Line Detect (Version: 1.21)
DocProc (Version: 9.0.0.0)
DocProcQFolder (Version: 1.00.0000)
DVD-Cover 1.5
eSupportQFolder (Version: 1.00.0000)
Fax (Version: 90.0.146.000)
FotoSketcher 2.00
Free Audio Converter version 5.0.26.622 (Version: 5.0.26.622)
Free Studio version 4.8
Google Earth (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.165)
HD Tune 2.55
HP Customer Participation Program 9.0 (Version: 9.0)
HP Imaging Device Functions 9.0 (Version: 9.0)
HP OCR Software 9.0 (Version: 9.0)
HP Photosmart All-In-One Software 9.0 (Version: 9.0)
HP Photosmart Essential 2.01 (Version: 2.01)
HP Photosmart Essential2.01 (Version: 1.01.0000)
HP Smart Web Printing (Version: 2.15.7.0)
HP Solution Center 9.0 (Version: 9.0)
HP Update (Version: 4.000.006.002)
HPProductAssistant (Version: 90.0.146.000)
HPSSupply (Version: 2.2.0.0000)
ImagXpress (Version: 7.0.74.0)
Intel(R) PROSet/Wireless Software (Version: 11.01.0000)
IrfanView (remove only) (Version: 4.36)
iTunes (Version: 11.1.1.11)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Java(TM) 6 Update 24 (Version: 6.0.240)
Java(TM) SE Runtime Environment 6 (Version: 1.6.0.0)
Laptop Integrated Webcam Driver (1.04.01.1011) 
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 90.0.146.000)
mCore (Version: 9.24.0000)
mHelp (Version: 9.24.0000)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Office Excel Viewer (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Small Business Edition 2003 (Version: 11.0.8173.0)
Microsoft PowerPoint Viewer (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
mMHouse (Version: 9.24.0000)
Modem-Diagnose-Tool (Version: 1.0.20.0)
Mozilla Firefox 17.0.11 (x86 de) (Version: 17.0.11)
Mozilla Maintenance Service (Version: 17.0.10)
mPfMgr (Version: 9.24.0000)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
mWMI (Version: 9.24.0000)
neroxml (Version: 1.0.0)
NetWaiting (Version: 2.5.44)
NetWorx 5.2.7
NVIDIA Drivers (Version: 1.3)
OpenAL
Panda USB Vaccine 1.0.1.4
PanoStandAlone (Version: 90.0.146.000)
PHOTOfunSTUDIO 5.1 HD Edition (Version: 5.01.127)
Picasa 3 (Version: 3.9)
PS_AIO_02_ProductContext (Version: 90.0.189.000)
PS_AIO_02_Software (Version: 90.0.189.000)
PS_AIO_02_Software_min (Version: 90.0.189.000)
PSSWCORE (Version: 2.01.0000)
QuickSet (Version: 8.0.11)
QuickTime (Version: 7.74.80.86)
RealDownloader (Version: 1.3.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
RealUpgrade 1.1 (Version: 1.1.0)
RocketDock 1.3.5
Scan (Version: 9.0.0.0)
Skype™ 5.10 (Version: 5.10.116)
SolutionCenter (Version: 90.0.146.000)
SpywareBlaster 5.0 (Version: 5.0.0)
Status (Version: 90.0.146.000)
Systemsteuerung "MobileMe" (Version: 2.1.0.24)
Toolbox (Version: 90.0.146.000)
TrayApp (Version: 90.0.146.000)
TxtEdit (Version: TxtEdit 4.5.2.0)
Uninstall 1.0.0.1
UnloadSupport (Version: 9.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
VideoToolkit01 (Version: 90.0.146.000)
VLC media player 2.1.0 (Version: 2.1.0)
WebReg (Version: 90.0.146.000)
WIDCOMM Bluetooth Software 6.0.1.3100 (Version: 6.0.1.3100)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinPatrol (Version: 29.0.2013)
XMedia Recode 2.3.2.9 (Version: 2.3.2.9)

==================== Restore Points  =========================

11-11-2013 16:26:55 Windows Update
14-11-2013 18:06:39 Geplanter Prüfpunkt
16-11-2013 12:40:49 Windows Vista™ Service Pack 2
16-11-2013 13:41:08 Windows Update
16-11-2013 13:45:06 Windows Update
16-11-2013 15:03:59 Windows Update
17-11-2013 10:21:21 Windows Update
17-11-2013 11:51:27 Windows Update
17-11-2013 13:26:40 Installed Java 7 Update 45
17-11-2013 14:31:49 Windows Update

==================== Hosts content: ==========================

2013-11-13 12:06 - 2013-11-13 12:06 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1650DE5D-4151-4C81-8F05-7CAAC3290EA0} - System32\Tasks\Escolade => C:\Users\mehdi\AppData\Roaming\iPumper\Updater.exe
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {22098C17-98E2-47A4-A396-466A278FE7A9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-17] (Adobe Systems Incorporated)
Task: {26892801-FE26-41C3-9F05-8A8E738010BD} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1649996617-3486868627-2645123033-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {42D2424C-988C-4BBF-8597-FF67A1358D45} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {58DB235B-0623-4897-A10E-1209D93DB6ED} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1649996617-3486868627-2645123033-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {873C341C-A611-472D-9601-591136CB209B} - System32\Tasks\Flash Player Helper 9 => C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
Task: {8E128933-95B9-4D01-AF5B-1CB400B3EDBF} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1649996617-3486868627-2645123033-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {A8212E06-FBC0-453F-8AAE-ED114BAB5DF2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => C:\Program Files\Windows Defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {B20B937A-0606-4B45-A420-705783894E90} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [2007-03-11] (Hewlett-Packard Co.)
Task: {B7FDEDAA-0864-437E-92BD-CE1DC74E5730} - System32\Tasks\Dell Support Center => C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2008-03-11] ( )
Task: {D583B7FE-B1A3-43B9-B922-24534EA3D49E} - System32\Tasks\PandaUSBVaccine => C:\Program Files\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {DBB444C1-F5E4-4D17-9665-E5EF65D4F692} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1649996617-3486868627-2645123033-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {E0D465AA-1632-4EEB-8E3E-D9C4A2A51CF5} - System32\Tasks\Java Update Scheduler => C:\Program Files\Java\jre6\bin\jusched.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {F0A6DCF0-A6EF-412D-B337-7BC9127D8E56} - System32\Tasks\Real Networks Scheduler => C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Task: {F7835811-B636-45B4-B4FB-8E8B3096F4AA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-11-17 15:45 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files\RocketDock\RocketDock.dll
2013-05-10 16:49 - 2011-09-17 10:48 - 00480256 _____ () C:\Program Files\NetWorx\sqlite.dll
2013-11-10 13:56 - 2013-07-15 18:29 - 00620718 _____ () C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: Microsoft-ISATAP-Adapter #4
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (11/17/2013 03:41:10 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung PSIA.exe, Version 3.0.0.9015, Zeitstempel 0x5277789f, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18881, Zeitstempel 0x51da3e27, Ausnahmecode 0xc0000005, Fehleroffset 0x00067450,
Prozess-ID 0xa6c, Anwendungsstartzeit PSIA.exe0.

Error: (11/17/2013 03:20:44 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/17/2013 03:20:44 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/17/2013 01:10:54 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/17/2013 01:10:54 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/17/2013 00:46:09 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/17/2013 11:23:02 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/17/2013 11:08:44 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (11/17/2013 11:06:47 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (11/17/2013 10:50:17 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.


System errors:
=============
Error: (11/17/2013 03:23:44 PM) (Source: Service Control Manager) (User: )
Description: Google Update Service (gupdate1c9f579372d2820)%%3

Error: (11/17/2013 03:17:13 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue0.0.0.0:4482

Error: (11/17/2013 03:14:24 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Display Driver Service1

Error: (11/17/2013 02:27:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: 0x80070643Definitionsupdate für Microsoft Security Essentials – KB2310138 (Definition 1.161.2327.0){302EE648-1EE0-4EEB-9F63-81330B537328}201

Error: (11/17/2013 02:24:50 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %D9XTDN3J60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 0.0.0.0

        Aktualisierungsquelle: %D9XTDN3J51

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %D9XTDN3J602

        Aktualisierungstyp: %D9XTDN3J604

        Benutzer: D9XTDN3J\mehdi

        Aktuelle Modulversion: %D9XTDN3J605

        Vorherige Modulversion: %D9XTDN3J606

        Fehlercode: %D9XTDN3J607

        Fehlerbeschreibung: %D9XTDN3J608

Error: (11/17/2013 02:24:49 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren des Moduls wurde von %D9XTDN3J60 ein Fehler festgestellt.

        Neue Modulversion:

        Vorherige Modulversion:

        Modultyp: %D9XTDN3J604

        Benutzer: D9XTDN3J\mehdi

        Fehlercode: %D9XTDN3J601

        Fehlerbeschreibung: %D9XTDN3J602

Error: (11/17/2013 02:24:49 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %D9XTDN3J60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion:

        Aktualisierungsquelle: %D9XTDN3J15

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %D9XTDN3J602

        Aktualisierungstyp: %D9XTDN3J604

        Benutzer: D9XTDN3J\mehdi

        Aktuelle Modulversion: %D9XTDN3J605

        Vorherige Modulversion: %D9XTDN3J606

        Fehlercode: %D9XTDN3J607

        Fehlerbeschreibung: %D9XTDN3J608

Error: (11/17/2013 02:24:20 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.161.2327.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (11/17/2013 02:24:18 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren des Moduls wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Modulversion:

        Vorherige Modulversion:

        Modultyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Fehlercode: %NT-AUTORITÄT601

        Fehlerbeschreibung: %NT-AUTORITÄT602

Error: (11/17/2013 02:24:18 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion:

        Aktualisierungsquelle: %NT-AUTORITÄT15

        Aktualisierungsphase: 4.4.0304.00

        Quellpfad: 4.4.0304.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608


Microsoft Office Sessions:
=========================
Error: (11/17/2013 03:41:10 PM) (Source: Application Error)(User: )
Description: PSIA.exe3.0.0.90155277789fntdll.dll6.0.6002.1888151da3e27c000000500067450a6c01cee39fb88bab36

Error: (11/17/2013 03:20:44 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (11/17/2013 03:20:44 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (11/17/2013 01:10:54 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (11/17/2013 01:10:54 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (11/17/2013 00:46:09 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (11/17/2013 11:23:02 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (11/17/2013 11:08:44 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (11/17/2013 11:06:47 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (11/17/2013 10:50:17 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.


CodeIntegrity Errors:
===================================
  Date: 2013-11-16 13:40:35.307
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-16 13:40:35.151
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-16 13:40:35.011
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-16 13:40:34.855
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-16 13:40:34.699
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-14 13:58:59.736
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-14 13:58:59.580
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-14 13:58:59.424
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-14 13:58:59.284
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-11-14 13:57:50.711
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 38%
Total physical RAM: 3581.12 MB
Available physical RAM: 2218.23 MB
Total Pagefile: 7347.97 MB
Available Pagefile: 6152.86 MB
Total Virtual: 2047.88 MB
Available Virtual: 1904.45 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:285.47 GB) (Free:108.66 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (2. Laufwerk) (Fixed) (Total:10 GB) (Free:5.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 38000000)
Partition 1: (Not Active) - (Size=118 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=285 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3 GB) - (Type=OF Extended)

==================== End Of Log ============================

Keine Ahnung, wieso das 1. sooo lang war.

So, an die Arbeit mit Dir, :zzwhip:, der 1. Advent naht und ich brauche meinen Laptop in Topform http://www.cosgan.de/images/smilie/frech/g010.gif .

LG, Martina


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:55 Uhr.
Seite 2 von 3 1 2 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131