Seite 2 von 2 ErsteErste 12
Ergebnis 11 bis 14 von 14
  1. 16.09.2012, 20:53 #11
    kira
    kira ist offline
    Moderator Avatar von kira
    Registriert seit
    04.02.2012
    Ort
    Wien
    Beiträge
    8.619
    1.
    Deinstalliere unter Systemsteuerung-> Software/Programme:
    Code:
    Ask Toolbar <- Adware !!
    Leider oft tragen sich "ungebetene Gäste direkt in die Suchleiste, Startseite und unter Erweiterungen ein" und sie können schon wirklich lästig sein... meistens aus Unwissenheit oder Ignoranz wird mitinstalliert, manche davon gehört sogar zur gefährlichsten Art der Adware , oder auch zum eine "Foistware-Gruppe".

    Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte.
    Bei Installation bitte die Lizenzbestimmungen immer lesen, und nicht sofort überall den Haken setzen bzw gesetzten Haken belassen, weil damit stimmt man nämlich zu, dass andere "Fremdprogramm", oder sogar Adware (Werbe-Pop-ups) durch Partnerprogrammen, Sponsoren etc - mitinstalliert wird, weil sich Freeware damit finanziert.
    In diese Kategorie gehören noch einige, wie z.B: -> Unerwünschte Toolbars
    Daher ist es ratsam, nach jeder Installation in alle installierten Browser zu kontrollieren, ob:
    die aktuelle Webseite als Startseite unter die Lupe nehmen
    unter Extras -> Erweiterungen nach ungewollte AddOns/PlugIns, Toolbars schauen
    In der Liste Zurzeit installierte Programme (unter Systemsteuerung) nachsehen, ob sich so etwas "ungewoltes" (Programm, Toolbar etc) eingenistet hat!
    2.
    Fixen mit OTL

    Hiermit fixen wir unnötige oder schädliche Einträge.- bitte alle Fenster schließen!

    Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).
    • ► den Rechner vom Internet-Zugang trennen während OTL läuft! danach verbinden!
    • Starte die OTL.exe.
      Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
    • Kopiere folgendes Skript (beginnend :OTL bis zur letzten Zeile [emptytemp] (ohne "code"!) in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:




    Sollten in den Logfiles Benutzernamen anonymisiert worden sein:
    Daran denken, wieder den ursprünglichen Benutzernamen einzufügen!

    Code:
    :OTL
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=10148&l=dis&tb=AVR-3
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {658951EB-968F-4FD7-9EB4-6256B62C78D3}
IE - HKCU\..\SearchScopes\{658951EB-968F-4FD7-9EB4-6256B62C78D3}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=9M&apn_dtid=%5E&apn_uid=2F9519C6-A73A-4826-9B48-96C84A5CD8CD&apn_sauid=1FF05020-DFA1-4E91-A0E9-485A27D3D704
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
[2012.09.15 22:23:06 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\toolbar@ask.com
[2012.09.12 09:49:49 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)

:Files
C:\Users\andre\AppData\Local\AskToolbar
C:\Program Files\Ask.com
ipconfig /flushdns /c

:Commands
[purity]
[emptytemp]
    • Schließe alle Programme ink. z. B. Verhaltensüberwachung von Antivirus-Programmen.
    • Klicke auf den Fix Button.
    • Wenn OTL einen Neustart verlangt, bitte zulassen.
    • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
      Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>


    Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
    Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

    3.
    Alle Programme/Fenster schließen
    Öffne CCleaner - Anleitung CCleaner
    • "Cleaner"->"Analysieren"-> Klick auf den Button "Start CCleaner"
    • "Registry""Fehler suchen"-> "Fehler beheben"->"Alle beheben"
    • Starte dein System neu auf


    4.
    Vorbereitung

    • Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
    • Bitte während der Online-Scans deaktivieren:
      Anti-Virus-Programm und Firewall.
    • Internet Explorer starten => im Menü unter Extras => Internetoption => Datenschutz => den Haken bei "Popupblocker einschalten" entfernen und
    • unter dem Reiter "Sicherheit" => die Sicherheitsstufe ggfs. auf "Mittelhoch" herabsetzen.
      Nicht vergessen, sie hinterher wieder einzuschalten bzw. die Internetoptionen wie zuvor einzustellen..
    • Während der Online-Scans auf andere Online-Aktivitäten verzichten.
    • Du musst das Herunterladen und Installieren von ActiveX-Steuerelementen (Controls) zulassen.


    • .


    Den PC NUR online scannen und NICHT ein zweites Antivirenprogramm installieren!!!

    • Eset Online Scanner (NOD32)
      • Unterstützte Betriebssysteme: Microsoft Windows 7 - Vista - XP - 2000 - NT.
      • Anmerkung für Vista und Windows 7-User: Bitte den Browser unbedingt als Administrator starten.
      • Dein Anti-Virus-Programm während des Scans deaktivieren.
      • Button "ESET Online Scanner" drücken.
      • IE-User müssen das Installieren eines ActiveX Elements erlauben.
      • Einen Haken bei "YES, I accept the Terms of Use." machen und auf den Button "Start" drücken.
      • Einen Haken bei "Remove found threads" und "Scan archives" machen.
      • Start drücken.
      • Signaturen werden heruntergeladen.
      • Der Scan beginnt automatisch.
      • Wenn fertig, das Protokoll speichern und mir posten.
        -> List of found threats
        -> Export to text file
        -> Back
        -> Delete quarantäne files
      • Finish drücken.
      • Browser schließen.
      • Deinstallation nachdem das Protokoll mir gepostet hast: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
      • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


    7.
    erneut einen Scan mit OTL: - ältere Logdateien löschen!
    • Doppelklick auf die OTL.exe
    • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
    • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
    • Unter Extra Registry, wähle bitte Use SafeList
    • Mache Häckchen bei LOP- und Purity-Prüfung.
    • Klicke nun auf Run Scan links oben
    • Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und extra.txt
    • Poste die Logfiles in Code-Tags hier in den Thread.

    ** Die Logs von OTL meistens sind zu lang, kannst auch als Textdatei anhängen (auf "Erweitert") klicken

    berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

    Warnung!:
    Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
    Anhang nicht öffnen, in unserem Forum erst nachfragen!
    Bitte diese Warnung weitergeben, wo Du nur kannst!
    Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
  2. 17.09.2012, 12:25 #12
    a_w
    a_w ist offline
    Einsteiger
    Registriert seit
    12.09.2012
    Beiträge
    7
    Hallo

    1. Erledigt!

    2.
    Code:
    All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{658951EB-968F-4FD7-9EB4-6256B62C78D3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{658951EB-968F-4FD7-9EB4-6256B62C78D3}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Folder C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\toolbar@ask.com\ not found.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\lavasoft_search_plugin\tests folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\lavasoft_search_plugin\lib folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\lavasoft_search_plugin\data folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\lavasoft_search_plugin folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\api-utils\lib\windows folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\api-utils\lib\utils folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\api-utils\lib\traits folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\api-utils\lib\tabs folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\api-utils\lib\events folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\api-utils\lib\dom folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\api-utils\lib\content folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\api-utils\lib folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\api-utils\data folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\api-utils folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\addon-kit\lib folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\addon-kit\data folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources\addon-kit folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\resources folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\locale folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\defaults\preferences folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack\defaults folder moved successfully.
C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater not found.
File C:\Program Files\Ask.com\Updater\Updater.exe not found.
========== FILES ==========
File\Folder C:\Users\andre\AppData\Local\AskToolbar not found.
File\Folder C:\Program Files\Ask.com not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\andre\Desktop\cmd.bat deleted successfully.
C:\Users\andre\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: andre
->Temp folder emptied: 31428534 bytes
->Temporary Internet Files folder emptied: 3967616 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 102092347 bytes
->Flash cache emptied: 1410 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5630615 bytes
RecycleBin emptied: 465134 bytes
 
Total Files Cleaned = 137,00 mb
 
 
OTL by OldTimer - Version 3.2.61.3 log created on 09172012_122915

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
    3. Erledigt !

    4. Scan hat keine Bedrohungen gefunden. Gab nichts zum Speichern.

    7.
    OTL.txt
    Code:
    OTL logfile created on: 17.09.2012 13:19:05 - Run 4
OTL by OldTimer - Version 3.2.61.3     Folder = C:\Users\andre\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,13 Gb Available Physical Memory | 70,97% Memory free
6,00 Gb Paging File | 4,88 Gb Available in Paging File | 81,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 83,01 Gb Total Space | 65,53 Gb Free Space | 78,95% Space Free | Partition Type: NTFS
Drive D: | 382,75 Gb Total Space | 365,48 Gb Free Space | 95,49% Space Free | Partition Type: NTFS
 
Computer Name: ANDRE-PC | User Name: andre | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\andre\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ca2eff60beb3ba00a529a2d42dceca22\UIAutomationProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (SBRE) -- C:\Windows\system32\drivers\SBREdrv.sys File not found
DRV - (MEMSWEEP2) -- C:\Windows\system32\C31F.tmp File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (Advanced Micro Devices)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (amdiox86) -- C:\Windows\System32\drivers\amdiox86.sys (Advanced Micro Devices)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 D4 47 4C C0 94 CD 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.14 19:42:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012.09.12 09:43:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\andre\AppData\Roaming\mozilla\Extensions
[2012.09.17 12:25:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\andre\AppData\Roaming\mozilla\Firefox\Profiles\1yi1iwep.default\extensions
[2012.09.15 22:24:24 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\andre\AppData\Roaming\mozilla\firefox\profiles\1yi1iwep.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2012.09.12 09:43:16 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.06 03:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.09.06 04:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.06 04:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.102.158 80.69.100.102
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C6B514AC-98AA-4C6E-B5A5-9278B81AB0B7}: DhcpNameServer = 80.69.102.158 80.69.100.102
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.17 12:40:05 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.09.17 12:19:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012.09.16 20:06:58 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2012.09.16 20:06:50 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012.09.16 20:06:50 | 000,187,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012.09.16 11:50:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012.09.16 11:49:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012.09.16 11:48:08 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012.09.16 11:48:08 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2012.09.15 22:51:45 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2012.09.15 22:51:45 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2012.09.15 22:51:42 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.09.15 22:51:42 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2012.09.15 22:51:42 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2012.09.15 22:51:40 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012.09.15 22:51:40 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2012.09.15 22:51:39 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2012.09.15 22:51:39 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2012.09.15 22:51:38 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2012.09.15 22:51:37 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2012.09.15 22:51:36 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012.09.15 22:51:35 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2012.09.15 22:51:35 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2012.09.15 22:51:33 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2012.09.15 22:51:33 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2012.09.15 22:51:32 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2012.09.15 22:51:31 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2012.09.15 22:51:29 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012.09.15 22:51:28 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2012.09.15 22:51:27 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2012.09.15 22:51:26 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2012.09.15 22:51:26 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2012.09.15 22:51:26 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2012.09.15 22:51:25 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2012.09.15 22:51:24 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2012.09.15 22:51:24 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2012.09.15 22:51:24 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2012.09.15 22:51:23 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2012.09.15 22:51:23 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsmf.dll
[2012.09.15 22:51:22 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2012.09.15 22:51:21 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2012.09.15 22:51:20 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2012.09.15 22:51:20 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\System32\DShowRdpFilter.dll
[2012.09.15 22:51:19 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2012.09.15 22:51:19 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2012.09.15 22:51:19 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll
[2012.09.15 22:51:19 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2012.09.15 22:51:19 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2012.09.15 22:51:19 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2012.09.15 22:51:18 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2012.09.15 22:51:18 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2012.09.15 22:51:18 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2012.09.15 22:51:17 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2012.09.15 22:51:17 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012.09.15 22:51:17 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll
[2012.09.15 22:51:17 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2012.09.15 22:51:16 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2012.09.15 22:51:16 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2012.09.15 22:51:16 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2012.09.15 22:51:15 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012.09.15 22:51:15 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2012.09.15 22:51:14 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
[2012.09.15 22:51:14 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2012.09.15 22:51:14 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2012.09.15 22:51:13 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2012.09.15 22:51:13 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2012.09.15 22:51:13 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2012.09.15 22:51:13 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012.09.15 22:51:13 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2012.09.15 22:51:12 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2012.09.15 22:51:12 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2012.09.15 22:51:12 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2012.09.15 22:51:11 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2012.09.15 22:51:11 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2012.09.15 22:51:11 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2012.09.15 22:51:11 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2012.09.15 22:51:11 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnike.dll
[2012.09.15 22:51:10 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll
[2012.09.15 22:51:09 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2012.09.15 22:51:09 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2012.09.15 22:51:09 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2012.09.15 22:51:09 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2012.09.15 22:51:09 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2012.09.15 22:51:09 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prncache.dll
[2012.09.15 22:51:08 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2012.09.15 22:51:08 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2012.09.15 22:51:08 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2012.09.15 22:51:08 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe
[2012.09.15 22:51:07 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2012.09.15 22:51:07 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2012.09.15 22:51:07 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2012.09.15 22:51:07 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2012.09.15 22:51:07 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2012.09.15 22:51:07 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2012.09.15 22:51:06 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2012.09.15 22:51:06 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2012.09.15 22:51:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012.09.15 22:51:05 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2012.09.15 22:51:05 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2012.09.15 22:51:05 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2012.09.15 22:51:05 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2012.09.15 22:51:05 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2012.09.15 22:51:04 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2012.09.15 22:51:03 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2012.09.15 22:51:03 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXPTaskRingtone.dll
[2012.09.15 22:51:03 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2012.09.15 22:51:03 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2012.09.15 22:51:02 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2012.09.15 22:51:02 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2012.09.15 22:51:01 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2012.09.15 22:51:01 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vaultsvc.dll
[2012.09.15 22:51:01 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2012.09.15 22:51:01 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2012.09.15 22:51:00 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootres.dll
[2012.09.15 22:51:00 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
[2012.09.15 22:51:00 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2012.09.15 22:51:00 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2012.09.15 22:51:00 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2012.09.15 22:51:00 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2012.09.15 22:51:00 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2012.09.15 22:51:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2012.09.15 22:50:59 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2012.09.15 22:50:59 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2012.09.15 22:50:59 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2012.09.15 22:50:59 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2012.09.15 22:50:59 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2012.09.15 22:50:59 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2012.09.15 22:50:59 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2012.09.15 22:50:59 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2012.09.15 22:50:59 | 000,035,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winusb.sys
[2012.09.15 22:50:58 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2012.09.15 22:50:58 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2012.09.15 22:50:58 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2012.09.15 22:50:58 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2012.09.15 22:50:58 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2012.09.15 22:50:58 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2012.09.15 22:50:57 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2012.09.15 22:50:57 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
[2012.09.15 22:50:57 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2012.09.15 22:50:57 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2012.09.15 22:50:56 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2012.09.15 22:50:56 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vault.dll
[2012.09.15 22:50:56 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2012.09.15 22:50:56 | 000,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2012.09.15 22:50:56 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2012.09.15 22:50:55 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DxpTaskSync.dll
[2012.09.15 22:50:55 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2012.09.15 22:50:55 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2012.09.15 22:50:55 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2012.09.15 22:50:54 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2012.09.15 22:50:54 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2012.09.15 22:50:54 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2012.09.15 22:50:54 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll
[2012.09.15 22:50:54 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012.09.15 22:50:54 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
[2012.09.15 22:50:53 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DiagCpl.dll
[2012.09.15 22:50:53 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2012.09.15 22:50:53 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2012.09.15 22:50:53 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2012.09.15 22:50:53 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2012.09.15 22:50:53 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll
[2012.09.15 22:50:52 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SensorsCpl.dll
[2012.09.15 22:50:52 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2012.09.15 22:50:52 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.dll
[2012.09.15 22:50:52 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biocpl.dll
[2012.09.15 22:50:52 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2012.09.15 22:50:52 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2012.09.15 22:50:52 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppcomapi.dll
[2012.09.15 22:50:52 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2012.09.15 22:50:51 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2012.09.15 22:50:51 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2012.09.15 22:50:51 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
[2012.09.15 22:50:51 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2012.09.15 22:50:51 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscmmc.dll
[2012.09.15 22:50:50 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2012.09.15 22:50:50 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2012.09.15 22:50:50 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2012.09.15 22:50:50 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2012.09.15 22:50:50 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2012.09.15 22:50:50 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2012.09.15 22:50:50 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2012.09.15 22:50:49 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2012.09.15 22:50:49 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2012.09.15 22:50:49 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2012.09.15 22:50:49 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2012.09.15 22:50:49 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2012.09.15 22:50:49 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2012.09.15 22:50:49 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2012.09.15 22:50:49 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2012.09.15 22:50:49 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2012.09.15 22:50:49 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2012.09.15 22:50:49 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2012.09.15 22:50:48 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2012.09.15 22:50:48 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2012.09.15 22:50:48 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2012.09.15 22:50:48 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2012.09.15 22:50:48 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2012.09.15 22:50:47 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2012.09.15 22:50:47 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\main.cpl
[2012.09.15 22:50:47 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2012.09.15 22:50:47 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2012.09.15 22:50:47 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netjoin.dll
[2012.09.15 22:50:46 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbda.dll
[2012.09.15 22:50:46 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
[2012.09.15 22:50:46 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2012.09.15 22:50:46 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2012.09.15 22:50:46 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCEWMDRMNDBootstrap.dll
[2012.09.15 22:50:46 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OnLineIDCpl.dll
[2012.09.15 22:50:45 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2012.09.15 22:50:45 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2012.09.15 22:50:45 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
[2012.09.15 22:50:45 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2012.09.15 22:50:45 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskbarcpl.dll
[2012.09.15 22:50:44 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2012.09.15 22:50:44 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2012.09.15 22:50:44 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2012.09.15 22:50:44 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2012.09.15 22:50:44 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2012.09.15 22:50:44 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2012.09.15 22:50:44 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\defaultlocationcpl.dll
[2012.09.15 22:50:44 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2012.09.15 22:50:44 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2012.09.15 22:50:44 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2012.09.15 22:50:44 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2012.09.15 22:50:44 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2012.09.15 22:50:44 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2012.09.15 22:50:44 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2012.09.15 22:50:44 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sisbkup.dll
[2012.09.15 22:50:43 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdcpl.dll
[2012.09.15 22:50:43 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2012.09.15 22:50:43 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenterCPL.dll
[2012.09.15 22:50:43 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll
[2012.09.15 22:50:43 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2012.09.15 22:50:43 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efscore.dll
[2012.09.15 22:50:43 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2012.09.15 22:50:43 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recovery.dll
[2012.09.15 22:50:43 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2012.09.15 22:50:42 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll
[2012.09.15 22:50:42 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2012.09.15 22:50:42 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2012.09.15 22:50:42 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2012.09.15 22:50:42 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2012.09.15 22:50:42 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2012.09.15 22:50:42 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2012.09.15 22:50:42 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2012.09.15 22:50:42 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2012.09.15 22:50:42 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe
[2012.09.15 22:50:42 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2012.09.15 22:50:41 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2012.09.15 22:50:41 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2012.09.15 22:50:41 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2012.09.15 22:50:41 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2012.09.15 22:50:41 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2012.09.15 22:50:41 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2012.09.15 22:50:40 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2012.09.15 22:50:40 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2012.09.15 22:50:40 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2012.09.15 22:50:40 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2012.09.15 22:50:40 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2012.09.15 22:50:40 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll
[2012.09.15 22:50:40 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2012.09.15 22:50:40 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2012.09.15 22:50:40 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\isoburn.exe
[2012.09.15 22:50:40 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2012.09.15 22:50:39 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2012.09.15 22:50:39 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2012.09.15 22:50:39 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll
[2012.09.15 22:50:39 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2012.09.15 22:50:39 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2012.09.15 22:50:39 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2012.09.15 22:50:39 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2012.09.15 22:50:39 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzutil.exe
[2012.09.15 22:50:38 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2012.09.15 22:50:38 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2012.09.15 22:50:38 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2012.09.15 22:50:38 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2012.09.15 22:50:38 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2012.09.15 22:50:38 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxlib.dll
[2012.09.15 22:50:38 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2012.09.15 22:50:38 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2012.09.15 22:50:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2012.09.15 22:50:37 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2012.09.15 22:50:37 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2012.09.15 22:50:37 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe
[2012.09.15 22:50:37 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2012.09.15 22:50:37 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingFolder.dll
[2012.09.15 22:50:37 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2012.09.15 22:50:37 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012.09.15 22:50:37 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2012.09.15 22:50:37 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2012.09.15 22:50:37 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll
[2012.09.15 22:50:36 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onexui.dll
[2012.09.15 22:50:36 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2012.09.15 22:50:36 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nltest.exe
[2012.09.15 22:50:36 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2012.09.15 22:50:36 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iTVData.dll
[2012.09.15 22:50:36 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2012.09.15 22:50:36 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2012.09.15 22:50:36 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll
[2012.09.15 22:50:36 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2012.09.15 22:50:36 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2012.09.15 22:50:36 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountControlSettings.dll
[2012.09.15 22:50:36 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2012.09.15 22:50:36 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2012.09.15 22:50:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnikeapi.dll
[2012.09.15 22:50:35 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2012.09.15 22:50:35 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2012.09.15 22:50:35 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2012.09.15 22:50:35 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2012.09.15 22:50:35 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2012.09.15 22:50:35 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll
[2012.09.15 22:50:35 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2012.09.15 22:50:35 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2012.09.15 22:50:35 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2012.09.15 22:50:35 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2012.09.15 22:50:35 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdmat.dll
[2012.09.15 22:50:35 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpd3d.dll
[2012.09.15 22:50:35 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2012.09.15 22:50:35 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2012.09.15 22:50:35 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2012.09.15 22:50:34 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2012.09.15 22:50:34 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2012.09.15 22:50:34 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceStatus.dll
[2012.09.15 22:50:34 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2012.09.15 22:50:34 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2012.09.15 22:50:34 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2012.09.15 22:50:34 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceSyncProvider.dll
[2012.09.15 22:50:34 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2012.09.15 22:50:34 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012.09.15 22:50:34 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2012.09.15 22:50:34 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2012.09.15 22:50:34 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2012.09.15 22:50:34 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2012.09.15 22:50:34 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2012.09.15 22:50:34 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2012.09.15 22:50:34 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2012.09.15 22:50:34 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2012.09.15 22:50:34 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2012.09.15 22:50:34 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\djoin.exe
[2012.09.15 22:50:34 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2012.09.15 22:50:34 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2012.09.15 22:50:33 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2012.09.15 22:50:33 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012.09.15 22:50:33 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2012.09.15 22:50:33 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2012.09.15 22:50:33 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2012.09.15 22:50:33 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2012.09.15 22:50:33 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2012.09.15 22:50:33 | 000,257,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2012.09.15 22:50:33 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2012.09.15 22:50:33 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2012.09.15 22:50:33 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2012.09.15 22:50:33 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2012.09.15 22:50:33 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2012.09.15 22:50:33 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiavideo.dll
[2012.09.15 22:50:33 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2012.09.15 22:50:33 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppinst.dll
[2012.09.15 22:50:33 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2012.09.15 22:50:33 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2012.09.15 22:50:33 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2012.09.15 22:50:33 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2012.09.15 22:50:33 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2012.09.15 22:50:33 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cca.dll
[2012.09.15 22:50:33 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2012.09.15 22:50:33 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2012.09.15 22:50:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2012.09.15 22:50:32 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2012.09.15 22:50:32 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2012.09.15 22:50:32 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2012.09.15 22:50:32 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2012.09.15 22:50:32 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2012.09.15 22:50:32 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2012.09.15 22:50:32 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2012.09.15 22:50:32 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2012.09.15 22:50:32 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2012.09.15 22:50:32 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2012.09.15 22:50:32 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2012.09.15 22:50:32 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2012.09.15 22:50:32 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
[2012.09.15 22:50:32 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2012.09.15 22:50:32 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2012.09.15 22:50:32 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2012.09.15 22:50:32 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2012.09.15 22:50:32 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationProxy.dll
[2012.09.15 22:50:32 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2012.09.15 22:50:32 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2012.09.15 22:50:31 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2012.09.15 22:50:31 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSTIFF.dll
[2012.09.15 22:50:31 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2012.09.15 22:50:31 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2012.09.15 22:50:31 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itircl.dll
[2012.09.15 22:50:31 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll
[2012.09.15 22:50:31 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2012.09.15 22:50:31 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2012.09.15 22:50:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2012.09.15 22:50:31 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2012.09.15 22:50:31 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlscsp.dll
[2012.09.15 22:50:31 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertPolEng.dll
[2012.09.15 22:50:31 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2012.09.15 22:50:31 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MultiDigiMon.exe
[2012.09.15 22:50:31 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2012.09.15 22:50:31 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2012.09.15 22:50:31 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz32.dll
[2012.09.15 22:50:31 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2012.09.15 22:50:31 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2012.09.15 22:50:31 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2012.09.15 22:50:31 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe
[2012.09.15 22:50:31 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2012.09.15 22:50:31 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nrpsrv.dll
[2012.09.15 22:50:30 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
[2012.09.15 22:50:30 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2012.09.15 22:50:30 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\manage-bde.exe
[2012.09.15 22:50:30 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\repair-bde.exe
[2012.09.15 22:50:30 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2012.09.15 22:50:30 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2012.09.15 22:50:30 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2012.09.15 22:50:30 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2012.09.15 22:50:30 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2012.09.15 22:50:30 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdiasqmmodule.dll
[2012.09.15 22:50:30 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2012.09.15 22:50:30 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2012.09.15 22:50:30 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2012.09.15 22:50:30 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2012.09.15 22:50:30 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2012.09.15 22:50:30 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdprefdrvapi.dll
[2012.09.15 22:50:30 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2012.09.15 22:50:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\muifontsetup.dll
[2012.09.15 22:50:29 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2012.09.15 22:50:29 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2012.09.15 22:50:29 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2012.09.15 22:50:29 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012.09.15 22:50:29 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSMON.dll
[2012.09.15 22:50:29 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elsTrans.dll
[2012.09.15 22:50:29 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TRAPI.dll
[2012.09.15 22:50:29 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2012.09.15 22:50:28 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2012.09.15 22:50:28 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2012.09.15 22:50:28 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2012.09.15 22:50:28 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2012.09.15 22:50:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll
[2012.09.15 22:50:28 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedcli.dll
[2012.09.15 22:50:28 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sscore.dll
[2012.09.15 22:50:27 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2012.09.15 22:50:27 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2012.09.15 22:50:26 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPREFDD.dll
[2012.09.15 22:50:26 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2012.09.15 22:50:26 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2012.09.15 22:50:26 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshirda.dll
[2012.09.15 22:50:26 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\C_ISCII.DLL
[2012.09.15 22:50:26 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll
[2012.09.15 22:50:26 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2012.09.15 22:50:26 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2012.09.15 22:50:26 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2012.09.15 22:50:25 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012.09.15 22:50:24 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2012.09.15 22:50:24 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pifmgr.dll
[2012.09.15 22:50:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSG.DLL
[2012.09.15 22:50:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdlk41a.dll
[2012.09.15 22:50:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDCZ1.DLL
[2012.09.15 22:50:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUQ.DLL
[2012.09.15 22:50:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUF.DLL
[2012.09.15 22:50:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSF.DLL
[2012.09.15 22:50:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDPO.DLL
[2012.09.15 22:50:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDNEPR.DLL
[2012.09.15 22:50:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2012.09.15 22:50:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGR1.DLL
[2012.09.15 22:50:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGKL.DLL
[2012.09.15 22:50:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUS.DLL
[2012.09.15 22:50:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUGHR1.DLL
[2012.09.15 22:50:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTURME.DLL
[2012.09.15 22:50:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAJIK.DLL
[2012.09.15 22:50:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMON.DLL
[2012.09.15 22:50:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMAORI.DLL
[2012.09.15 22:50:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDLT1.DLL
[2012.09.15 22:50:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2012.09.15 22:50:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2012.09.15 22:50:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2012.09.15 22:50:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2012.09.15 22:50:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2012.09.15 22:50:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2012.09.15 22:50:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBULG.DLL
[2012.09.15 22:50:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBLR.DLL
[2012.09.15 22:50:24 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2012.09.15 22:50:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGEO.DLL
[2012.09.15 22:50:24 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnaddr.dll
[2012.09.15 22:50:23 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll
[2012.09.15 22:50:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2012.09.15 22:50:17 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2012.09.15 22:50:05 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2012.09.15 22:49:58 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2012.09.15 22:35:21 | 000,000,000 | ---D | C] -- C:\Users\andre\AppData\Roaming\Avira
[2012.09.15 22:27:11 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2012.09.15 22:27:11 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2012.09.15 22:25:20 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.09.15 22:25:20 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.09.15 22:25:20 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.09.15 22:25:19 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.09.15 22:25:19 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.09.15 22:25:19 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.09.15 22:25:19 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.09.15 22:25:19 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.09.15 22:25:19 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.09.15 22:25:19 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.09.15 22:25:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.09.15 22:25:19 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.09.15 22:25:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.09.15 22:25:19 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.09.15 22:25:19 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.09.15 22:25:19 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.09.15 22:25:19 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.09.15 22:25:19 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.09.15 22:25:19 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.09.15 22:25:19 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.09.15 22:25:19 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.09.15 22:25:19 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.09.15 22:25:19 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.09.15 22:25:19 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.09.15 22:25:19 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.09.15 22:25:19 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.09.15 22:25:19 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.09.15 22:25:19 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.09.15 22:25:18 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.09.15 22:25:18 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.09.15 22:25:18 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.09.15 22:25:18 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.09.15 22:25:18 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.09.15 22:25:18 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.09.15 22:25:18 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.09.15 22:25:18 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.09.15 22:25:18 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.09.15 22:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.09.15 22:22:51 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.09.15 22:22:51 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.09.15 22:22:51 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.09.15 22:22:51 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.09.15 22:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.09.15 22:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.09.14 21:18:21 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2012.09.14 20:05:12 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2012.09.14 20:05:04 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012.09.14 20:05:04 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2012.09.14 20:05:04 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2012.09.14 20:05:03 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.09.14 20:05:03 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2012.09.14 20:05:03 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.09.14 20:04:52 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012.09.14 20:04:52 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2012.09.14 20:04:52 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012.09.14 20:04:51 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012.09.14 20:04:51 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012.09.14 20:04:51 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012.09.14 20:04:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.09.14 20:04:40 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.09.14 20:04:39 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2012.09.14 20:04:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2012.09.14 20:04:20 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.09.14 20:04:15 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2012.09.14 20:04:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012.09.14 20:04:14 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2012.09.14 20:04:14 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2012.09.14 20:04:14 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2012.09.14 20:04:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2012.09.14 20:04:14 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2012.09.14 20:04:10 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2012.09.14 20:04:07 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012.09.14 20:04:07 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2012.09.14 20:04:06 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WFS.exe
[2012.09.14 20:04:05 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.09.14 20:04:05 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.09.14 20:03:59 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012.09.14 20:03:56 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012.09.14 20:03:56 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012.09.14 20:03:54 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2012.09.14 20:03:54 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2012.09.14 20:03:54 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2012.09.14 20:03:52 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012.09.14 20:03:52 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012.09.14 20:03:48 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012.09.14 20:03:47 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012.09.14 20:03:46 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012.09.14 20:03:46 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.09.14 20:03:46 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012.09.14 20:03:46 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012.09.14 20:03:46 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012.09.14 20:03:46 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012.09.14 20:03:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.09.14 20:03:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012.09.14 20:03:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012.09.14 20:03:46 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012.09.14 20:03:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012.09.14 20:03:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012.09.14 20:03:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.09.14 20:03:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012.09.14 20:03:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012.09.14 20:03:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.09.14 20:03:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012.09.14 20:03:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.09.14 20:03:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012.09.14 20:03:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012.09.14 20:03:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012.09.14 20:03:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012.09.14 20:03:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.09.14 20:03:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.09.14 20:03:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012.09.14 20:03:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012.09.14 20:03:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012.09.14 20:03:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012.09.14 20:03:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012.09.14 20:03:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012.09.14 20:03:43 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2012.09.14 20:03:42 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2012.09.14 20:03:40 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2012.09.14 20:03:40 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2012.09.14 20:03:40 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2012.09.14 20:03:40 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2012.09.14 20:03:40 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2012.09.14 20:03:39 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012.09.14 20:03:38 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012.09.14 20:03:38 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012.09.14 20:03:38 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012.09.14 20:03:38 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012.09.14 20:03:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2012.09.14 20:03:17 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2012.09.14 20:03:17 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2012.09.14 20:03:12 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.09.14 20:03:09 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2012.09.14 20:03:05 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2012.09.14 20:02:42 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2012.09.14 20:02:42 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012.09.14 19:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.09.14 19:47:04 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.09.14 19:45:37 | 000,000,000 | ---D | C] -- C:\Users\andre\AppData\Local\Diagnostics
[2012.09.14 19:42:33 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI Software
[2012.09.12 10:33:15 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012.09.12 10:33:01 | 000,000,000 | -HSD | C] -- C:\Boot
[2012.09.12 10:31:22 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\andre\Desktop\OTL.exe
[2012.09.12 10:10:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2012.09.12 10:10:30 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2012.09.12 10:06:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.09.12 10:06:42 | 000,000,000 | ---D | C] -- C:\Users\andre\AppData\Roaming\Malwarebytes
[2012.09.12 10:06:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.09.12 10:06:28 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012.09.12 10:06:28 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012.09.12 10:06:28 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.09.12 10:06:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.12 10:06:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.12 10:06:05 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.09.12 10:06:05 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.09.12 10:06:05 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012.09.12 10:05:58 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.09.12 10:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.09.12 10:05:45 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.09.12 10:03:00 | 000,000,000 | ---D | C] -- C:\Users\andre\AppData\Roaming\Macromedia
[2012.09.12 10:03:00 | 000,000,000 | ---D | C] -- C:\Users\andre\AppData\Local\Macromedia
[2012.09.12 10:03:00 | 000,000,000 | ---D | C] -- C:\Users\andre\AppData\Roaming\Adobe
[2012.09.12 10:01:15 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012.09.12 10:01:08 | 000,696,520 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.09.12 10:01:08 | 000,073,416 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.09.12 10:01:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2012.09.12 10:00:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.09.12 09:55:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
[2012.09.12 09:50:37 | 000,000,000 | ---D | C] -- C:\Users\andre\Documents\Guild Wars 2
[2012.09.12 09:50:06 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2012.09.12 09:49:57 | 000,000,000 | ---D | C] -- C:\Users\andre\AppData\Local\Downloaded Installations
[2012.09.12 09:49:51 | 000,000,000 | ---D | C] -- C:\Users\andre\AppData\Local\adawarebp
[2012.09.12 09:48:47 | 000,000,000 | ---D | C] -- C:\Users\andre\AppData\Local\AMD
[2012.09.12 09:48:36 | 000,000,000 | ---D | C] -- C:\Users\andre\AppData\Roaming\ATI
[2012.09.12 09:48:36 | 000,000,000 | ---D | C] -- C:\Users\andre\AppData\Local\ATI
[2012.09.12 09:48:36 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.09.12 09:46:53 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2012.09.12 09:46:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2012.09.12 09:46:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012.09.12 09:46:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012.09.12 09:46:18 | 000,037,944 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\amdiox86.sys
[2012.09.12 09:45:57 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.09.12 09:45:51 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012.09.12 09:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012.09.12 09:45:13 | 000,000,000 | ---D | C] -- C:\AMD
[2012.09.12 09:43:21 | 000,000,000 | ---D | C] -- C:\Users\andre\AppData\Roaming\Mozilla
[2012.09.12 09:43:21 | 000,000,000 | ---D | C] -- C:\Users\andre\AppData\Local\Mozilla
[2012.09.12 09:43:16 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.09.12 09:43:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.09.12 09:43:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.09.12 09:42:53 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2012.09.12 09:40:10 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012.09.12 09:40:10 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012.09.12 09:40:06 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012.09.12 09:40:06 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012.09.12 09:40:06 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012.09.12 09:40:01 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012.09.12 09:39:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012.09.12 09:39:53 | 000,000,000 | R--D | C] -- C:\Users\andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.09.12 09:39:53 | 000,000,000 | R--D | C] -- C:\Users\andre\Searches
[2012.09.12 09:39:53 | 000,000,000 | R--D | C] -- C:\Users\andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.09.12 09:39:45 | 000,000,000 | ---D | C] -- C:\Users\andre\AppData\Roaming\Identities
[2012.09.12 09:39:44 | 000,000,000 | R--D | C] -- C:\Users\andre\Contacts
[2012.09.12 09:39:39 | 000,000,000 | ---D | C] -- C:\Users\andre\AppData\Local\VirtualStore
[2012.09.12 09:39:37 | 000,000,000 | --SD | C] -- C:\Users\andre\AppData\Roaming\Microsoft
[2012.09.12 09:39:37 | 000,000,000 | R--D | C] -- C:\Users\andre\Videos
[2012.09.12 09:39:37 | 000,000,000 | R--D | C] -- C:\Users\andre\Saved Games
[2012.09.12 09:39:37 | 000,000,000 | R--D | C] -- C:\Users\andre\Pictures
[2012.09.12 09:39:37 | 000,000,000 | R--D | C] -- C:\Users\andre\Music
[2012.09.12 09:39:37 | 000,000,000 | R--D | C] -- C:\Users\andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.09.12 09:39:37 | 000,000,000 | R--D | C] -- C:\Users\andre\Links
[2012.09.12 09:39:37 | 000,000,000 | R--D | C] -- C:\Users\andre\Favorites
[2012.09.12 09:39:37 | 000,000,000 | R--D | C] -- C:\Users\andre\Downloads
[2012.09.12 09:39:37 | 000,000,000 | R--D | C] -- C:\Users\andre\Documents
[2012.09.12 09:39:37 | 000,000,000 | R--D | C] -- C:\Users\andre\Desktop
[2012.09.12 09:39:37 | 000,000,000 | R--D | C] -- C:\Users\andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.09.12 09:39:37 | 000,000,000 | -HSD | C] -- C:\Users\andre\Vorlagen
[2012.09.12 09:39:37 | 000,000,000 | -HSD | C] -- C:\Users\andre\AppData\Local\Verlauf
[2012.09.12 09:39:37 | 000,000,000 | -HSD | C] -- C:\Users\andre\AppData\Local\Temporary Internet Files
[2012.09.12 09:39:37 | 000,000,000 | -HSD | C] -- C:\Users\andre\Startmenü
[2012.09.12 09:39:37 | 000,000,000 | -HSD | C] -- C:\Users\andre\SendTo
[2012.09.12 09:39:37 | 000,000,000 | -HSD | C] -- C:\Users\andre\Recent
[2012.09.12 09:39:37 | 000,000,000 | -HSD | C] -- C:\Users\andre\Netzwerkumgebung
[2012.09.12 09:39:37 | 000,000,000 | -HSD | C] -- C:\Users\andre\Lokale Einstellungen
[2012.09.12 09:39:37 | 000,000,000 | -HSD | C] -- C:\Users\andre\Documents\Eigene Videos
[2012.09.12 09:39:37 | 000,000,000 | -HSD | C] -- C:\Users\andre\Documents\Eigene Musik
[2012.09.12 09:39:37 | 000,000,000 | -HSD | C] -- C:\Users\andre\Eigene Dateien
[2012.09.12 09:39:37 | 000,000,000 | -HSD | C] -- C:\Users\andre\Documents\Eigene Bilder
[2012.09.12 09:39:37 | 000,000,000 | -HSD | C] -- C:\Users\andre\Druckumgebung
[2012.09.12 09:39:37 | 000,000,000 | -HSD | C] -- C:\Users\andre\Cookies
[2012.09.12 09:39:37 | 000,000,000 | -HSD | C] -- C:\Users\andre\AppData\Local\Anwendungsdaten
[2012.09.12 09:39:37 | 000,000,000 | -HSD | C] -- C:\Users\andre\Anwendungsdaten
[2012.09.12 09:39:37 | 000,000,000 | -H-D | C] -- C:\Users\andre\AppData
[2012.09.12 09:39:37 | 000,000,000 | ---D | C] -- C:\Users\andre\AppData\Local\Temp
[2012.09.12 09:39:37 | 000,000,000 | ---D | C] -- C:\Users\andre\AppData\Local\Microsoft
[2012.09.12 09:39:37 | 000,000,000 | ---D | C] -- C:\Users\andre\AppData\Roaming\Media Center Programs
[2012.09.12 09:39:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.09.12 09:39:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.09.12 09:39:25 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.09.12 09:39:25 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.09.12 09:39:25 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.09.12 09:39:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.09.12 09:39:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.09.12 09:39:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.09.12 09:39:25 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.09.12 09:39:25 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.09.12 09:39:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.09.12 09:39:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.09.12 09:36:38 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.09.12 09:34:06 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.09.12 09:33:52 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.17 13:02:06 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.17 12:42:47 | 000,014,800 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.17 12:42:47 | 000,014,800 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.17 12:39:52 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.09.17 12:39:52 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.09.17 12:39:52 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.09.17 12:39:52 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.09.17 12:35:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.17 12:35:18 | 2415,419,392 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.16 20:21:35 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.09.16 19:59:55 | 000,265,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.09.16 12:00:05 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
[2012.09.15 22:25:20 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.09.15 22:25:20 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.09.15 22:25:20 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.09.15 22:25:19 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.09.15 22:25:19 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.09.15 22:25:19 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.09.15 22:25:19 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.09.15 22:25:19 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.09.15 22:25:19 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.09.15 22:25:19 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.09.15 22:25:19 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.09.15 22:25:19 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.09.15 22:25:19 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.09.15 22:25:19 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.09.15 22:25:19 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.09.15 22:25:19 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.09.15 22:25:19 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.09.15 22:25:19 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.09.15 22:25:19 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.09.15 22:25:19 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.09.15 22:25:19 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.09.15 22:25:19 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.09.15 22:25:19 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.09.15 22:25:19 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.09.15 22:25:19 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.09.15 22:25:19 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.09.15 22:25:19 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.09.15 22:25:19 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.09.15 22:25:19 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.09.15 22:25:18 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.09.15 22:25:18 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.09.15 22:25:18 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.09.15 22:25:18 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.09.15 22:25:18 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.09.15 22:25:18 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.09.15 22:25:18 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.09.15 22:25:18 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.09.15 22:25:18 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.09.14 19:51:05 | 000,000,986 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.09.14 15:54:08 | 000,152,790 | ---- | M] () -- C:\Users\andre\Desktop\Wolff, Andre_0176 80026643.jpg
[2012.09.12 10:33:03 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012.09.12 10:31:36 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\andre\Desktop\OTL.exe
[2012.09.12 10:06:19 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.09.12 10:05:53 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012.09.12 10:05:50 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.09.12 10:05:50 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.09.12 10:05:50 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.09.12 10:05:49 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012.09.12 10:05:49 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012.09.12 10:01:08 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.09.12 10:01:08 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.09.12 09:55:45 | 000,000,511 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012.09.12 09:48:12 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012.09.12 09:43:17 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.09.12 09:36:40 | 000,052,953 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012.09.07 20:26:05 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.09.07 20:26:05 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.09.07 20:26:05 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.08.22 19:16:46 | 000,240,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012.08.22 19:16:36 | 000,187,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
 
========== Files Created - No Company Name ==========
 
[2012.09.16 20:22:31 | 000,152,790 | ---- | C] () -- C:\Users\andre\Desktop\Wolff, Andre_0176 80026643.jpg
[2012.09.16 20:21:35 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.09.15 22:51:30 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2012.09.15 22:50:29 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2012.09.15 22:50:23 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2012.09.15 22:25:19 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.09.14 19:51:05 | 000,000,986 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.09.12 10:33:03 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2012.09.12 10:33:01 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2012.09.12 10:06:19 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.09.12 10:01:11 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.12 09:55:45 | 000,000,511 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012.09.12 09:48:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.09.12 09:43:17 | 000,001,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.09.12 09:43:17 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.09.12 09:39:54 | 000,001,430 | ---- | C] () -- C:\Users\andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.09.12 09:36:33 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.09.12 09:36:25 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.09.12 09:33:52 | 2415,419,392 | -HS- | C] () -- C:\hiberfil.sys
[2012.07.28 03:30:54 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2012.07.28 03:30:54 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012.07.27 22:47:36 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012.04.12 21:30:10 | 000,637,743 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat

< End of report >
    Extras.txt
    Code:
    OTL Extras logfile created on: 17.09.2012 13:19:05 - Run 4
OTL by OldTimer - Version 3.2.61.3     Folder = C:\Users\andre\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,13 Gb Available Physical Memory | 70,97% Memory free
6,00 Gb Paging File | 4,88 Gb Available in Paging File | 81,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 83,01 Gb Total Space | 65,53 Gb Free Space | 78,95% Space Free | Partition Type: NTFS
Drive D: | 382,75 Gb Total Space | 365,48 Gb Free Space | 95,49% Space Free | Partition Type: NTFS
 
Computer Name: ANDRE-PC | User Name: andre | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B102014-BF74-4235-8037-F71566E44659}" = rport=138 | protocol=17 | dir=out | app=system | 
"{234734F4-E9A3-4D73-9ADB-932D5DF0B871}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{242707DE-2105-4F9F-8F24-5149E5123A3D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{29725C1A-8E2C-4DBB-8F0A-680FB359B0FE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{2F3973F2-737E-4793-A6C6-F5D3BDD3A17C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{37E992E0-D8BB-4DD6-83D1-632CD6E261B3}" = rport=137 | protocol=17 | dir=out | app=system | 
"{38D171D7-6DB3-49B9-94D3-443EB8E48E82}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{5A3175E6-C3A1-4560-BE81-5CF076C1D81D}" = rport=445 | protocol=6 | dir=out | app=system | 
"{68F13A51-2006-4434-AD27-5982B85D814E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{6CBD99F3-9566-4365-BDCD-E880D70E9875}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{93389D69-CC7E-42ED-A0BD-E7D7EE754437}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{AA446E65-316A-49A4-A7B5-C7448135773F}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{B3847EC8-F0E7-43F9-94A1-76708B2CE54D}" = lport=137 | protocol=17 | dir=in | app=system | 
"{CC8ADE1C-9E2A-4B31-B5DE-AA712265C5EF}" = lport=445 | protocol=6 | dir=in | app=system | 
"{D5406009-78BA-4698-AF8E-1429C618A62D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{DCE0D950-154D-454E-9B3F-1AF0A99DF796}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{DD512FA0-9F70-4F28-B97C-6C5B1180C61B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{DE7FFA93-F378-4B25-A060-469FCC84E735}" = rport=139 | protocol=6 | dir=out | app=system | 
"{E507A6A5-0E7F-4D32-BB81-6D61E914FD46}" = lport=138 | protocol=17 | dir=in | app=system | 
"{EB25D91B-94C2-45CE-B59B-430EE88FDC6C}" = lport=139 | protocol=6 | dir=in | app=system | 
"{EDEDB663-FF93-49F0-A98B-F06BB721D6A9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2FB73B1E-A45F-4510-830D-065C2313A845}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{419A34DB-DB93-4C9C-B5A5-25A7F9F5458E}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 
"{46820D2D-CEED-42AB-863D-A9A0725C1B9D}" = protocol=6 | dir=out | app=system | 
"{512738B5-9C08-4896-98E1-B2885C704C2E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{5F49313D-5600-4BFE-9F2F-8BF571C48107}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{852183E3-0F6D-4858-A666-1317033CD6AC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{8F618F3A-F687-44FF-8134-96C3454CA1BF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{9556CF45-0428-475F-8CD8-D1CCDAC07726}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{96FB2867-C743-4E68-B868-8F6611FE2B66}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{AB225433-11BB-4BFC-896D-8ABC8B6A66DA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{B25996AC-FFA2-4364-9152-03C81C77D7DA}" = protocol=58 | dir=in | app=system | 
"{C1ABD03E-A237-4988-BEA1-8C6B3114BD74}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D2172A1F-52BA-4F5C-A387-3946065C02CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E3D4E7F9-737F-4800-A2A2-9A5E8E620670}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{E8128080-DD78-47C5-AD42-FC73944FED85}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F8BFB579-42EC-42C5-8EAD-729C5027F573}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F99C0EA0-EF37-4731-BF5A-A376D008CF39}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{FB168F17-F8A5-4A37-A19F-10E1EF41D1EF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{0F078635-143B-482E-9FBD-B46121CA25A2}D:\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=d:\guild wars 2\gw2.exe | 
"UDP Query User{753366E0-EA3D-49BC-8A83-596AB07767DD}D:\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=d:\guild wars 2\gw2.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0CE6E094-B07B-CC6B-F7FD-9D7BD7BE0D86}" = CCC Help Thai
"{1585EBE4-2F65-2DE6-A531-301DFAB68B5E}" = AMD Drag and Drop Transcoding
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{3857A262-3B88-127A-96DB-5317B0F9B78C}" = CCC Help Dutch
"{3993DBF6-32F6-488B-9009-E156075AF7B7}" = CCC Help Greek
"{3A090DC5-ADF9-6B83-1095-017754BEC3D0}" = CCC Help Finnish
"{3BCD05CE-8CDE-9503-8794-D8CDB9FA8562}" = Catalyst Control Center InstallProxy
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{59FB1BE3-155C-72B1-B5F6-B086DEB7D064}" = CCC Help Hungarian
"{5EEA2FBB-1AAF-56D0-C2E5-580ACEA4DED5}" = CCC Help Russian
"{7106B820-2071-2B46-7817-5F6ADD1FA112}" = CCC Help Polish
"{725B5F90-BD27-A74D-7685-48795904FCF3}" = CCC Help Japanese
"{74AD1757-8887-D3F0-23C4-1E16B77A6ABC}" = AMD Media Foundation Decoders
"{78887CA0-E5F1-3C99-B120-95310B217AB8}" = CCC Help French
"{82892947-1311-D6CA-8B79-2753E398FE32}" = CCC Help German
"{855E0BF8-5448-9681-B36E-B84029D355E4}" = CCC Help Danish
"{9090E44B-CFBA-47D4-2225-3037C539E7E9}" = Catalyst Control Center Graphics Previews Common
"{90DCE328-65D6-0CC0-14FF-A86D6EC57035}" = CCC Help Chinese Traditional
"{91C3236F-645F-52FD-6A83-A4CE5EE8028D}" = CCC Help Czech
"{943A7AF0-C019-0CFB-BA79-F063E7980B25}" = AMD VISION Engine Control Center
"{95DC4B07-1FA6-36FF-5D57-D73CF3E9B504}" = AMD Fuel
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A6CF1995-854B-0B57-BF9D-AD665C52493C}" = CCC Help Chinese Standard
"{AB0670D8-C462-750A-D34D-F18D38C0D64E}" = CCC Help Swedish
"{AD59DD0E-E36C-9FF1-2F22-ADFA10A43D61}" = CCC Help Italian
"{BF9D2E61-64C4-64EA-6AF7-29EB5A110C26}" = AMD Catalyst Install Manager
"{C1C7818F-8270-BA45-D317-675187B9E33E}" = CCC Help Korean
"{C9115BBB-C00B-481A-FD6A-C2BCDC88D6A1}" = CCC Help Turkish
"{E100AC00-5097-16FE-E007-3D5156FC2B93}" = CCC Help Portuguese
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3175897-A6B7-B940-F0D7-877281892786}" = ccc-utility
"{E3AA13F6-F494-D77F-C678-B8E6F8B66448}" = CCC Help Spanish
"{E56685FB-BC75-3BC4-526A-15FD1278F174}" = Catalyst Control Center Localization All
"{ECA16F5B-C5FD-2021-09B1-CA7CB49FDF46}" = CCC Help Norwegian
"{EF2586BE-6016-DBED-06AB-569B429893A1}" = CCC Help English
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"Guild Wars 2" = Guild Wars 2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.0
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 12.09.2012 03:50:56 | Computer Name = andre-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Gw2.exe, Version: 1.0.0.1, Zeitstempel:
 0x50098cf4  Name des fehlerhaften Moduls: adawarebp.dll, Version: 1.0.1.31, Zeitstempel:
 0x4e9c9820  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00028092  ID des fehlerhaften Prozesses:
 0xc54  Startzeit der fehlerhaften Anwendung: 0x01cd90bb5732c6d0  Pfad der fehlerhaften
 Anwendung: C:\Users\andre\AppData\Local\Temp\Gw2.exe  Pfad des fehlerhaften Moduls:
 C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll  Berichtskennung: 95064a40-fcae-11e1-9fe1-001e8ca0fddf
 
Error - 12.09.2012 03:51:09 | Computer Name = andre-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: crashreporter.exe, Version: 15.0.1.4631,
 Zeitstempel: 0x5047e8a7  Name des fehlerhaften Moduls: adawarebp.dll, Version: 1.0.1.31,
 Zeitstempel: 0x4e9c9820  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00028092  ID des fehlerhaften
 Prozesses: 0xc4c  Startzeit der fehlerhaften Anwendung: 0x01cd90bb5f3df340  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\crashreporter.exe  Pfad 
des fehlerhaften Moduls: C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll
Berichtskennung:
 9d02d0b0-fcae-11e1-9fe1-001e8ca0fddf
 
Error - 12.09.2012 03:51:12 | Computer Name = andre-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: crashreporter.exe, Version: 15.0.1.4631,
 Zeitstempel: 0x5047e8a7  Name des fehlerhaften Moduls: adawarebp.dll, Version: 1.0.1.31,
 Zeitstempel: 0x4e9c9820  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00028092  ID des fehlerhaften
 Prozesses: 0xc4c  Startzeit der fehlerhaften Anwendung: 0x01cd90bb5f3df340  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\crashreporter.exe  Pfad 
des fehlerhaften Moduls: C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll
Berichtskennung:
 9ee413d0-fcae-11e1-9fe1-001e8ca0fddf
 
Error - 12.09.2012 03:51:14 | Computer Name = andre-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: crashreporter.exe, Version: 15.0.1.4631,
 Zeitstempel: 0x5047e8a7  Name des fehlerhaften Moduls: adawarebp.dll, Version: 1.0.1.31,
 Zeitstempel: 0x4e9c9820  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00028092  ID des fehlerhaften
 Prozesses: 0x450  Startzeit der fehlerhaften Anwendung: 0x01cd90bb62384780  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\crashreporter.exe  Pfad 
des fehlerhaften Moduls: C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll
Berichtskennung:
 9fe64190-fcae-11e1-9fe1-001e8ca0fddf
 
Error - 12.09.2012 03:51:20 | Computer Name = andre-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: crashreporter.exe, Version: 15.0.1.4631,
 Zeitstempel: 0x5047e8a7  Name des fehlerhaften Moduls: adawarebp.dll, Version: 1.0.1.31,
 Zeitstempel: 0x4e9c9820  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00028092  ID des fehlerhaften
 Prozesses: 0x450  Startzeit der fehlerhaften Anwendung: 0x01cd90bb62384780  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\crashreporter.exe  Pfad 
des fehlerhaften Moduls: C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll
Berichtskennung:
 a38401c0-fcae-11e1-9fe1-001e8ca0fddf
 
Error - 12.09.2012 03:51:32 | Computer Name = andre-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wuauclt.exe, Version: 7.6.7600.256,
 Zeitstempel: 0x4fca8fc1  Name des fehlerhaften Moduls: adawarebp.dll, Version: 1.0.1.31,
 Zeitstempel: 0x4e9c9820  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00028092  ID des fehlerhaften
 Prozesses: 0xeb0  Startzeit der fehlerhaften Anwendung: 0x01cd90bb6c420310  Pfad der
 fehlerhaften Anwendung: C:\Windows\system32\wuauclt.exe  Pfad des fehlerhaften Moduls:
 C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll  Berichtskennung: aa8add90-fcae-11e1-9fe1-001e8ca0fddf
 
Error - 15.09.2012 16:31:35 | Computer Name = andre-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Updater.exe, Version: 1.2.0.20064,
 Zeitstempel: 0x4f0524f7  Name des fehlerhaften Moduls: Updater.exe, Version: 1.2.0.20064,
 Zeitstempel: 0x4f0524f7  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0004d9aa  ID des fehlerhaften
 Prozesses: 0xfc8  Startzeit der fehlerhaften Anwendung: 0x01cd9380de464300  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Ask.com\Updater\Updater.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files\Ask.com\Updater\Updater.exe  Berichtskennung: 5740a0c0-ff74-11e1-a6ea-001e8ca0fddf
 
Error - 16.09.2012 05:58:02 | Computer Name = andre-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Updater.exe, Version: 1.2.0.20064,
 Zeitstempel: 0x4f0524f7  Name des fehlerhaften Moduls: Updater.exe, Version: 1.2.0.20064,
 Zeitstempel: 0x4f0524f7  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0004d9aa  ID des fehlerhaften
 Prozesses: 0x8c8  Startzeit der fehlerhaften Anwendung: 0x01cd93f000a38920  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Ask.com\Updater\Updater.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files\Ask.com\Updater\Updater.exe  Berichtskennung: 004dadf0-ffe5-11e1-b0dc-001e8ca0fddf
 
Error - 16.09.2012 06:17:33 | Computer Name = andre-PC | Source = ESENT | ID = 215
Description = WinMail (2700) WindowsMail0: Die Sicherung wurde abgebrochen, weil
 sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
 wurde.
 
Error - 16.09.2012 14:20:44 | Computer Name = andre-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Updater.exe, Version: 1.2.0.20064,
 Zeitstempel: 0x4f0524f7  Name des fehlerhaften Moduls: Updater.exe, Version: 1.2.0.20064,
 Zeitstempel: 0x4f0524f7  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0004d9aa  ID des fehlerhaften
 Prozesses: 0x8fc  Startzeit der fehlerhaften Anwendung: 0x01cd94351ca884a0  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Ask.com\Updater\Updater.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files\Ask.com\Updater\Updater.exe  Berichtskennung: 3a04b160-002b-11e2-88e9-001e8ca0fddf
 
[ System Events ]
Error - 16.09.2012 05:45:20 | Computer Name = andre-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SBRE
 
Error - 16.09.2012 06:12:59 | Computer Name = andre-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SBRE
 
Error - 16.09.2012 06:15:49 | Computer Name = andre-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SBRE
 
Error - 16.09.2012 06:17:18 | Computer Name = andre-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SBRE
 
Error - 16.09.2012 13:59:59 | Computer Name = andre-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SBRE
 
Error - 17.09.2012 06:14:15 | Computer Name = andre-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SBRE
 
Error - 17.09.2012 06:15:28 | Computer Name = andre-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SBRE
 
Error - 17.09.2012 06:29:16 | Computer Name = andre-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "AMD External Events Utility" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 17.09.2012 06:30:28 | Computer Name = andre-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SBRE
 
Error - 17.09.2012 06:35:44 | Computer Name = andre-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SBRE
 
 
< End of report >
    Also bis jetzt läuft alles ohne Probleme. Scheint wohl alles behoben zu sein.


    mfg a_w
  3. 17.09.2012, 14:39 #13
    Petra
    Petra ist offline
    Moderator Avatar von Petra
    Registriert seit
    06.09.2011
    Ort
    Nähe Düsseldorf
    Beiträge
    12.436
    Hallo a_w,

    ===== Punkt 1 =====

    Tool-Bereinigung mit OTL

    Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
    • Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
    • Speichere es auf Deinem Desktop.
    • Doppelklick auf OTL.exe um das Programm auszuführen.
      Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
    • Klicke auf den Button "Bereinigung"
    • OTL fragt eventuell nach einem Neustart.
      Sollte es dies tun, so lasse dies bitte zu.


    Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.



    ===== Punkt 2 =====

    Eset Online Scan

    Da wir nur einen kleinen Teil des Systems sehen und analysieren können, überprüfe Dein komplettes System mit Eset Online Scan. Bitte während des Scans alle evtl. vorhandenen externen Festplatten einschalten/anschließen. Außerdem während des Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliche) abstellen und nicht vergessen, sie hinterher wieder einzuschalten.

    Kurzanleitung:

    Internet Explorer starten.

    Nach hier gehen => http://www.eset.com/home/products/online-scanner/

    Auf den Button "Run Eset Online Scanner" drücken

    Die Lizenzbedingungen akzeptieren, also einen Haken machen und Start drücken.

    Das Installieren des ActiveX-Steuerelements erlauben.

    Auf "Advanced Settings" klicken und diese Einstellungen machen:



    Wieder auf Start drücken.

    Die Anwendung zulassen.

    Warten, bis der Scan durchgelaufen ist. Wenn Funde gemacht wurden, auf "List of found Threats" klicken und dann entweder auf "Copy to clipboard" oder "Export to text file" klicken und das Logfile hier posten


    Alle nötigen Details findest Du in dieser bebilderten Anleitung.
    [°¿°] Ciao, Petra

    ABBZ Browser- und Plugincheck | Phishing- und Malwareseiten melden | Kein Support per PN oder Mail! | ABBZ Forenregeln | Kaspersky Rescue Disk
    Daten sichern! | Anleitungen für diverse BKA-Versionen | ABBZ Blog-Artikel | Youtube-Videos von botfrei.de | Anleitungen & FAQs | Anti-Bot CD V3.0
    Du hast eine eigene Website? Lasse sie bei unserer Initiative-S kostenlos auf Malware prüfen.
  4. 22.09.2012, 11:33 #14
    Petra
    Petra ist offline
    Moderator Avatar von Petra
    Registriert seit
    06.09.2011
    Ort
    Nähe Düsseldorf
    Beiträge
    12.436
    Hallo a_w,

    da keine Rückmeldung kommt, gehe ich jetzt einfach mal davon aus, dass der Eset-Online-Scan keine Funde mehr zutage gefördert hat und komme zum Abschlussbeitrag


    Absicherung des Rechners

    In jedem Fall ist es nach einer Infektion ratsam alle Passwörter zu ändern.

    Dann mache zur Sicherheit noch einen Komplettscan mit aktualisierten Virendefinitionen mit Deinem Antivirus-Programm. Falls noch Funde gemacht werden, sage mir Bescheid, welche und wo. Ansonsten können wir hier mit einigen Tipps zur Absicherung schließen und ich mache den Thread in ein paar Tagen zu

    Lesenswerte Blogeinträge zum Thema Absicherung

    Malware entfernt? Was nun?
    Wie mache ich mein Windows sicher?
    Wie kann ich mein System in Zukunft von Malware frei halten?
    Vorsicht bei Streaming-Diensten: Malware-Zwischenfälle auf movie2k.to und kinox.to!
    Wie kann ich prüfen, ob meine Software aktuell ist?
    Datensicherung
    Browser- und Plugincheck
    DNS manipuliert?
    [°¿°] Ciao, Petra

    ABBZ Browser- und Plugincheck | Phishing- und Malwareseiten melden | Kein Support per PN oder Mail! | ABBZ Forenregeln | Kaspersky Rescue Disk
    Daten sichern! | Anleitungen für diverse BKA-Versionen | ABBZ Blog-Artikel | Youtube-Videos von botfrei.de | Anleitungen & FAQs | Anti-Bot CD V3.0
    Du hast eine eigene Website? Lasse sie bei unserer Initiative-S kostenlos auf Malware prüfen.
« Vorheriges Thema | Nächstes Thema »

Lesezeichen

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •  

Foren-Regeln

G Data
forum.botfrei.de wird überprüft von der Initiative-S