Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: ClickCompare, Text-Enhance usw.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 22.05.2013, 14:17   #1
Staplerin
 
ClickCompare, Text-Enhance usw. - Standard

ClickCompare, Text-Enhance usw.



Hallo zusammen,

ich reihe mich mal in das ClickCompare-Problem ein...

Seit etwas mehr als einer Woche habe ich einen neuen Laptop (mit Win 8 64 bit) und vor ein paar Tagen fiel mir auf, dass einige Begriffe in Foren als Links markiert wurden und auf Seiten wie clickcompare.info verwiesen. Irgendwann poppte bei mir eine Umfrage - nageblich von Firefox - auf und ich habe diese auch ausgefüllt und abgebrochen, als es um die Gewinnwahl nach Teilnahme ging. Nun werden weiterhin Begriffe verlinkt zu clickcompare oder auch Text-Enhance. Ich habe zunächst mit avast alle möglich Addons von Firefox gelöscht. Zurück blieben nur Adblock, avast, Youtube Unblocker und FindLyrics (welches ich aber nicht zuordnen oder löschen kann).

Die große Suche von avast führte zu keinem Ergebnis = Es wurden keine infizierten Dateien gefunden. Malwarebyts hat ebenfalls kein Ergebnis geliefert, weshalb ich selbst nicht mehr weiter weiß. Ich habe OTL runtergeladen und mal scannen lassen. Was ich hier gerne zeigen würde, aber da streikt das Forum wegen zu vieler Zeichen. Als Anhang funktioniert leider gerade auch nicht. Ich klicke zwar auf Anhänge verwalten, aber weiterhin passiert nichts.

Ich hoffe, mir ist noch zu helfen

Alt 22.05.2013, 14:31   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
ClickCompare, Text-Enhance usw. - Standard

ClickCompare, Text-Enhance usw.



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!


Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 22.05.2013, 14:37   #3
Staplerin
 
ClickCompare, Text-Enhance usw. - Standard

ClickCompare, Text-Enhance usw.



Hier sind die Logs von OTL. Jedes andere Programm hat bisher nix gefunden.

Ich musste sie als Anhang hochladen, da ich sonst die zulässige Anzahl an Zeichen in diesem Post überschreite. Tut mir leid!
__________________

Alt 22.05.2013, 14:45   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
ClickCompare, Text-Enhance usw. - Standard

ClickCompare, Text-Enhance usw.



JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.05.2013, 15:53   #5
Staplerin
 
ClickCompare, Text-Enhance usw. - Standard

ClickCompare, Text-Enhance usw.



JRT Log
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 8 x64
Ran by Stefanie on 22.05.2013 at 16:19:39,55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] yontoo desktop updater 
Successfully deleted: [Service] yontoo desktop updater 



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\yontoo desktop



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\datamngr
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\browserprotect"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Stefanie\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\Stefanie\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Stefanie\AppData\Roaming\yontoo"
Successfully deleted: [Folder] "C:\Users\Stefanie\appdata\locallow\delta"
Successfully deleted: [Folder] "C:\Program Files (x86)\yontoo"



~~~ FireFox

Successfully deleted: [File] C:\Users\Stefanie\AppData\Roaming\mozilla\firefox\profiles\6tj79vgf.default\user.js
Successfully deleted: [File] C:\Users\Stefanie\AppData\Roaming\mozilla\firefox\profiles\6tj79vgf.default\searchplugins\babylon.xml
Successfully deleted: [File] C:\Users\Stefanie\AppData\Roaming\mozilla\firefox\profiles\6tj79vgf.default\searchplugins\delta.xml
Successfully deleted the following from C:\Users\Stefanie\AppData\Roaming\mozilla\firefox\profiles\6tj79vgf.default\prefs.js

user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.id", "12ee95d5000000000000689423fc5148");
user_pref("extensions.delta.instlDay", "15841");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.16.16");
user_pref("extensions.delta.vrsnTs", "1.8.16.1614:05:11");
user_pref("extensions.delta.vrsni", "1.8.16.16");
Emptied folder: C:\Users\Stefanie\AppData\Roaming\mozilla\firefox\profiles\6tj79vgf.default\minidumps [4 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.05.2013 at 16:24:06,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
ADWCleaner Log
Code:
ATTFilter
# AdwCleaner v2.301 - Datei am 22/05/2013 um 16:31:53 erstellt
# Aktualisiert am 16/05/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzer : Stefanie - STEFFIE
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Stefanie\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5a48b8cbd39b844
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\6tj79vgf.default\prefs.js

Gelöscht : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");
Gelöscht : user_pref("extentions.y2layers.installId", "033a6b79-1ccb-419a-b0ad-50a60f1cec45");

*************************

AdwCleaner[R1].txt - [2799 octets] - [22/05/2013 16:26:54]
AdwCleaner[S1].txt - [2736 octets] - [22/05/2013 16:31:53]

########## EOF - C:\AdwCleaner[S1].txt - [2796 octets] ##########
         
OTL Extras Log
Code:
ATTFilter
OTL Extras logfile created on: 22.05.2013 16:39:11 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Stefanie\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16580)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,87 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 65,24% Memory free
4,56 Gb Paging File | 3,18 Gb Available in Paging File | 69,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 418,43 Gb Total Space | 371,09 Gb Free Space | 88,69% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 23,50 Gb Free Space | 94,01% Space Free | Partition Type: NTFS
 
Computer Name: STEFFIE | User Name: Stefanie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2589906179-3452524320-955808348-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{FCC1FC70-D19C-440E-88A4-C5433828D524}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04CFE8E1-D75B-4663-BDF5-9A614986B14D}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{0A92FCD5-326A-49FA-95B1-A18E02111F2C}" = dir=out | name=rara.com | 
"{0B1E0A11-B5E8-4DEE-B1EB-A274294BA4EB}" = dir=out | name=lenovo support | 
"{1039D63E-F33D-4725-86F2-517F82AF9C2F}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{11582E64-BDF1-440F-964B-7F4BD1914931}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{194EC132-2CEC-40A9-BCBA-6BB20EAC67F8}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{1C6E9A59-723C-4DEC-9C1F-D19D9C0BB2CC}" = dir=out | name=skype | 
"{1DD61F59-4E8F-4412-B776-8374EA2E5C4D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{235008DA-EE94-452C-9D38-948880097121}" = dir=in | app=c:\program files (x86)\lenovo\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | 
"{29960863-F443-4DC0-B78E-91950C484B75}" = dir=out | name=windows_ie_ac_001 | 
"{32F37567-A623-4301-8E77-D78AB4B8C1FC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{3BB2D907-A9D4-47D8-B047-9E81EF96824D}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{3C2ABB85-EAE8-48F4-B49D-6911DD8BD422}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{4043A101-C0B8-4E01-9986-3970DCBC7062}" = dir=out | name=kindle | 
"{4A8023CF-1A88-4AEB-B4B3-FD02F95244B4}" = dir=in | name=evernote | 
"{5307614C-31D3-433C-A4FC-71E497C27D0B}" = dir=in | name=kindle | 
"{560290D3-7933-4C1B-9410-F8F184668EBE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{5F3E83BB-01FB-4F3E-9073-8ABCA6FF2D4C}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{6652AD2E-6CDC-41AE-A9D4-C7C5F3803F6B}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{6E5651E1-CBCC-4413-81D4-C8B7F3A51347}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{781B0F72-654B-442C-8279-A69B6B91101E}" = dir=in | app=c:\program files (x86)\lenovo\powerdvd10\powerdvd10.exe | 
"{79228D74-A149-4148-B7DA-F100F40076E7}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{7D3E721F-96C7-4467-8FB0-CBF8848298B4}" = dir=out | name=accuweather for windows 8 | 
"{8041BC52-54E7-41AA-90C8-D10FB34EAB47}" = protocol=17 | dir=in | app=c:\users\stefanie\appdata\roaming\dropbox\bin\dropbox.exe | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{919F0188-2D18-4420-94B1-FA337E748588}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{930C795D-826B-411A-8088-79EC1DE33984}" = dir=in | name=skype | 
"{9D4A5145-F0ED-45E1-B0E7-A251B2A6B996}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{A3C4AC33-62A6-4DD9-BCDF-1086716BDAA1}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{A915F978-E404-4D82-A6BF-63901739354F}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{B106D02C-8977-44C9-8549-6664A75276A7}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{B8B363C7-EBC6-4FAE-9CBC-B7151E48C274}" = protocol=6 | dir=in | app=c:\users\stefanie\appdata\roaming\dropbox\bin\dropbox.exe | 
"{C3C35988-33EE-418D-B1FF-01E6064A5CCA}" = dir=out | name=mcafee security advisor for lenovo | 
"{C5765CB0-E15A-4285-AEAD-FD9B08030092}" = dir=out | name=lenovo companion | 
"{C7DCF722-7D5A-4FAE-BB7C-21705E601AC4}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{CEA130F6-4C7C-4EB5-A918-21520A36F075}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{D2D6EC68-D744-4369-A67D-52F3BB59FC05}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{E96DC64A-2134-412C-A6E0-191AC2A73C3A}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{EF837BC2-7929-4771-84A5-73E484980E4F}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{EFE1E780-7F28-435F-BB26-018E188F0AEA}" = dir=out | name=powerdvd for lenovo idea | 
"{F6B756DA-D5B9-40AD-8740-B688F586D917}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{FBDEFFE4-FBC2-4E61-B7ED-9106BF679981}" = dir=out | name=evernote | 
"TCP Query User{18DFACE8-D69F-4A99-B59A-E41CA03F2C5B}C:\program files (x86)\trillian\plugins\skypekit.exe" = protocol=6 | dir=in | app=c:\program files (x86)\trillian\plugins\skypekit.exe | 
"TCP Query User{8865EBA3-CF14-4E08-986B-30DF3111D8F8}C:\users\stefanie\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\stefanie\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{C4DD9329-FE15-4613-8306-2BFBFBDDACC6}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe | 
"UDP Query User{0A1D1AE8-F81D-4756-9D00-2392465B1006}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe | 
"UDP Query User{229AFF6E-6D50-44BE-8FDA-E270990958A3}C:\program files (x86)\trillian\plugins\skypekit.exe" = protocol=17 | dir=in | app=c:\program files (x86)\trillian\plugins\skypekit.exe | 
"UDP Query User{D8687F34-610D-4CC7-B1F2-4F1967A5D606}C:\users\stefanie\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\stefanie\appdata\roaming\spotify\spotify.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}" = Lenovo Bluetooth with Enhanced Data Rate Software
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42" = Windows-Treiberpaket - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1)
"8A223E56FB1ED4F697B54E5BF96F1EB63B512684" = Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Elantech" = Lenovo pointing device
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{5D642A72-8194-4A22-80DA-11FE610CCA8E}" = Lenovo_Wireless_Driver
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}" = Lenovo EasyCamera
"{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = Lenovo PowerDVD10
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = Benutzerhandbuch
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"ENTERPRISE" = Microsoft Office Enterprise 2007
"findlyrics@findlyrics.co" = FindLyrics
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = Lenovo PowerDVD10
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"Intel AppUp(SM) center 33057" = Intel AppUp(SM) center
"IObit_StartMenu8_is1" = Start Menu 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SugarSync" = SugarSync Manager
"The Lost Crown_is1" = The Lost Crown version 1.2.1
"Trillian" = Trillian
"VirtualCloneDrive" = VirtualCloneDrive
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2589906179-3452524320-955808348-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ System Events ]
Error - 22.05.2013 10:29:03 | Computer Name = Steffie | Source = Microsoft-Windows-Kernel-General | ID = 6
Description = 
 
Error - 22.05.2013 10:29:52 | Computer Name = Steffie | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%2
 
Error - 22.05.2013 10:32:47 | Computer Name = Steffie | Source = Microsoft-Windows-Kernel-General | ID = 6
Description = 
 
Error - 22.05.2013 10:33:31 | Computer Name = Steffie | Source = Service Control Manager | ID = 7000
Description = Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%2
 
 
< End of report >
         
Den OTL Log muss ich in einem Extra-Post abschicken, da der Post sonst wieder zu lang wird, auch in der Minimalausgabe.


Alt 22.05.2013, 15:54   #6
Staplerin
 
ClickCompare, Text-Enhance usw. - Standard

ClickCompare, Text-Enhance usw.



OTL Log
Code:
ATTFilter
OTL logfile created on: 22.05.2013 16:39:11 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Stefanie\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16580)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,87 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 65,24% Memory free
4,56 Gb Paging File | 3,18 Gb Available in Paging File | 69,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 418,43 Gb Total Space | 371,09 Gb Free Space | 88,69% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 23,50 Gb Free Space | 94,01% Space Free | Partition Type: NTFS
 
Computer Name: STEFFIE | User Name: Stefanie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Stefanie\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe (Adobe Systems, Inc.)
PRC - C:\Users\Stefanie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Users\Stefanie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (IObit)
PRC - C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (IObit)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe (IObit)
PRC - c:\program files (x86)\trillian\plugins\skypekit.exe ()
PRC - C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios)
PRC - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\USB Camera2\VM332STI.EXE (Vimicro)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Users\Stefanie\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - c:\program files (x86)\trillian\plugins\skypekit.exe ()
MOD - C:\Program Files (x86)\Trillian\libpng15.dll ()
MOD - C:\Program Files (x86)\Trillian\libungif.dll ()
MOD - C:\Program Files (x86)\Trillian\zlib1.dll ()
MOD - c:\program files (x86)\trillian\languages\en\buddy.dll ()
MOD - c:\program files (x86)\trillian\languages\en\talk.dll ()
MOD - c:\program files (x86)\trillian\languages\en\trillian.dll ()
MOD - c:\program files (x86)\trillian\languages\en\events.dll ()
MOD - c:\program files (x86)\trillian\languages\en\toolkit.dll ()
MOD - C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl ()
MOD - C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl ()
MOD - C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl ()
MOD - C:\Users\Stefanie\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Windows\SysWOW64\vmprp332.ax ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (mcbootdelaystartsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe /McCoreSvc File not found
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (BcmBtRSupport) -- C:\Windows\SysNative\BtwRSupportService.exe (Broadcom Corporation.)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (CxAudMsg) -- C:\Windows\SysNative\CxAudMsg64.exe (Conexant Systems Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (StartMenuService) -- C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (IObit)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (btwdins) -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (ETDService) -- C:\Programme\Elantech\ETDService.exe (ELAN Microelectronics Corp.)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (aswSnx) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\WINDOWS\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\Drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswTdi) -- C:\WINDOWS\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\Drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\WINDOWS\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (LHDmgr) -- C:\Windows\SysNative\Drivers\LhdX64.sys (Lenovo.)
DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\Drivers\AcpiVpc.sys (Lenovo Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\Drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\Drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\Drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\Drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\Drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (bcbtums) -- C:\Windows\SysNative\Drivers\bcbtums.sys (Broadcom Corporation.)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (vm332avs) -- C:\Windows\SysNative\Drivers\vm332avs.sys (Vimicro Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\Drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\Drivers\L1C63x64.sys (Qualcomm Atheros Co., Ltd.)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\Drivers\BCMWL63a.SYS (Broadcom Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\Drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\Drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\Drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\Drivers\wsvd.sys ("CyberLink)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\Drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (e1iexpress) -- C:\Windows\SysNative\Drivers\e1i63x64.sys (Intel Corporation)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\Drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\Drivers\ElbyCDIO.sys (Elaborate Bytes AG)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{14FB477A-9F40-4C68-AD9C-521518AB56F6}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{14FB477A-9F40-4C68-AD9C-521518AB56F6}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-2589906179-3452524320-955808348-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
IE - HKU\S-1-5-21-2589906179-3452524320-955808348-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com [binary data]
IE - HKU\S-1-5-21-2589906179-3452524320-955808348-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
IE - HKU\S-1-5-21-2589906179-3452524320-955808348-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com [binary data]
IE - HKU\S-1-5-21-2589906179-3452524320-955808348-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
IE - HKU\S-1-5-21-2589906179-3452524320-955808348-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-2589906179-3452524320-955808348-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.com/firefox"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489
FF - prefs.js..extensions.enabledAddons: youtubeunblocker%40unblocker.yt:0.4.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q="
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.05.13 14:28:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\findlyrics@findlyrics.co: C:\Program Files (x86)\FindLyrics\FF\ [2013.05.16 14:04:21 | 000,000,000 | ---D | M]
 
[2013.05.13 10:50:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stefanie\AppData\Roaming\Mozilla\Extensions
[2013.05.22 13:11:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\6tj79vgf.default\extensions
[2013.05.14 18:50:03 | 000,005,429 | ---- | M] () (No name found) -- C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\6tj79vgf.default\extensions\youtubeunblocker@unblocker.yt.xpi
[2013.05.13 10:55:57 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\6tj79vgf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.05.22 15:32:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.22 15:32:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.05.13 14:28:13 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (FindLyrics) - {44C9CC91-6A4A-4579-B4B5-899ECDC18DC6} - C:\Program Files (x86)\FindLyrics\FindLyrics.dll (FindLyrics)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332STI.EXE (Vimicro)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-2589906179-3452524320-955808348-1001..\Run: [Spotify] C:\Users\Stefanie\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-2589906179-3452524320-955808348-1001..\Run: [Spotify Web Helper] C:\Users\Stefanie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Stefanie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe (Cerulean Studios)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A54B7DA-C654-4E35-999A-4EC3FF947A83}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.22 16:19:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.05.22 16:19:34 | 000,000,000 | ---D | C] -- C:\JRT
[2013.05.22 16:17:31 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Stefanie\Desktop\JRT.exe
[2013.05.22 13:52:29 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Malwarebytes
[2013.05.22 13:52:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.05.22 13:52:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.05.22 13:52:10 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2013.05.22 13:52:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.05.22 13:51:46 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\Programs
[2013.05.22 13:19:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Stefanie\Desktop\OTL.exe
[2013.05.20 04:50:25 | 002,206,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2013.05.20 04:50:24 | 001,265,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2013.05.20 04:50:24 | 000,793,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2013.05.20 04:50:24 | 000,579,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2013.05.20 04:50:23 | 001,841,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2013.05.20 04:50:21 | 000,612,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2013.05.20 04:50:20 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2013.05.20 04:50:19 | 000,441,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2013.05.20 04:50:18 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys
[2013.05.20 04:50:18 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.Compression.dll
[2013.05.20 04:50:16 | 000,058,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys
[2013.05.20 04:50:15 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpaceControl.dll
[2013.05.20 04:50:15 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcore6.dll
[2013.05.20 04:50:13 | 000,056,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdstor.sys
[2013.05.20 04:50:13 | 000,033,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\battc.sys
[2013.05.20 04:50:12 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.Compression.dll
[2013.05.20 04:50:11 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\input.dll
[2013.05.20 04:50:10 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\input.dll
[2013.05.20 04:50:10 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dhcpcsvc6.dll
[2013.05.20 04:50:04 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2013.05.20 04:50:02 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SysFxUI.dll
[2013.05.20 04:50:01 | 001,836,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll
[2013.05.20 04:49:54 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\drmk.sys
[2013.05.20 04:49:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kbdhebl3.dll
[2013.05.20 04:49:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbdhebl3.dll
[2013.05.20 04:49:49 | 000,962,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2013.05.20 04:49:49 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2013.05.20 04:49:49 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PCPKsp.dll
[2013.05.20 04:49:48 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dhcpcore6.dll
[2013.05.20 04:49:47 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxSip.dll
[2013.05.20 04:49:45 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfapigp.dll
[2013.05.20 04:49:40 | 001,226,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2013.05.20 04:49:40 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2013.05.20 04:49:38 | 002,115,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2013.05.20 04:49:25 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2013.05.20 04:49:25 | 001,045,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2013.05.20 04:49:25 | 000,757,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FirewallAPI.dll
[2013.05.20 04:49:25 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\icfupgd.dll
[2013.05.20 04:49:25 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfapigp.dll
[2013.05.20 04:49:24 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2013.05.20 04:49:24 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BdeUISrv.exe
[2013.05.20 04:49:21 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2013.05.20 04:49:21 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PCPKsp.dll
[2013.05.20 04:49:16 | 002,380,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2013.05.20 04:49:15 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSip.dll
[2013.05.20 04:49:15 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-pdc.dll
[2013.05.20 04:42:01 | 003,245,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2013.05.20 04:41:57 | 001,536,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll
[2013.05.20 04:41:57 | 001,122,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe
[2013.05.20 04:41:57 | 001,027,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe
[2013.05.20 04:41:56 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebcamUi.dll
[2013.05.20 04:41:56 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WebcamUi.dll
[2013.05.20 04:41:55 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserLanguagesCpl.dll
[2013.05.20 04:41:52 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnapps.dll
[2013.05.20 04:41:50 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserLanguagesCpl.dll
[2013.05.20 04:41:49 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstsc.exe
[2013.05.20 04:41:49 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wpnapps.dll
[2013.05.20 04:41:49 | 000,027,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys
[2013.05.20 04:41:48 | 001,217,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll
[2013.05.20 04:41:47 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstsc.exe
[2013.05.20 04:41:46 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2013.05.20 04:41:46 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2013.05.20 04:41:45 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2013.05.20 04:41:45 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2013.05.20 04:41:45 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsutil.dll
[2013.05.20 04:41:44 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rfxvmt.dll
[2013.05.20 04:41:44 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsldr.exe
[2013.05.20 04:41:43 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2013.05.20 04:41:43 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vds_ps.dll
[2013.05.20 04:41:43 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vds_ps.dll
[2013.05.20 04:39:54 | 001,526,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2013.05.20 04:39:53 | 001,451,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2013.05.20 04:39:52 | 001,566,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2013.05.20 04:39:52 | 000,976,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2013.05.20 04:39:51 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2013.05.20 04:39:49 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\HelpPane.exe
[2013.05.20 04:39:46 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafWCN.dll
[2013.05.20 04:39:45 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2013.05.20 04:39:45 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll
[2013.05.20 04:39:45 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bthprops.cpl
[2013.05.20 04:39:44 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bthprops.cpl
[2013.05.20 04:39:44 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2013.05.20 04:39:42 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
[2013.05.20 04:39:40 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2013.05.20 04:39:38 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2013.05.20 04:39:38 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnApi.dll
[2013.05.20 04:39:38 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WcnApi.dll
[2013.05.20 04:39:37 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2013.05.20 04:39:37 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlansec.dll
[2013.05.20 04:39:36 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fdWCN.dll
[2013.05.20 04:39:35 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnEapAuthProxy.dll
[2013.05.20 04:39:34 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wfdprov.dll
[2013.05.20 04:39:34 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WcnEapPeerProxy.dll
[2013.05.20 04:39:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wfdprov.dll
[2013.05.20 04:39:31 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\fxppm.sys
[2013.05.20 04:39:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanhlp.dll
[2013.05.20 04:39:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanhlp.dll
[2013.05.20 04:39:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iscsilog.dll
[2013.05.20 04:39:17 | 008,552,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\glcndFilter.dll
[2013.05.20 04:39:17 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll
[2013.05.20 04:39:03 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpclip.exe
[2013.05.20 04:39:02 | 011,459,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\glcndFilter.dll
[2013.05.20 04:39:01 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2013.05.19 13:39:31 | 001,172,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetsrc.dll
[2013.05.19 13:39:30 | 000,929,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2013.05.19 13:39:30 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2013.05.19 13:39:30 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2013.05.19 13:39:30 | 000,513,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2013.05.19 13:39:29 | 000,673,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2013.05.19 13:38:12 | 001,184,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2013.05.19 13:38:12 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2013.05.19 13:38:11 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDKURD.DLL
[2013.05.19 13:38:10 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDKURD.DLL
[2013.05.18 23:08:46 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2013.05.18 23:08:46 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2013.05.18 23:08:46 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013.05.18 23:08:45 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2013.05.18 23:08:45 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2013.05.18 23:08:45 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013.05.18 13:40:25 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dskquota.dll
[2013.05.18 13:40:24 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dskquota.dll
[2013.05.18 11:50:36 | 000,396,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2013.05.18 10:43:28 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2013.05.18 10:07:26 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2013.05.18 10:07:25 | 000,707,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2013.05.18 01:11:16 | 013,648,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2013.05.18 01:11:15 | 014,267,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2013.05.18 01:11:15 | 003,552,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2013.05.18 01:11:13 | 011,878,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2013.05.18 01:11:12 | 010,789,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2013.05.18 01:11:12 | 002,107,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2013.05.18 01:11:11 | 002,767,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2013.05.18 01:11:10 | 001,593,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2013.05.18 01:11:07 | 001,829,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2013.05.18 01:11:07 | 001,444,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAudDecMFT.dll
[2013.05.18 01:11:02 | 010,116,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2013.05.18 01:11:00 | 001,113,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSAudDecMFT.dll
[2013.05.18 01:10:59 | 000,306,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kd_02_10ec.dll
[2013.05.18 01:10:58 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2013.05.18 01:10:57 | 000,298,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rsaenh.dll
[2013.05.18 01:10:55 | 000,446,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2013.05.18 01:10:55 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2013.05.18 01:10:54 | 000,489,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2013.05.18 01:10:53 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe
[2013.05.18 01:10:53 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmredir.dll
[2013.05.18 01:10:52 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2013.05.18 01:10:52 | 000,435,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2013.05.18 01:10:51 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2013.05.18 01:10:51 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2013.05.18 01:10:51 | 000,253,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2013.05.18 01:10:50 | 000,804,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RecoveryDrive.exe
[2013.05.18 01:10:49 | 001,403,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2013.05.18 01:10:48 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2013.05.18 01:10:47 | 001,267,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2013.05.18 01:10:47 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll
[2013.05.18 01:10:46 | 002,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2013.05.18 01:10:45 | 001,217,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2013.05.18 01:10:45 | 000,523,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2013.05.18 01:10:44 | 001,093,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2013.05.18 01:10:43 | 000,503,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2013.05.18 01:10:42 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2013.05.18 01:10:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhengine.dll
[2013.05.18 01:10:42 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmvdsitf.dll
[2013.05.18 01:10:41 | 000,659,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2013.05.18 01:10:41 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2013.05.18 01:10:40 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2013.05.18 01:10:40 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2013.05.18 01:10:40 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2013.05.18 01:10:40 | 000,123,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll
[2013.05.18 01:10:39 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2013.05.18 01:10:39 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Robocopy.exe
[2013.05.18 01:10:39 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Robocopy.exe
[2013.05.18 01:10:39 | 000,077,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdvm.dll
[2013.05.18 01:10:38 | 000,522,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2013.05.18 01:10:38 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\intl.cpl
[2013.05.18 01:10:38 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iuilp.dll
[2013.05.18 01:10:37 | 000,463,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2013.05.18 01:10:37 | 000,284,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2013.05.18 01:10:37 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmvdsitf.dll
[2013.05.18 01:10:36 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2013.05.18 01:10:36 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2013.05.18 01:10:36 | 000,086,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdnet.dll
[2013.05.18 01:10:35 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2013.05.18 01:10:34 | 000,745,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2013.05.18 01:10:34 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GenuineCenter.dll
[2013.05.18 01:10:34 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2013.05.18 01:10:33 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\intl.cpl
[2013.05.18 01:10:33 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fmifs.dll
[2013.05.18 01:10:32 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fmifs.dll
[2013.05.18 01:10:31 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssphtb.dll
[2013.05.18 01:10:31 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2013.05.18 01:10:31 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msshooks.dll
[2013.05.18 01:10:30 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssitlb.dll
[2013.05.18 01:10:30 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msshooks.dll
[2013.05.18 01:10:29 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll
[2013.05.18 01:10:29 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssitlb.dll
[2013.05.18 01:10:29 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll
[2013.05.18 01:10:29 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msscntrs.dll
[2013.05.16 18:58:26 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_9.dll
[2013.05.16 18:58:26 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_9.dll
[2013.05.16 18:58:25 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_35.dll
[2013.05.16 18:58:25 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_35.dll
[2013.05.16 18:58:25 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_35.dll
[2013.05.16 18:58:25 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_35.dll
[2013.05.16 18:58:23 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_35.dll
[2013.05.16 18:58:23 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_35.dll
[2013.05.16 18:58:22 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_8.dll
[2013.05.16 18:58:22 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_8.dll
[2013.05.16 18:58:22 | 000,021,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\x3daudio1_2.dll
[2013.05.16 18:58:22 | 000,018,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\x3daudio1_2.dll
[2013.05.16 18:58:21 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_34.dll
[2013.05.16 18:58:21 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_34.dll
[2013.05.16 18:58:21 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_34.dll
[2013.05.16 18:58:21 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_34.dll
[2013.05.16 18:58:20 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_34.dll
[2013.05.16 18:58:20 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_34.dll
[2013.05.16 18:58:20 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xinput1_3.dll
[2013.05.16 18:58:20 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_3.dll
[2013.05.16 18:58:19 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_7.dll
[2013.05.16 18:58:19 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_7.dll
[2013.05.16 18:58:17 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_33.dll
[2013.05.16 18:58:17 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_33.dll
[2013.05.16 18:58:17 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10_33.dll
[2013.05.16 18:58:17 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10_33.dll
[2013.05.16 18:58:16 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_33.dll
[2013.05.16 18:58:16 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_33.dll
[2013.05.16 18:58:16 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_6.dll
[2013.05.16 18:58:16 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_6.dll
[2013.05.16 18:58:14 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx10.dll
[2013.05.16 18:58:14 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx10.dll
[2013.05.16 18:58:14 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_5.dll
[2013.05.16 18:58:14 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_5.dll
[2013.05.16 18:58:13 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_32.dll
[2013.05.16 18:58:13 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_32.dll
[2013.05.16 18:58:12 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_4.dll
[2013.05.16 18:58:12 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_4.dll
[2013.05.16 18:58:12 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\x3daudio1_1.dll
[2013.05.16 18:58:12 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\x3daudio1_1.dll
[2013.05.16 18:58:11 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_31.dll
[2013.05.16 18:58:11 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_31.dll
[2013.05.16 18:58:10 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_3.dll
[2013.05.16 18:58:10 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_3.dll
[2013.05.16 18:58:09 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xinput1_2.dll
[2013.05.16 18:58:09 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_2.dll
[2013.05.16 18:58:08 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_2.dll
[2013.05.16 18:58:08 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_2.dll
[2013.05.16 18:58:08 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xinput1_1.dll
[2013.05.16 18:58:08 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xinput1_1.dll
[2013.05.16 18:58:06 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_1.dll
[2013.05.16 18:58:06 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_1.dll
[2013.05.16 18:58:00 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_30.dll
[2013.05.16 18:58:00 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_30.dll
[2013.05.16 18:57:58 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xactengine2_0.dll
[2013.05.16 18:57:58 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xactengine2_0.dll
[2013.05.16 18:57:58 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\x3daudio1_0.dll
[2013.05.16 18:57:58 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\x3daudio1_0.dll
[2013.05.16 18:57:57 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_29.dll
[2013.05.16 18:57:57 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_29.dll
[2013.05.16 18:57:55 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_28.dll
[2013.05.16 18:57:55 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_28.dll
[2013.05.16 18:57:53 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_27.dll
[2013.05.16 18:57:53 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_27.dll
[2013.05.16 18:57:51 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_25.dll
[2013.05.16 18:57:51 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_26.dll
[2013.05.16 18:57:51 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_25.dll
[2013.05.16 18:57:51 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_26.dll
[2013.05.16 18:57:47 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3dx9_24.dll
[2013.05.16 18:57:47 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3dx9_24.dll
[2013.05.16 18:56:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Lost Crown
[2013.05.16 14:24:21 | 000,693,112 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2013.05.16 14:24:21 | 000,078,200 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2013.05.16 14:20:24 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice
[2013.05.16 14:09:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2013.05.16 14:04:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FindLyrics
[2013.05.15 06:04:38 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2013.05.15 06:04:31 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2013.05.15 06:04:30 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2013.05.15 06:04:29 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2013.05.15 06:04:29 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2013.05.15 06:04:28 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2013.05.15 06:04:28 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2013.05.15 06:04:28 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2013.05.15 06:03:57 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shdocvw.dll
[2013.05.15 06:03:56 | 000,112,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe
[2013.05.15 06:03:44 | 002,382,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\esent.dll
[2013.05.15 06:03:43 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2013.05.15 06:03:41 | 006,987,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2013.05.14 11:54:21 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2013.05.14 11:54:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
[2013.05.14 11:54:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2013.05.13 14:28:33 | 000,378,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2013.05.13 14:28:33 | 000,033,400 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswFsBlk.sys
[2013.05.13 14:28:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.05.13 14:28:32 | 000,072,016 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2013.05.13 14:28:32 | 000,064,288 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswTdi.sys
[2013.05.13 14:28:29 | 001,025,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2013.05.13 14:28:26 | 000,080,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2013.05.13 14:28:25 | 000,287,840 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2013.05.13 14:28:00 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.05.13 14:27:46 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.05.13 14:27:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.05.13 12:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013.05.13 12:13:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2013.05.13 12:13:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2013.05.13 12:13:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013.05.13 12:13:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2013.05.13 12:11:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.05.13 12:11:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013.05.13 12:11:01 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\Microsoft Help
[2013.05.13 12:10:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013.05.13 12:10:19 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013.05.13 12:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
[2013.05.13 12:08:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2013.05.13 11:51:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
[2013.05.13 11:44:00 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Dropbox
[2013.05.13 11:42:34 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013.05.13 11:40:24 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Dropbox
[2013.05.13 11:32:08 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvcr100_clr0400.dll
[2013.05.13 11:31:41 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvcr100_clr0400.dll
[2013.05.13 11:29:25 | 002,094,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mmc.exe
[2013.05.13 11:29:25 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2013.05.13 11:29:25 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2013.05.13 11:29:24 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mmc.exe
[2013.05.13 11:29:22 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupapi.dll
[2013.05.13 11:29:21 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2013.05.13 11:29:21 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2013.05.13 11:29:21 | 000,028,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpiowin32.sys
[2013.05.13 11:29:19 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2013.05.13 11:29:19 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MP4SDECD.DLL
[2013.05.13 11:29:19 | 000,303,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2013.05.13 11:29:19 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2013.05.13 11:29:19 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDMon.dll
[2013.05.13 11:29:19 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetpp.dll
[2013.05.13 11:29:19 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wiaacmgr.exe
[2013.05.13 11:29:18 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncbservice.dll
[2013.05.13 11:29:18 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wiaacmgr.exe
[2013.05.13 11:29:17 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MP4SDECD.DLL
[2013.05.13 11:29:17 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxm.dll
[2013.05.13 11:29:17 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhsvc.dll
[2013.05.13 11:29:16 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhapi.dll
[2013.05.13 11:29:16 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxp.dll
[2013.05.13 11:29:16 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\keepaliveprovider.dll
[2013.05.13 11:28:40 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2013.05.13 11:28:35 | 001,627,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2013.05.13 11:28:32 | 005,978,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2013.05.13 11:28:31 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2013.05.13 11:28:31 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2013.05.13 11:28:31 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2013.05.13 11:28:30 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2013.05.13 11:28:30 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47Langs.dll
[2013.05.13 11:28:30 | 000,327,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2013.05.13 11:28:29 | 005,091,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2013.05.13 11:28:29 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2013.05.13 11:28:29 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ubpm.dll
[2013.05.13 11:28:28 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2013.05.13 11:28:28 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2013.05.13 11:28:28 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll
[2013.05.13 11:28:28 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2013.05.13 11:28:28 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BCP47Langs.dll
[2013.05.13 11:28:27 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2013.05.13 11:28:27 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TimeBrokerServer.dll
[2013.05.13 11:28:26 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2013.05.13 11:28:26 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2013.05.13 11:28:26 | 000,332,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2013.05.13 11:28:24 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2013.05.13 11:28:24 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll
[2013.05.13 11:28:24 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2013.05.13 11:28:24 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2013.05.13 11:28:24 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2013.05.13 11:28:24 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll
[2013.05.13 11:28:23 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll
[2013.05.13 11:28:23 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2013.05.13 11:28:23 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll
[2013.05.13 11:28:22 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2013.05.13 11:28:22 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2013.05.13 11:28:22 | 000,194,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2013.05.13 11:28:18 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2013.05.13 11:28:18 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\discan.dll
[2013.05.13 11:28:18 | 000,125,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2013.05.13 11:28:18 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhost.exe
[2013.05.13 11:28:18 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2013.05.13 11:28:18 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2013.05.13 11:28:17 | 000,058,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2013.05.13 11:28:14 | 000,337,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2013.05.13 11:28:13 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NdisImPlatform.dll
[2013.05.13 11:28:13 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhostex.exe
[2013.05.13 11:28:12 | 000,148,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys
[2013.05.13 11:28:12 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys
[2013.05.13 11:28:11 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuaext.dll
[2013.05.13 11:28:10 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fsquirt.exe
[2013.05.13 11:28:10 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2013.05.13 11:28:10 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.cpl
[2013.05.13 11:28:10 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercfg.cpl
[2013.05.13 11:28:10 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2013.05.13 11:28:10 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2013.05.13 11:28:10 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevDispItemProvider.dll
[2013.05.13 11:28:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2013.05.13 11:28:09 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2013.05.13 11:28:08 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncInfo.dll
[2013.05.13 11:28:08 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2013.05.13 11:28:08 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDPrintProxy.DLL
[2013.05.13 11:28:08 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2013.05.13 11:28:08 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevDispItemProvider.dll
[2013.05.13 11:28:08 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2013.05.13 11:28:07 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncInfo.dll
[2013.05.13 11:28:07 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2013.05.13 11:28:05 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wushareduxresources.dll
[2013.05.13 11:23:23 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\synceng.dll
[2013.05.13 11:23:23 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\synceng.dll
[2013.05.13 11:14:01 | 000,000,000 | ---D | C] -- C:\Program Files\Ulead IPhoto Plus 4
[2013.05.13 11:13:21 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\WinRAR
[2013.05.13 11:13:21 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.05.13 11:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.05.13 11:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.05.13 11:13:14 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tssdisai.dll
[2013.05.13 11:13:14 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appserverai.dll
[2013.05.13 11:13:14 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDWebAI.dll
[2013.05.13 11:13:14 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VmHostAI.dll
[2013.05.13 11:13:10 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2013.05.13 11:13:10 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2013.05.13 11:12:39 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll
[2013.05.13 11:12:39 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll
[2013.05.13 11:12:39 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2013.05.13 11:12:39 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2013.05.13 11:12:38 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2013.05.13 11:12:38 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2013.05.13 11:12:29 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2013.05.13 11:12:29 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2013.05.13 11:12:11 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\Macromedia
[2013.05.13 11:12:03 | 000,230,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2013.05.13 11:11:59 | 000,035,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2013.05.13 11:11:33 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcadm.dll
[2013.05.13 11:11:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcalua.exe
[2013.05.13 11:11:32 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaevts.dll
[2013.05.13 11:11:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml6r.dll
[2013.05.13 11:11:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msxml6r.dll
[2013.05.13 11:11:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml3r.dll
[2013.05.13 11:11:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msxml3r.dll
[2013.05.13 11:11:28 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnet.dll
[2013.05.13 11:11:28 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnet.dll
[2013.05.13 11:11:28 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnathlp.dll
[2013.05.13 11:11:28 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnathlp.dll
[2013.05.13 11:11:28 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnsvr.exe
[2013.05.13 11:11:28 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnsvr.exe
[2013.05.13 11:11:27 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnhupnp.dll
[2013.05.13 11:11:27 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnhpast.dll
[2013.05.13 11:11:27 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnhupnp.dll
[2013.05.13 11:11:27 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnhpast.dll
[2013.05.13 11:11:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnlobby.dll
[2013.05.13 11:11:27 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpnaddr.dll
[2013.05.13 11:11:27 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnlobby.dll
[2013.05.13 11:11:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dpnaddr.dll
[2013.05.13 11:11:01 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\duser.dll
[2013.05.13 11:11:01 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlroamextension.dll
[2013.05.13 11:11:01 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWanAPI.dll
[2013.05.13 11:11:01 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2013.05.13 11:11:01 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncsi.dll
[2013.05.13 11:11:00 | 000,446,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2013.05.13 11:11:00 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Connectivity.dll
[2013.05.13 11:11:00 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hotspotauth.dll
[2013.05.13 11:10:59 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2013.05.13 11:10:59 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsRasterService.dll
[2013.05.13 11:10:59 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll
[2013.05.13 11:10:59 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskkill.exe
[2013.05.13 11:10:59 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthAvrcpTg.sys
[2013.05.13 11:10:58 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlroamextension.dll
[2013.05.13 11:10:58 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWanAPI.dll
[2013.05.13 11:10:58 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mbsmsapi.dll
[2013.05.13 11:10:58 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mbsmsapi.dll
[2013.05.13 11:10:58 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsRasterService.dll
[2013.05.13 11:10:58 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tasklist.exe
[2013.05.13 11:10:57 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpd_ci.dll
[2013.05.13 11:10:57 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tasklist.exe
[2013.05.13 11:10:57 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\taskkill.exe
[2013.05.13 11:10:57 | 000,061,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\crashdmp.sys
[2013.05.13 11:10:57 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidi2c.sys
[2013.05.13 11:10:55 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmproxy.dll
[2013.05.13 11:10:54 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmsprep.dll
[2013.05.13 11:10:53 | 000,029,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthhfHid.sys
[2013.05.13 11:10:53 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys
[2013.05.13 11:10:37 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2013.05.13 11:10:37 | 001,437,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2013.05.13 11:10:35 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usb8023.sys
[2013.05.13 11:09:45 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2013.05.13 11:09:45 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2013.05.13 11:09:45 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2013.05.13 11:09:45 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2013.05.13 11:09:45 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2013.05.13 11:09:45 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2013.05.13 11:09:45 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dciman32.dll
[2013.05.13 11:09:45 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpk.dll
[2013.05.13 11:09:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgentc.exe
[2013.05.13 11:09:11 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgentc.exe
[2013.05.13 11:09:08 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2013.05.13 11:09:08 | 000,945,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resetengmig.dll
[2013.05.13 11:09:08 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2013.05.13 11:09:08 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2013.05.13 11:09:08 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sysreset.exe
[2013.05.13 11:06:49 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Trillian
[2013.05.13 11:06:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trillian
[2013.05.13 11:03:57 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\Spotify
[2013.05.13 11:03:22 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Spotify
[2013.05.13 11:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013.05.13 10:50:17 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Mozilla
[2013.05.13 10:50:17 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\Mozilla
[2013.05.13 10:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.05.13 10:50:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.05.13 10:50:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.05.13 10:45:25 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.05.13 10:41:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Energy Management
[2013.05.13 10:40:58 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\Broadcom
[2013.05.13 10:40:58 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\Documents\Bluetooth-Exchange-Ordner
[2013.05.13 10:40:14 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.05.13 10:40:14 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Searches
[2013.05.13 10:40:14 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Contacts
[2013.05.13 10:40:14 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.05.13 10:39:55 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Macromedia
[2013.05.13 10:39:53 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Adobe
[2013.05.13 10:39:07 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\VirtualStore
[2013.05.13 10:38:56 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\Packages
[2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Vorlagen
[2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\AppData\Local\Verlauf
[2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\AppData\Local\Temporary Internet Files
[2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Startmenü
[2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\SendTo
[2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Recent
[2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Netzwerkumgebung
[2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Lokale Einstellungen
[2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Documents\Eigene Videos
[2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Documents\Eigene Musik
[2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Eigene Dateien
[2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Documents\Eigene Bilder
[2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Druckumgebung
[2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Cookies
[2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\AppData\Local\Anwendungsdaten
[2013.05.13 10:38:48 | 000,000,000 | -HSD | C] -- C:\Users\Stefanie\Anwendungsdaten
[2013.05.13 10:38:47 | 000,000,000 | --SD | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft
[2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Videos
[2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Saved Games
[2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Pictures
[2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Music
[2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Links
[2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Favorites
[2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Downloads
[2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Documents
[2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\Desktop
[2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.05.13 10:38:47 | 000,000,000 | R--D | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013.05.13 10:38:47 | 000,000,000 | -H-D | C] -- C:\Users\Stefanie\AppData
[2013.05.13 10:38:47 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\Temp
[2013.05.13 10:38:47 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Local\Microsoft
[2013.05.13 10:38:47 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.05.13 10:38:47 | 000,000,000 | ---D | C] -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
[2013.05.02 18:51:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2013.05.02 18:51:48 | 000,000,000 | -HSD | C] -- C:\Programme
[2013.05.02 18:51:48 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2013.05.02 18:51:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2013.05.02 18:51:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2013.05.02 18:51:48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2013.05.02 18:51:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2013.05.02 18:51:47 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2013.05.02 18:51:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2013.05.02 18:51:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2013.05.02 18:51:11 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.22 16:39:34 | 001,745,416 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013.05.22 16:39:34 | 000,753,134 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat
[2013.05.22 16:39:34 | 000,710,244 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013.05.22 16:39:34 | 000,155,826 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat
[2013.05.22 16:39:34 | 000,132,614 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013.05.22 16:38:54 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\FindLyrics Update.job
[2013.05.22 16:35:08 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.05.22 16:32:59 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.05.22 16:32:51 | 3323,367,424 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.22 16:29:29 | 000,424,616 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013.05.22 16:17:31 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Stefanie\Desktop\JRT.exe
[2013.05.22 16:17:10 | 000,632,031 | ---- | M] () -- C:\Users\Stefanie\Desktop\adwcleaner.exe
[2013.05.22 16:13:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.05.22 15:32:25 | 000,001,158 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.05.22 15:14:58 | 000,028,882 | ---- | M] () -- C:\Users\Stefanie\Desktop\OTLogs.zip
[2013.05.22 14:54:47 | 000,000,000 | ---- | M] () -- C:\Users\Stefanie\defogger_reenable
[2013.05.22 14:50:34 | 000,377,856 | ---- | M] () -- C:\Users\Stefanie\Desktop\gmer_2.1.19163.exe
[2013.05.22 13:19:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Stefanie\Desktop\OTL.exe
[2013.05.21 01:57:11 | 000,011,335 | ---- | M] () -- C:\Users\Stefanie\Desktop\vintageportrait.png
[2013.05.20 12:51:17 | 025,571,773 | ---- | M] () -- C:\Users\Stefanie\Desktop\LostCrown.pdf
[2013.05.14 22:57:09 | 000,001,356 | ---- | M] () -- C:\WINDOWS\SysWow64\XBL_MUSIC_30x30_A.scale-80.png
[2013.05.14 22:57:09 | 000,001,152 | ---- | M] () -- C:\WINDOWS\SysWow64\XBL_VIDEO_30x30_A.scale-80.png
[2013.05.14 22:57:08 | 000,009,792 | ---- | M] () -- C:\WINDOWS\SysWow64\tile_square_default.scale-80.png
[2013.05.14 22:57:08 | 000,001,268 | ---- | M] () -- C:\WINDOWS\SysWow64\SupportLogo.scale-80.png
[2013.05.14 22:57:08 | 000,001,220 | ---- | M] () -- C:\WINDOWS\SysWow64\XBL_GAMES_30x30_A.scale-80.png
[2013.05.14 22:57:08 | 000,001,202 | ---- | M] () -- C:\WINDOWS\SysWow64\logo.scale-80.png
[2013.05.14 22:57:08 | 000,000,534 | ---- | M] () -- C:\WINDOWS\SysWow64\smalllogo.scale-80.png
[2013.05.14 22:57:08 | 000,000,522 | ---- | M] () -- C:\WINDOWS\SysWow64\smalllogo.scale-100.png
[2013.05.14 22:57:08 | 000,000,473 | ---- | M] () -- C:\WINDOWS\SysWow64\sports_logo_small.scale-80.png
[2013.05.14 22:57:08 | 000,000,473 | ---- | M] () -- C:\WINDOWS\SysWow64\small.scale-80.png
[2013.05.14 22:57:08 | 000,000,399 | ---- | M] () -- C:\WINDOWS\SysWow64\CalendarLogo.scale-80.png
[2013.05.14 22:57:08 | 000,000,354 | ---- | M] () -- C:\WINDOWS\SysWow64\PeopleSmall.scale-80.png
[2013.05.14 22:57:08 | 000,000,318 | ---- | M] () -- C:\WINDOWS\SysWow64\messaging_small.scale-80.png
[2013.05.14 22:57:08 | 000,000,295 | ---- | M] () -- C:\WINDOWS\SysWow64\ReaderSmallLogo.scale-80.png
[2013.05.14 22:57:08 | 000,000,283 | ---- | M] () -- C:\WINDOWS\SysWow64\MailSmallLogo.scale-80.png
[2013.05.14 11:54:06 | 000,002,064 | ---- | M] () -- C:\Users\Public\Desktop\Start Menu 8.lnk
[2013.05.13 14:28:34 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.05.13 14:28:26 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysWow64\config.nt
[2013.05.13 12:09:00 | 000,001,261 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2013.05.13 11:44:00 | 000,001,015 | ---- | M] () -- C:\Users\Stefanie\Desktop\Dropbox.lnk
[2013.05.13 11:43:07 | 000,001,025 | ---- | M] () -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.05.13 11:06:49 | 000,001,090 | ---- | M] () -- C:\Users\Stefanie\Desktop\Trillian.lnk
[2013.05.13 11:06:49 | 000,001,054 | ---- | M] () -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk
[2013.05.13 11:03:56 | 000,001,793 | ---- | M] () -- C:\Users\Stefanie\Desktop\Spotify.lnk
[2013.05.13 10:41:02 | 000,001,133 | ---- | M] () -- C:\Users\Stefanie\Desktop\Cyberlink Power2Go.lnk
[2013.05.09 10:59:07 | 001,025,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSnx.sys
[2013.05.09 10:59:07 | 000,378,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswSP.sys
[2013.05.09 10:59:07 | 000,189,936 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2013.05.09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswRdr2.sys
[2013.05.09 10:59:07 | 000,065,336 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2013.05.09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswTdi.sys
[2013.05.09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys
[2013.05.09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\drivers\aswFsBlk.sys
[2013.05.09 10:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.05.09 10:58:11 | 000,287,840 | ---- | M] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe
[2013.05.07 22:07:50 | 000,693,112 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2013.05.07 22:07:50 | 000,078,200 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
 
========== Files Created - No Company Name ==========
 
[2013.05.22 16:29:16 | 000,424,616 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2013.05.22 16:25:28 | 000,000,295 | ---- | C] () -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
[2013.05.22 16:17:09 | 000,632,031 | ---- | C] () -- C:\Users\Stefanie\Desktop\adwcleaner.exe
[2013.05.22 15:14:58 | 000,028,882 | ---- | C] () -- C:\Users\Stefanie\Desktop\OTLogs.zip
[2013.05.22 14:54:47 | 000,000,000 | ---- | C] () -- C:\Users\Stefanie\defogger_reenable
[2013.05.22 14:50:20 | 000,377,856 | ---- | C] () -- C:\Users\Stefanie\Desktop\gmer_2.1.19163.exe
[2013.05.21 01:57:09 | 000,011,335 | ---- | C] () -- C:\Users\Stefanie\Desktop\vintageportrait.png
[2013.05.20 12:51:16 | 025,571,773 | ---- | C] () -- C:\Users\Stefanie\Desktop\LostCrown.pdf
[2013.05.18 01:10:27 | 000,387,688 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2013.05.16 18:45:08 | 1385,271,296 | ---- | C] () -- C:\Users\Stefanie\Desktop\gns-tlcr.iso
[2013.05.16 14:26:19 | 000,002,143 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser Choice.lnk
[2013.05.16 14:10:19 | 000,002,012 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2013.05.16 14:10:19 | 000,001,956 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2013.05.16 14:10:19 | 000,001,935 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2013.05.16 14:04:22 | 000,000,400 | ---- | C] () -- C:\WINDOWS\tasks\FindLyrics Update.job
[2013.05.14 22:57:09 | 000,001,356 | ---- | C] () -- C:\WINDOWS\SysWow64\XBL_MUSIC_30x30_A.scale-80.png
[2013.05.14 22:57:09 | 000,001,152 | ---- | C] () -- C:\WINDOWS\SysWow64\XBL_VIDEO_30x30_A.scale-80.png
[2013.05.14 22:57:08 | 000,009,792 | ---- | C] () -- C:\WINDOWS\SysWow64\tile_square_default.scale-80.png
[2013.05.14 22:57:08 | 000,001,268 | ---- | C] () -- C:\WINDOWS\SysWow64\SupportLogo.scale-80.png
[2013.05.14 22:57:08 | 000,001,220 | ---- | C] () -- C:\WINDOWS\SysWow64\XBL_GAMES_30x30_A.scale-80.png
[2013.05.14 22:57:08 | 000,001,202 | ---- | C] () -- C:\WINDOWS\SysWow64\logo.scale-80.png
[2013.05.14 22:57:08 | 000,000,534 | ---- | C] () -- C:\WINDOWS\SysWow64\smalllogo.scale-80.png
[2013.05.14 22:57:08 | 000,000,522 | ---- | C] () -- C:\WINDOWS\SysWow64\smalllogo.scale-100.png
[2013.05.14 22:57:08 | 000,000,473 | ---- | C] () -- C:\WINDOWS\SysWow64\sports_logo_small.scale-80.png
[2013.05.14 22:57:08 | 000,000,473 | ---- | C] () -- C:\WINDOWS\SysWow64\small.scale-80.png
[2013.05.14 22:57:08 | 000,000,399 | ---- | C] () -- C:\WINDOWS\SysWow64\CalendarLogo.scale-80.png
[2013.05.14 22:57:08 | 000,000,354 | ---- | C] () -- C:\WINDOWS\SysWow64\PeopleSmall.scale-80.png
[2013.05.14 22:57:08 | 000,000,318 | ---- | C] () -- C:\WINDOWS\SysWow64\messaging_small.scale-80.png
[2013.05.14 22:57:08 | 000,000,295 | ---- | C] () -- C:\WINDOWS\SysWow64\ReaderSmallLogo.scale-80.png
[2013.05.14 22:57:08 | 000,000,283 | ---- | C] () -- C:\WINDOWS\SysWow64\MailSmallLogo.scale-80.png
[2013.05.14 11:54:06 | 000,002,064 | ---- | C] () -- C:\Users\Public\Desktop\Start Menu 8.lnk
[2013.05.13 14:28:34 | 000,001,933 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.05.13 14:28:29 | 000,189,936 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswVmm.sys
[2013.05.13 14:28:29 | 000,065,336 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys
[2013.05.13 14:28:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysWow64\config.nt
[2013.05.13 12:09:00 | 000,001,261 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2013.05.13 11:44:00 | 000,001,015 | ---- | C] () -- C:\Users\Stefanie\Desktop\Dropbox.lnk
[2013.05.13 11:43:07 | 000,001,025 | ---- | C] () -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.05.13 11:06:49 | 000,001,090 | ---- | C] () -- C:\Users\Stefanie\Desktop\Trillian.lnk
[2013.05.13 11:06:49 | 000,001,054 | ---- | C] () -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk
[2013.05.13 11:06:48 | 000,001,120 | ---- | C] () -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trillian.lnk
[2013.05.13 11:03:56 | 000,001,793 | ---- | C] () -- C:\Users\Stefanie\Desktop\Spotify.lnk
[2013.05.13 11:03:56 | 000,001,779 | ---- | C] () -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2013.05.13 11:02:50 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.05.13 10:50:11 | 000,001,170 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.05.13 10:50:11 | 000,001,158 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.05.13 10:40:12 | 000,001,449 | ---- | C] () -- C:\Users\Stefanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.05.13 10:38:47 | 000,001,133 | ---- | C] () -- C:\Users\Stefanie\Desktop\Cyberlink Power2Go.lnk
[2013.05.13 10:38:47 | 000,000,189 | ---- | C] () -- C:\Users\Stefanie\Desktop\Lenovo Telephony Start Now.url
[2013.05.02 18:51:14 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2013.05.02 18:51:10 | 3323,367,424 | -HS- | C] () -- C:\hiberfil.sys
[2013.02.19 06:27:25 | 000,001,915 | ---- | C] () -- C:\WINDOWS\vm332Rmv.ini
[2013.02.19 06:27:25 | 000,001,915 | ---- | C] () -- C:\WINDOWS\SysWow64\vm332Rmv.ini
[2013.02.19 06:24:50 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012.10.11 18:47:49 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2012.09.05 14:09:43 | 000,598,780 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng700.bin
[2012.09.05 14:09:19 | 000,064,512 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2012.09.05 14:09:15 | 000,755,048 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng700.bin
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2012.07.25 22:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012.07.25 22:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012.04.20 14:59:44 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2013.05.16 18:57:39 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         

Alt 22.05.2013, 15:55   #7
Staplerin
 
ClickCompare, Text-Enhance usw. - Standard

ClickCompare, Text-Enhance usw.



Hoppla.. Doppelpost... Tut mir leid.

Geändert von Staplerin (22.05.2013 um 15:58 Uhr) Grund: Doppelpost

Alt 22.05.2013, 20:11   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
ClickCompare, Text-Enhance usw. - Standard

ClickCompare, Text-Enhance usw.



Sieht ok aus, hattest offensichtlich nur nervige Adware drauf. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Vollscan mit Malwarebytes Anti-Malware (MBAM) (falls du vor kurzem erst einen Vollscan gemacht hast, reicht auch ein Quickscan (spart Zeit), das dann mir bitte auch mitteilen)

Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu ClickCompare, Text-Enhance usw.
abgebrochen, adblock, avast, dateien, ebenfalls, ergebnis, firefox, foren, forum, funktioniert, geliefert, hallo zusammen, infizierte, klicke, laptop, links, löschen, neue, neuen, nicht mehr, scan, scannen, seite, seiten, suche, win, youtube



Ähnliche Themen: ClickCompare, Text-Enhance usw.


  1. Windows 8, 64 Bit. Probleme mit Topic Torch/ Wise Enhance
    Log-Analyse und Auswertung - 04.05.2014 (7)
  2. Problem mit Clickcompare
    Plagegeister aller Art und deren Bekämpfung - 22.03.2014 (13)
  3. "Ads by Media Enhance" entfernen
    Anleitungen, FAQs & Links - 03.03.2014 (2)
  4. Datei namens "Enhance views hack tool.vbs" verhindert, dass USB Stick zip- Dateien anzeigt.
    Plagegeister aller Art und deren Bekämpfung - 13.02.2014 (5)
  5. "Media Player Enhance" entfernen
    Anleitungen, FAQs & Links - 05.02.2014 (2)
  6. Clickcompare Virus
    Plagegeister aller Art und deren Bekämpfung - 25.01.2014 (13)
  7. "Browser Enhance" entfernen
    Anleitungen, FAQs & Links - 06.01.2014 (2)
  8. ClickCompare Malware auf Win 8 x64
    Log-Analyse und Auswertung - 15.08.2013 (15)
  9. ClickCompare und Cupondropdown
    Plagegeister aller Art und deren Bekämpfung - 01.07.2013 (9)
  10. text enhance, Weiterleitungen von Google Links und Suchmaschinen-Plugin
    Log-Analyse und Auswertung - 14.06.2013 (7)
  11. Verlinkungen zu Clickcompare
    Log-Analyse und Auswertung - 01.06.2013 (20)
  12. clickcompare Trojaner (?)
    Plagegeister aller Art und deren Bekämpfung - 19.05.2013 (4)
  13. Clickcompare Virus
    Plagegeister aller Art und deren Bekämpfung - 18.04.2013 (5)
  14. Clickcompare Trojaner
    Plagegeister aller Art und deren Bekämpfung - 16.04.2013 (4)
  15. clickcompare trojaner
    Plagegeister aller Art und deren Bekämpfung - 05.04.2013 (8)
  16. Clickcompare Virus
    Plagegeister aller Art und deren Bekämpfung - 14.02.2013 (5)
  17. Clickcompare in Internetforen
    Plagegeister aller Art und deren Bekämpfung - 22.01.2013 (17)

Zum Thema ClickCompare, Text-Enhance usw. - Hallo zusammen, ich reihe mich mal in das ClickCompare-Problem ein... Seit etwas mehr als einer Woche habe ich einen neuen Laptop (mit Win 8 64 bit) und vor ein paar - ClickCompare, Text-Enhance usw....
Archiv
Du betrachtest: ClickCompare, Text-Enhance usw. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.