| |
| |||||||
Log-Analyse und Auswertung: Wie bekomme ich "dirtydecrypt.exe" wieder los?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
05.07.2013, 07:21
| #1 |
| |  Wie bekomme ich "dirtydecrypt.exe" wieder los? Hallo, ich habe mir den "dirtydecrypt.exe" Trojaner eingefangen. Wenn ich z. B. eine gespeicherte Word-Datei öffne, erhalte ich folgende Meldung: File is encrypted This file can be decrypted using the program DirtyDecrypt.exe Press CTRL+ALT+D to run DirtyDecrypt.exe If DirtyDecrypt.exe not opened сheck the paths: C:\Program Files (x86)\Dirty\DirtyDecrypt.exe C:\Program Files\Dirty\DirtyDecrypt.exe C:\Users\[YOUR USER]\AppData\Roaming\Dirty\DirtyDecrypt.exe C:\Documents and Settings\[YOUR USER]\Application Data\Dirty\DirtyDecrypt.exe C:\Documents and Settings\[YOUR USER]\Local Settings\Application Data\Dirty\DirtyDecrypt.exe Ich habe bereits mit dem OTL Tool folgende Files erstellt: OTL Datei:OTL Logfile: Code:
ATTFilter OTL logfile created on: 04.07.2013 17:56:27 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Champ\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 894,48 Mb Total Physical Memory | 345,73 Mb Available Physical Memory | 38,65% Memory free 2,12 Gb Paging File | 1,47 Gb Available in Paging File | 69,48% Paging File free Paging file location(s): C:\pagefile.sys 1344 2688 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 279,46 Gb Total Space | 208,97 Gb Free Space | 74,78% Space Free | Partition Type: NTFS Computer Name: XXXXXX| User Name: XXXX | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Champ\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) PRC - C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe (F-Secure Corporation) PRC - C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe (F-Secure Corporation) PRC - C:\Programme\F-Secure\apps\CCF_Reputation\fsorsp.exe (F-Secure Corporation) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation) PRC - C:\Programme\F-Secure\fshoster32.exe (F-Secure Corporation) PRC - C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation) PRC - C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE (F-Secure Corporation) PRC - C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin) PRC - C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) PRC - C:\WINDOWS\system32\slserv.exe (Smart Link) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\NewSoft\Smart Start UP\PnPDetect.exe (NewSoft Technology Corporation) PRC - C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe (AOL LLC) PRC - C:\Programme\Gemeinsame Dateien\aol\1194104839\ee\aolsoftware.exe (America Online, Inc.) PRC - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe (Nero AG) PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) PRC - c:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) PRC - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) PRC - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\agent.exe (InstallShield Software Corporation) PRC - C:\Programme\FreePDF\FreePDFA.exe (shbox) PRC - C:\WINDOWS\wanmpsvc.exe (America Online, Inc.) PRC - C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe (Ulead Systems, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Programme\F-Secure\apps\ComputerSecurity\Spam Control\fsas.dll () MOD - C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll () MOD - C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\fm4av.dll () MOD - \\?\c:\programme\f-secure\apps\computersecurity\hips\fsumi.dll () MOD - C:\WINDOWS\WinSxS\x86_F-Secure.Qt462_2e112a926211c0a3_4.6.482.65_x-ww_a8ee95a1\QtMultimediaKit1.dll () MOD - C:\Programme\F-Secure\daas2.dll () MOD - C:\Programme\F-Secure\apps\ComputerSecurity\FSGUI\strres.eng () MOD - C:\Programme\F-Secure\apps\ComputerSecurity\FSGUI\fsavures.eng () MOD - C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\fsavhres.eng () MOD - C:\WINDOWS\system32\mpg2splt.ax () MOD - C:\WINDOWS\system32\msdmo.dll () MOD - C:\Programme\Sonic\Media Suite\RecordNow! Plus\shlext.dll () MOD - C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\u32Spy.dll () ========== Services (SafeList) ========== SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) SRV - (FSORSPClient) -- C:\Programme\F-Secure\apps\CCF_Reputation\fsorsp.exe (F-Secure Corporation) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (fshoster) -- C:\Programme\F-Secure\fshoster32.exe (F-Secure Corporation) SRV - (FSMA) -- C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE (F-Secure Corporation) SRV - (AVM WLAN Connection Service) -- C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) SRV - (SLService) -- C:\WINDOWS\System32\slserv.exe (Smart Link) SRV - (AOL ACS) -- C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe (AOL LLC) SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (PsShutdownSvc) -- C:\WINDOWS\system32\PSSDNSVC.EXE (Systems Internals) SRV - (WmcCds) -- c:\Programme\Windows Media Connect\mswmccds.exe (Microsoft Corporation) SRV - (WmcCdsLs) -- C:\Programme\Windows Media Connect\mswmcls.exe (Microsoft Corporation) SRV - (WANMiniportService) -- C:\WINDOWS\wanmpsvc.exe (America Online, Inc.) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (InCDRm) -- system32\drivers\InCDRm.sys File not found DRV - (InCDPass) -- system32\drivers\InCDPass.sys File not found DRV - (InCDFs) -- system32\drivers\InCDFs.sys File not found DRV - (Changer) -- File not found DRV - (fsbts) -- C:\WINDOWS\system32\drivers\fsbts.sys () DRV - (F-Secure Gatekeeper) -- C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys (F-Secure Corporation) DRV - (F-Secure HIPS) -- C:\Programme\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys (F-Secure Corporation) DRV - (fsni) -- C:\Programme\F-Secure\apps\CCF_Scanning\fsnixp32.sys (F-Secure Corporation) DRV - (fsnitdi) -- C:\Programme\F-Secure\apps\CCF_Scanning\fsnitdi32.sys (F-Secure Corporation) DRV - (FWLANUSB) -- C:\WINDOWS\system32\drivers\fwlanusb.sys (AVM GmbH) DRV - (avmeject) -- C:\WINDOWS\system32\drivers\avmeject.sys (AVM Berlin) DRV - (ElbyDelay) -- C:\WINDOWS\system32\drivers\ElbyDelay.sys (Elaborate Bytes AG) DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.) DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows (R) 2000 DDK provider) DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation) DRV - (SlNtHal) -- C:\WINDOWS\system32\drivers\slnthal.sys (Smart Link) DRV - (SlWdmSup) -- C:\WINDOWS\system32\drivers\slwdmsup.sys (Smart Link) DRV - (Slntamr) -- C:\WINDOWS\system32\drivers\slntamr.sys (Smart Link) DRV - (NtMtlFax) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys (Smart Link) DRV - (Mtlmnt5) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys (Smart Link) DRV - (RecAgent) -- C:\WINDOWS\system32\drivers\RecAgent.sys (Smart Link) DRV - (Mtlstrm) -- C:\WINDOWS\system32\drivers\mtlstrm.sys (Smart Link) DRV - (RTL8023) -- C:\WINDOWS\system32\drivers\Rtlnic51.sys (Realtek Semiconductor Corporation ) DRV - (Cinemsup) -- C:\WINDOWS\System32\drivers\cinemsup.sys (Sonic Solutions) DRV - (wanatw) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {4DC00217-5676-4C15-9BAA-F7F3758A39A3} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{4DC00217-5676-4C15-9BAA-F7F3758A39A3}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yakumo.de IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yakumo.de IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yakumo.de IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yakumo.de IE - HKU\S-1-5-21-2384998777-4088281372-565200509-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hotmail.com/ IE - HKU\S-1-5-21-2384998777-4088281372-565200509-1006\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-2384998777-4088281372-565200509-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2384998777-4088281372-565200509-1006\..\SearchScopes\{4DC00217-5676-4C15-9BAA-F7F3758A39A3}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-2384998777-4088281372-565200509-1006\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_deDE359 IE - HKU\S-1-5-21-2384998777-4088281372-565200509-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 5 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: 2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.05.09 14:28:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.06.30 09:47:40 | 000,000,000 | ---D | M] [2009.09.12 16:34:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Extensions [2012.11.01 10:02:21 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Firefox\Profiles\8ovd1kw1.default\extensions [2010.01.20 18:35:49 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Firefox\Profiles\8ovd1kw1.default\extensions\firefox@tvunetworks.com [2013.05.09 14:28:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.05.09 14:28:58 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2013.05.09 14:28:47 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.05.09 14:28:47 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2013.05.09 14:28:47 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2013.05.09 14:28:47 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2013.05.09 14:28:47 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2013.05.09 14:28:47 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKLM\..\Toolbar: (NetXfer) - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Programme\Xi\NetXfer\NXToolBar.dll (Xi) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKU\S-1-5-21-2384998777-4088281372-565200509-1006\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe (AOL LLC) O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin) O4 - HKLM..\Run: [FreePDFAssistent] C:\Programme\FreePDF\FreePDFA.exe (shbox) O4 - HKLM..\Run: [F-Secure Hoster (666)] C:\Programme\F-Secure\fshoster32.exe (F-Secure Corporation) O4 - HKLM..\Run: [F-Secure Manager] C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation) O4 - HKLM..\Run: [HostManager] C:\Programme\Gemeinsame Dateien\aol\1194104839\ee\aolsoftware.exe (America Online, Inc.) O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh) O4 - HKLM..\Run: [PE2CKFNT SE] C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe () O4 - HKLM..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [Smart Start UP] C:\Programme\NewSoft\Smart Start UP\PnPDetect.exe (NewSoft Technology Corporation) O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation) O4 - HKLM..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe () O4 - HKU\S-1-5-21-2384998777-4088281372-565200509-1006..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-2384998777-4088281372-565200509-1006..\Run: [DirtyDecrypt] "\\?\C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Dirty\DirtyDecrypt.exe" /hide File not found O4 - HKU\S-1-5-21-2384998777-4088281372-565200509-1006..\Run: [QezriJgu] c:\dokume~1\champ\lokale~1\temp\0.08716367382355761.bfg File not found O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe (America Online, Inc.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Photo Express Calendar Checker SE.lnk = C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe (Ulead Systems, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2384998777-4088281372-565200509-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O8 - Extra context menu item: Alles mit NetXfer herunterladen - C:\Programme\Xi\NetXfer\NXAddList.html () O8 - Extra context menu item: Herunterladen mit NetXfer - C:\Programme\Xi\NetXfer\NXAddLink.html () O15 - HKU\S-1-5-21-2384998777-4088281372-565200509-1006\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.25.2) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.25.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{139D4A44-536A-4CE5-A0BB-F37AB36A3502}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{77470660-DDC7-4D74-AC27-636A22E17BED}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (c:\dokume~1\champ\lokale~1\temp\0.08716367382355761.bfg) - File not found O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005.01.18 21:30:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{1b0eaa2e-be6e-11db-9065-00038a000015}\Shell\AutoRun\command - "" = I:\JDSecure\Windows\JDSecure31.exe O33 - MountPoints2\{65ccb9b0-ffa4-11e0-928e-001f3f0691d7}\Shell - "" = AutoRun O33 - MountPoints2\{65ccb9b0-ffa4-11e0-928e-001f3f0691d7}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{65ccb9b0-ffa4-11e0-928e-001f3f0691d7}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.07.04 17:55:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Champ\Desktop\OTL.exe [2013.07.04 17:24:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Champ\Lokale Einstellungen\Anwendungsdaten\Sun [2013.07.04 17:15:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Champ\Desktop\Famlienfotos Schwarze 07-2013 [2013.07.03 07:07:51 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Champ\Recent [2013.06.30 09:47:59 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java [2013.06.30 09:47:40 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2013.06.30 09:47:40 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013.06.30 09:47:34 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013.06.30 09:47:34 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013.06.30 09:47:34 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013.06.30 09:28:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CCleaner [2013.06.30 09:28:31 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2013.06.30 09:24:11 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys [2013.06.30 09:22:27 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Champ\PrivacIE [2013.06.30 09:22:27 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Champ\IECompatCache [2013.06.30 09:16:40 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Champ\IETldCache [2013.06.30 02:31:56 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll [2013.06.30 02:30:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2013.06.30 02:30:33 | 002,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2013.06.30 02:30:33 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2013.06.30 02:30:33 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2013.06.30 02:30:32 | 011,112,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2013.06.30 02:30:32 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2013.06.30 02:30:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2013.06.30 02:29:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2013.06.30 02:01:53 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2013.06.30 01:59:33 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll [2013.06.30 01:59:32 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll [2013.06.30 01:58:34 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2013.06.30 01:58:03 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll [2013.06.30 01:57:30 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2013.06.30 01:51:00 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2013.06.30 01:50:15 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll [2013.06.30 01:50:15 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll [2013.06.30 01:49:20 | 000,290,560 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll [2013.06.30 01:48:56 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys [2013.06.30 01:48:56 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys [2013.06.30 01:48:32 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys [2013.06.30 01:48:24 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys [2013.06.30 01:48:07 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys [2013.06.30 01:47:09 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll [2013.06.30 01:45:34 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe [2013.06.30 01:44:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\F-Secure [2013.06.30 01:44:29 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll [2013.06.30 01:43:50 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2013.06.30 01:43:46 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys [2013.06.30 01:40:58 | 002,195,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe [2013.06.30 01:40:58 | 002,152,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2013.06.30 01:40:58 | 002,031,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2013.06.30 01:40:57 | 002,072,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe [2013.06.30 01:40:00 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys [2013.06.30 01:39:19 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe [2013.06.30 01:39:16 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll [2013.06.30 01:28:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\F-Secure [2013.06.30 01:28:33 | 000,000,000 | ---D | C] -- C:\Programme\F-Secure [2013.06.30 01:19:35 | 001,371,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2013.06.30 01:19:35 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll [2013.06.30 01:19:35 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll [2013.06.30 01:19:32 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll [2013.06.30 01:19:31 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll [2013.06.30 01:19:31 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll [2013.06.30 01:19:31 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll [2013.06.30 01:19:31 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll [2013.06.30 01:19:31 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax [2013.06.30 01:19:31 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax [2013.06.30 01:19:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll [2013.06.30 01:19:30 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll [2013.06.30 01:19:30 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll [2013.06.30 01:19:30 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll [2013.06.30 01:19:30 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll [2013.06.30 01:19:30 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll [2013.06.30 01:19:30 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll [2013.06.30 01:19:30 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll [2013.06.30 01:19:30 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll [2013.06.30 01:19:30 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll [2013.06.30 01:19:30 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll [2013.06.30 01:19:29 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll [2013.06.30 01:19:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll [2013.06.30 01:19:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll [2013.06.30 01:19:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll [2013.06.30 01:19:27 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll [2013.06.30 01:19:27 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll [2013.06.30 01:19:27 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll [2013.06.30 01:19:27 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll [2013.06.30 01:19:27 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll [2013.06.30 01:19:27 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe [2013.06.30 01:19:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll [2013.06.30 01:19:26 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll [2013.06.30 01:19:26 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll [2013.06.30 01:19:26 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll [2013.06.30 01:19:26 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe [2013.06.30 01:19:26 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll [2013.06.30 01:19:26 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll [2013.06.30 01:19:26 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll [2013.06.30 01:19:25 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll [2013.06.30 01:19:25 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll [2013.06.30 01:19:25 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll [2013.06.30 01:19:25 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll [2013.06.30 01:19:25 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll [2013.06.30 01:19:24 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe [2013.06.30 01:19:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll [2013.06.30 01:19:23 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax [2013.06.30 01:19:23 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe [2013.06.30 01:19:22 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll [2013.06.30 01:19:21 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll [2013.06.30 01:19:21 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll [2013.06.30 01:19:20 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe [2013.06.30 01:19:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-de [2013.06.30 01:19:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2013.06.30 01:19:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de [2013.06.30 01:19:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits [2013.06.30 01:16:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles [2013.06.30 01:14:16 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll [2013.06.30 01:14:16 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll [2013.06.30 01:14:16 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll [2013.06.30 01:14:16 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll [2013.06.30 01:14:16 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll [2013.06.30 01:14:16 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll [2013.06.30 01:14:16 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll [2013.06.30 01:14:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic [2013.06.30 01:14:15 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys [2013.06.30 01:14:15 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys [2013.06.30 01:14:15 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys [2013.06.30 01:14:15 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys [2013.06.30 01:14:15 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys [2013.06.30 01:14:15 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys [2013.06.30 01:14:15 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys [2013.06.30 01:14:14 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys [2013.06.30 01:14:14 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys [2013.06.30 01:14:14 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys [2013.06.30 01:14:14 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys [2013.06.30 01:14:14 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys [2013.06.30 01:14:14 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys [2013.06.30 01:14:14 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys [2013.06.30 01:14:14 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys [2013.06.30 01:14:14 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys [2013.06.30 01:14:14 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys [2013.06.30 01:14:14 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys [2013.06.30 01:14:13 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys [2013.06.30 01:14:13 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys [2013.06.30 01:14:13 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys [2013.06.30 01:14:13 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys [2013.06.30 01:14:13 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll [2013.06.30 01:14:13 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll [2013.06.30 01:14:13 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll [2013.06.30 01:14:13 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll [2013.06.30 01:14:13 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll [2013.06.30 01:14:12 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll [2013.06.30 01:14:11 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys [2013.06.30 01:14:11 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys [2013.06.30 01:14:10 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [2013.06.30 01:14:10 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys [2013.06.30 01:14:10 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys [2013.06.30 01:14:10 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys [2013.06.30 01:14:10 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll [2013.06.30 01:14:09 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys [2013.06.30 01:14:09 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys [2013.06.30 01:14:09 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys [2013.06.30 01:14:09 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys [2013.06.30 01:14:09 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys [2013.06.30 01:14:09 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll [2013.06.30 01:14:09 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys [2013.06.30 01:09:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2013.06.30 01:09:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome [2013.06.29 20:28:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\F-Secure [2013.06.29 19:09:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.07.04 17:55:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Champ\Desktop\OTL.exe [2013.07.04 17:54:21 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2013.07.04 17:18:28 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.07.04 17:18:23 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013.07.04 17:18:23 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013.07.04 17:10:46 | 000,000,660 | ---- | M] () -- C:\WINDOWS\ULEAD32.INI [2013.07.04 17:09:44 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.07.04 17:09:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.07.03 07:08:48 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013.06.30 10:07:30 | 000,196,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.06.30 09:47:08 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013.06.30 09:47:02 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013.06.30 09:47:02 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013.06.30 09:47:02 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013.06.30 09:47:01 | 000,391,330 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013.06.30 09:47:01 | 000,380,486 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013.06.30 09:47:01 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013.06.30 09:47:01 | 000,063,778 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013.06.30 09:47:01 | 000,052,900 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013.06.30 09:47:00 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2013.06.30 09:47:00 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2013.06.30 09:28:39 | 000,000,659 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk [2013.06.30 01:58:14 | 000,044,240 | ---- | M] () -- C:\WINDOWS\System32\drivers\fsbts.sys [2013.06.30 01:46:36 | 000,019,406 | ---- | M] () -- C:\WINDOWS\prodsett_copy.ini [2013.06.30 01:28:56 | 000,001,704 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\F-Secure.lnk [2013.06.30 01:25:26 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2013.06.30 01:13:40 | 000,251,712 | RHS- | M] () -- C:\ntldr [2013.06.30 01:06:17 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ce751d42e5e6ac.job [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.30 09:39:18 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2013.06.30 09:28:39 | 000,000,659 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk [2013.06.30 01:47:25 | 000,044,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys [2013.06.30 01:46:36 | 000,019,406 | ---- | C] () -- C:\WINDOWS\prodsett_copy.ini [2013.06.30 01:39:53 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2013.06.30 01:39:53 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll [2013.06.30 01:28:56 | 000,001,704 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\F-Secure.lnk [2013.06.30 01:14:13 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2013.06.30 01:14:12 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2013.06.30 01:14:11 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img [2013.06.30 01:06:17 | 000,001,086 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1ce751d42e5e6ac.job [2006.08.17 10:23:09 | 000,000,074 | ---- | C] () -- C:\Dokumente und Einstellungen\Champ\default.pls [2005.12.23 14:31:58 | 000,015,428 | ---- | C] () -- C:\Dokumente und Einstellungen\Champ\RefEdit.exd [2005.12.03 09:59:32 | 000,051,712 | ---- | C] () -- C:\Dokumente und Einstellungen\Champ\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2005.11.26 12:21:45 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Champ\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat ========== ZeroAccess Check ========== [2005.01.18 21:42:27 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 07:52:26 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 07:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2013.06.23 07:07:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\bvhBBKAN [2013.06.24 18:35:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Dirty [2005.10.25 11:29:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Leadertech [2013.06.23 07:12:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator.NIRVANA\Anwendungsdaten\bvhBBKAN [2013.06.29 22:42:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator.NIRVANA\Anwendungsdaten\Dirty [2005.10.25 11:29:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator.NIRVANA\Anwendungsdaten\Leadertech [2009.06.06 17:19:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON [2013.06.30 01:54:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\F-Secure [2009.06.24 16:46:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Newsoft [2009.06.06 17:22:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL [2005.10.25 14:25:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint [2013.05.15 15:57:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\bvhBBKAN [2007.01.06 17:52:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\CDZilla [2013.06.29 22:43:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Dirty [2009.10.15 08:43:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\EPSON [2005.10.25 11:29:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Leadertech [2012.11.03 17:18:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Ovryw [2012.12.11 13:04:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Owaq [2007.09.02 09:44:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\SmartSurfer [2007.09.02 09:45:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\WEBDE [2009.12.27 16:53:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Xi [2012.12.11 13:34:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Zeyxq [2005.10.25 11:29:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Default User\Anwendungsdaten\Leadertech ========== Purity Check ========== < End of report > SOWIE die EXTRAS - Datei:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 04.07.2013 17:56:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Champ\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
894,48 Mb Total Physical Memory | 345,73 Mb Available Physical Memory | 38,65% Memory free
2,12 Gb Paging File | 1,47 Gb Available in Paging File | 69,48% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 279,46 Gb Total Space | 208,97 Gb Free Space | 74,78% Space Free | Partition Type: NTFS
Computer Name: NIRVANA | User Name: Champ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UacDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 1
"DoNotAllowExceptions" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- (America Online, Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- (America Online, Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000000-2778-5BED-8199-52EB14D8D22F}" = F-Secure CCF Reputation
"{077A7810-A937-4465-AD08-ACED9807995F}" = ANNO 1602 Königs-Edition
"{0B69DA57-BC7D-461D-B7D6-2AA9F08869CD}" = QuickTime
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26792CA7-D87A-4DBE-896B-C2F66B344511}" = Sonic CinePlayer
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2C9241DC-E141-4BB9-99F2-0BC54D81862F}" = Smart Start UP
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3D78F2A2-C893-4ABD-B5FE-AD7011837755}" = EPSON Easy Photo Print
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows-Journal-Viewer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50B9EFAD-9AD3-4E6A-A9B7-1C02669D4907}" = Online Safety 2.77.1170.803
"{60E971B7-51A0-48CA-8687-C6B8F094A409}" = Sonic Simple Backup
"{658FDBCA-B7A1-43E4-A849-9F0812473331}" = Computer Security 12.77.100.0 (release)
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6D4E3662-A321-4D98-84B8-934229348575}" = F-Secure Network CCF 1.02.128
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{82A4A6D5-DC7D-4D0C-8E0A-EC61A24D7F2E}" = DruckStudio ArtEdition
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}" = Camera RAW Plug-In for EPSON Creativity Suite
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow! Plus
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B298BB58-D68C-48C5-BC79-5E7EBB2FC922}" = F-Secure
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C7E1449D-7638-6832-426D-589655951031}" = Nero 7 Demo
"{CAF7A270-55D5-455F-B0D1-6C51EADC1C3A}" = Presto! Mr. Photo 4
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{E36439A3-5F71-45B7-B515-7C79AF6A64B8}" = F-Secure CCF Scanning 1.23.124.8831 (release)
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}" = Windows Media Connect
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AFPL Ghostscript 8.11" = AFPL Ghostscript 8.11
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"AOL Deinstallation" = AOL Deinstallation
"AOL YGP Screensaver" = AOL Meine Fotos Bildschirmschoner
"AOLCoach de" = AOL Coach Version 1.0(Build:20040229.1 de)
"ATI Display Driver" = ATI Display Driver
"Audiograbber" = Audiograbber 1.83 SE
"AVMWLANCLI" = AVM FRITZ!WLAN
"CCleaner" = CCleaner
"CloneDVD2OEM" = CloneDVD2OEM
"ConfigManager" = ELSA Configuration Manager
"DIVXCodec" = DivX Codec 3d release
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"EPSON Stylus CX7300_CX8300_DX7400_DX8400 Benutzerhandbuch" = EPSON Stylus CX7300_CX8300_DX7400_DX8400 Handbuch
"FreePDF" = FreePDF 2.11
"F-Secure ServiceEnabler 666" = F-Secure
"HijackThis" = HijackThis 1.98.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{0B69DA57-BC7D-461D-B7D6-2AA9F08869CD}" = QuickTime
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"Kalender" = TKexe Kalender
"Messer_is1" = Messer v0.992
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MJuiceWinamp" = Mjuice Components
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NetXfer Vista(x86) (Multilingual)_is1" = NetXfer 2.89.502
"RealPlayer 6.0" = RealPlayer Basic
"ST6UNST #1" = CoverPro
"StreetPlugin" = Learn2 Player (Uninstall Only)
"Sudden Strike - Resource War" = Sudden Strike - Resource War
"TVUPlayer" = TVUPlayer 2.5.2.2
"Ulead Photo Express 2.0 SE" = Ulead Photo Express 2.0 SE
"ViewpointMediaPlayer" = Viewpoint Media Player
"Winamp" = Winamp (remove only)
"Windows Media Connect" = Windows Media Connect
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26.06.2011 03:27:19 | Computer Name = NIRVANA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 6.0.2900.2180, fehlgeschlagenes
Modul mshtml.dll, Version 6.0.2900.2769, Fehleradresse 0x001d5f43.
Error - 28.06.2011 04:24:05 | Computer Name = NIRVANA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung mrstart.exe, Version 4.0.9.1000, fehlgeschlagenes
Modul mrstart.exe, Version 4.0.9.1000, Fehleradresse 0x0000b3e6.
Error - 25.07.2011 00:57:20 | Computer Name = NIRVANA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung mrstart.exe, Version 4.0.9.1000, fehlgeschlagenes
Modul mrstart.exe, Version 4.0.9.1000, Fehleradresse 0x0000b3e6.
Error - 03.10.2011 04:22:32 | Computer Name = NIRVANA | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Der Servername oder die Serveradresse konnte
nicht verarbeitet werden. .
Error - 27.10.2011 02:08:51 | Computer Name = NIRVANA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.2527, fehlgeschlagenes
Modul ntdll.dll, Version 5.1.2600.2180, Fehleradresse 0x00018fea.
Error - 01.11.2011 04:56:39 | Computer Name = NIRVANA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 6.0.2900.2180, fehlgeschlagenes
Modul mshtml.dll, Version 6.0.2900.2769, Fehleradresse 0x00116ecb.
Error - 01.11.2011 04:56:56 | Computer Name = NIRVANA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung drwtsn32.exe, Version 5.1.2600.0, fehlgeschlagenes
Modul dbghelp.dll, Version 5.1.2600.2180, Fehleradresse 0x0001295d.
Error - 03.11.2011 05:46:57 | Computer Name = NIRVANA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung mrstart.exe, Version 4.0.9.1000, fehlgeschlagenes
Modul mrstart.exe, Version 4.0.9.1000, Fehleradresse 0x0000b3e6.
Error - 04.11.2011 08:44:37 | Computer Name = NIRVANA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 6.0.2900.2180, fehlgeschlagenes
Modul mshtml.dll, Version 6.0.2900.2769, Fehleradresse 0x00116ecb.
Error - 04.11.2011 08:45:10 | Computer Name = NIRVANA | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung drwtsn32.exe, Version 5.1.2600.0, fehlgeschlagenes
Modul dbghelp.dll, Version 5.1.2600.2180, Fehleradresse 0x0001295d.
[ System Events ]
Error - 29.06.2013 14:32:30 | Computer Name = NIRVANA | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "netman"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
Error - 29.06.2013 14:32:55 | Computer Name = NIRVANA | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "netman"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
Error - 29.06.2013 14:33:13 | Computer Name = NIRVANA | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 29.06.2013 14:33:37 | Computer Name = NIRVANA | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "netman"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
Error - 29.06.2013 14:33:47 | Computer Name = NIRVANA | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "netman"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
Error - 29.06.2013 14:33:54 | Computer Name = NIRVANA | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "netman"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
Error - 29.06.2013 14:34:02 | Computer Name = NIRVANA | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 29.06.2013 19:04:59 | Computer Name = NIRVANA | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet: %%1460
Error - 30.06.2013 03:18:26 | Computer Name = NIRVANA | Source = DCOM | ID = 10010
Description = Der Server "{4EB61BAC-A3B6-4760-9581-655041EF4D69}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 03.07.2013 00:53:27 | Computer Name = NIRVANA | Source = DCOM | ID = 10010
Description = Der Server "{4EB61BAC-A3B6-4760-9581-655041EF4D69}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
< End of report >
Was kann ich machen? Danke und viele Grüße !!! |
|
05.07.2013, 08:57
| #2 |
| /// the machine /// TB-Ausbilder    | Wie bekomme ich "dirtydecrypt.exe" wieder los? Hi,
__________________Systemscan mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
__________________ |
|
05.07.2013, 10:26
| #3 |
| | Wie bekomme ich "dirtydecrypt.exe" wieder los? Hi, danke! Hab ich gemacht. Hab übrigens XP als Betriebssystem.
__________________Hier die beiden Dateien: FRST.txt: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2013
Ran by Champ (administrator) on 05-07-2013 11:29:29
Running from C:\Dokumente und Einstellungen\Champ\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(AOL LLC) C:\PROGRA~1\GEMEIN~1\aol\ACS\AOLacsd.exe
(AVM Berlin) C:\Programme\avmwlanstick\WlanNetService.exe
(F-Secure Corporation) C:\Programme\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Programme\F-Secure\apps\CCF_Reputation\fsorsp.exe
(F-Secure Corporation) C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
(Google Inc.) C:\Programme\Google\Update\GoogleUpdate.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(InstallShield Software Corporation) C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
(ATI Technologies, Inc.) C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(Smart Link) C:\WINDOWS\system32\slserv.exe
(shbox) C:\Programme\FreePDF\FreePDFA.exe
(America Online, Inc.) C:\WINDOWS\wanmpsvc.exe
(AOL LLC) C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
(America Online, Inc.) C:\Programme\Gemeinsame Dateien\AOL\1194104839\ee\AOLSoftware.exe
(NewSoft Technology Corporation) C:\Programme\NewSoft\Smart Start UP\PnPDetect.exe
(AVM Berlin) C:\Programme\avmwlanstick\wlangui.exe
(F-Secure Corporation) C:\Programme\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Nero AG) C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe
(Google Inc.) C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Ulead Systems, Inc.) C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
(F-Secure Corporation) C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [221184 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start [81920 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe [339968 2005-02-22] (ATI Technologies, Inc.)
HKLM\...\Run: [SoundMan] SOUNDMAN.EXE [x]
HKLM\...\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [PE2CKFNT SE] C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe [25088 1998-07-03] ()
HKLM\...\Run: [FreePDFAssistent] C:\Programme\FreePDF\FreePDFA.exe [150528 2003-12-24] (shbox)
HKLM\...\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe [35328 2007-02-13] ()
HKLM\...\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER [26112 2005-01-18] (RealNetworks, Inc.)
HKLM\...\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe [70952 2007-06-21] (AOL LLC)
HKLM\...\Run: [HostManager] C:\Programme\Gemeinsame Dateien\AOL\1194104839\ee\AOLSoftware.exe [50736 2006-09-26] (America Online, Inc.)
HKLM\...\Run: [Smart Start UP] C:\Programme\NewSoft\Smart Start UP\PnPDetect.exe /Automation [104528 2007-04-27] (NewSoft Technology Corporation)
HKLM\...\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime [155648 2009-06-24] (Apple Computer, Inc.)
HKLM\...\Run: [AVMWlanClient] C:\Programme\avmwlanstick\wlangui.exe [1794048 2008-09-05] (AVM Berlin)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [39792 2008-10-15] (Adobe Systems Incorporated)
HKLM\...\Run: [F-Secure Hoster (666)] "C:\Programme\F-Secure\fshoster32.exe" -app -hosterid:1 [188400 2013-01-18] (F-Secure Corporation)
HKLM\...\Run: [F-Secure Manager] "C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" /splash [311432 2013-01-03] (F-Secure Corporation)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe,,c:\dokume~1\champ\lokale~1\temp\0.08716367382355761.bfg [x]
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe" [94208 2005-10-28] (Nero AG)
HKCU\...\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background [1695232 2008-04-14] (Microsoft Corporation)
HKCU\...\Run: [DirtyDecrypt] "\\?\C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Dirty\DirtyDecrypt.exe" /hide [x]
HKCU\...\Run: [QezriJgu] c:\dokume~1\champ\lokale~1\temp\0.08716367382355761.bfg [x] <===== ATTENTION
HKCU\...\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-12-26] (Google Inc.)
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: {1b0eaa2e-be6e-11db-9065-00038a000015} - I:\JDSecure\Windows\JDSecure31.exe
MountPoints2: {65ccb9b0-ffa4-11e0-928e-001f3f0691d7} - E:\LaunchU3.exe -a
IMEO\Your Image File Name Here without a path: [Debugger]
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hotmail.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Programme\Xi\NetXfer\NXToolBar.dll (Xi)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU -EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Firefox\Profiles\8ovd1kw1.default
FF user.js: detected! => C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Firefox\Profiles\8ovd1kw1.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @viewpoint.com/VMP - C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Extension: No Name - C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: TVU Web Player - C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Firefox\Profiles\8ovd1kw1.default\Extensions\firefox@tvunetworks.com
========================== Services (Whitelisted) =================
R2 AOL ACS; C:\PROGRA~1\GEMEIN~1\aol\ACS\AOLacsd.exe [46640 2006-10-23] (AOL LLC)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [516096 2005-02-22] ()
R2 AVM WLAN Connection Service; C:\Programme\avmwlanstick\WlanNetService.exe [364544 2008-09-05] (AVM Berlin)
R2 fshoster; C:\Programme\F-Secure\fshoster32.exe [188400 2013-01-18] (F-Secure Corporation)
R3 FSMA; C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [209032 2013-01-03] (F-Secure Corporation)
R2 FSORSPClient; C:\Programme\F-Secure\apps\CCF_Reputation\fsorsp.exe [60352 2013-06-30] (F-Secure Corporation)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-12-26] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-12-26] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2012-09-26] (Google)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [115608 2013-05-09] (Mozilla Foundation)
S3 PsShutdownSvc; C:\Windows\System32\PSSDNSVC.EXE [65536 2005-01-18] (Systems Internals)
R2 SLService; C:\Windows\System32\slserv.exe [73796 2008-04-14] (Smart Link)
R2 WANMiniportService; C:\WINDOWS\wanmpsvc.exe [65536 2003-08-27] (America Online, Inc.)
S3 WmcCds; c:\programme\windows media connect\mswmccds.exe [483328 2004-08-11] (Microsoft Corporation)
S3 WmcCdsLs; C:\Programme\Windows Media Connect\mswmcls.exe [28160 2004-08-10] (Microsoft Corporation)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre7\bin\jqs.exe" -service -config "C:\Programme\Java\jre7\lib\deploy\jqs\jqs.conf" [x]
==================== Drivers (Whitelisted) ====================
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [2314560 2005-03-25] (Realtek Semiconductor Corp.)
R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [43008 2005-03-09] (Advanced Micro Devices)
R2 ASCTRM; C:\Windows\System32\Drivers\ASCTRM.sys [8552 2005-01-18] (Windows (R) 2000 DDK provider)
R3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [986624 2005-02-23] (ATI Technologies Inc.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2008-09-05] (AVM Berlin)
R1 Cinemsup; C:\Windows\System32\Drivers\Cinemsup.sys [6656 2003-12-19] (Sonic Solutions)
R2 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [8064 2006-04-22] (Elaborate Bytes AG)
R3 ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [4608 2005-04-12] (Elaborate Bytes AG)
R3 F-Secure Gatekeeper; C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [145856 2013-06-30] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Programme\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [73248 2013-06-30] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [44240 2013-06-30] ()
R3 fsni; C:\Programme\F-Secure\apps\CCF_Scanning\fsnixp32.sys [50112 2013-04-25] (F-Secure Corporation)
R3 fsnitdi; C:\Programme\F-Secure\apps\CCF_Scanning\fsnitdi32.sys [21952 2013-04-25] (F-Secure Corporation)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2008-09-05] (AVM GmbH)
S3 Mtlmnt5; C:\Windows\System32\DRIVERS\Mtlmnt5.sys [126686 2004-08-03] (Smart Link)
S3 Mtlstrm; C:\Windows\System32\DRIVERS\Mtlstrm.sys [1309184 2004-08-03] (Smart Link)
S3 NtMtlFax; C:\Windows\System32\DRIVERS\NtMtlFax.sys [180360 2004-08-03] (Smart Link)
R0 RecAgent; C:\Windows\System32\DRIVERS\RecAgent.sys [13776 2004-08-03] (Smart Link)
R3 RTL8023; C:\Windows\System32\DRIVERS\Rtlnic51.sys [69504 2003-12-31] (Realtek Semiconductor Corporation )
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 S6U12BScanner; C:\Windows\System32\drivers\usbscan.sys [15104 2008-04-14] (Microsoft Corporation)
S3 Slntamr; C:\Windows\System32\DRIVERS\slntamr.sys [404990 2004-08-03] (Smart Link)
S3 SlNtHal; C:\Windows\System32\DRIVERS\Slnthal.sys [95424 2004-08-03] (Smart Link)
S3 SlWdmSup; C:\Windows\System32\DRIVERS\SlWdmSup.sys [13240 2004-08-03] (Smart Link)
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S4 InCDFs; system32\drivers\InCDFs.sys [x]
S1 InCDPass; system32\drivers\InCDPass.sys [x]
S1 InCDRm; system32\drivers\InCDRm.sys [x]
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-05 11:29 - 2013-07-05 11:29 - 00000000 ____D C:\FRST
2013-07-03 07:08 - 2013-07-03 07:08 - 00007301 ____A C:\Windows\KB2510531-IE8.log
2013-07-03 07:08 - 2013-07-03 07:08 - 00000000 __HDC C:\Windows\$NtUninstallKB970430$
2013-07-03 07:08 - 2013-07-03 07:08 - 00000000 __HDC C:\Windows\$NtUninstallKB2345886$
2013-07-03 06:59 - 2013-07-03 07:08 - 00012768 ____A C:\Windows\KB2345886.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00028343 ____A C:\Windows\KB974318.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00028106 ____A C:\Windows\KB951978.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00027396 ____A C:\Windows\KB969059.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00026703 ____A C:\Windows\KB2443105.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB974318$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB969059$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB951978$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB2443105$
2013-06-30 09:47 - 2013-06-30 09:48 - 00027629 ____A C:\Windows\KB2481109.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00867240 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-06-30 09:47 - 2013-06-30 09:47 - 00263592 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00094632 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-30 09:47 - 2013-06-30 09:47 - 00027118 ____A C:\Windows\KB971657.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00027056 ____A C:\Windows\KB982132.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00026829 ____A C:\Windows\KB2440591.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB982132$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB971657$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB2481109$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB2440591$
2013-06-30 09:46 - 2013-06-30 09:47 - 00027423 ____A C:\Windows\KB978338.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00027137 ____A C:\Windows\KB2780091.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00027077 ____A C:\Windows\KB2507938.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB978338$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB974112$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB2507938$
2013-06-30 09:45 - 2013-06-30 09:46 - 00027196 ____A C:\Windows\KB974112.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00027722 ____A C:\Windows\KB2624667.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00027481 ____A C:\Windows\KB979687.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00026802 ____A C:\Windows\KB2483185.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00026382 ____A C:\Windows\KB2719985.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00025793 ____A C:\Windows\KB975025.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB979687$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB975025$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2719985$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2624667$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2483185$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2347290$
2013-06-30 09:44 - 2013-06-30 09:44 - 00026841 ____A C:\Windows\KB952004.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00025415 ____A C:\Windows\KB974571.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00025105 ____A C:\Windows\KB973507.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00024523 ____A C:\Windows\KB977816.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00023678 ____A C:\Windows\KB2839229.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB977816$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB975560$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB974571$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB973507$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB952004$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-06-30 09:43 - 2013-06-30 09:44 - 00024908 ____A C:\Windows\KB981322.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00025279 ____A C:\Windows\KB2419632.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00024542 ____A C:\Windows\KB2820917.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00023820 ____A C:\Windows\KB2757638.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00018613 ____A C:\Windows\KB2508429.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017979 ____A C:\Windows\KB2653956.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017634 ____A C:\Windows\KB974392.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017270 ____A C:\Windows\KB2749655.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB981322$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB974392$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2653956$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2508429$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2419632$
2013-06-30 09:42 - 2013-06-30 09:43 - 00016980 ____A C:\Windows\KB971029.log
2013-06-30 09:42 - 2013-06-30 09:42 - 00016695 ____A C:\Windows\KB2506212.log
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB977914$
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB971029$
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB2506212$
2013-06-30 09:41 - 2013-06-30 09:42 - 00017075 ____A C:\Windows\KB977914.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00016601 ____A C:\Windows\KB2705219-v2.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015833 ____A C:\Windows\KB2619339.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015097 ____A C:\Windows\KB2727528.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015023 ____A C:\Windows\KB978542.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB978542$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2705219-v2$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2619339$
2013-06-30 09:40 - 2013-07-03 07:08 - 00013067 ____A C:\Windows\updspapi.log
2013-06-30 09:40 - 2013-06-30 09:41 - 00015144 ____A C:\Windows\KB979482.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015991 ____A C:\Windows\KB2661254-v2.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015712 ____A C:\Windows\KB2813345.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015458 ____A C:\Windows\KB973815.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015408 ____A C:\Windows\KB956802.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015236 ____A C:\Windows\KB978706.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB979482$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB978706$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB973815$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB956802$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2509553$
2013-06-30 09:39 - 2013-07-03 07:08 - 00333867 ____A C:\Windows\FaxSetup.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00159624 ____A C:\Windows\ocgen.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00127388 ____A C:\Windows\tsoc.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00110969 ____A C:\Windows\comsetup.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00079610 ____A C:\Windows\setupapi.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00067158 ____A C:\Windows\ntdtcsetup.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00052777 ____A C:\Windows\iis6.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00018468 ____A C:\Windows\ocmsn.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00016686 ____A C:\Windows\msgsocm.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00001355 ____A C:\Windows\imsins.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00001355 ____A C:\Windows\imsins.BAK
2013-06-30 09:39 - 2013-06-30 09:40 - 00016081 ____A C:\Windows\KB2509553.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00015645 ____A C:\Windows\KB2676562.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00012979 ____A C:\Windows\KB982665.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00011379 ____A C:\Windows\KB2829361.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB982665$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2676562$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2478960$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 ____A C:\Windows\setupact.log
2013-06-30 09:24 - 2010-11-02 17:17 - 00040960 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ndproxy.sys
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB959426$
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB952954$
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB951376-v2$
2013-06-30 02:31 - 2013-06-30 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2467659$
2013-06-30 02:31 - 2013-05-08 00:28 - 00522240 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\jsdbgui.dll
2013-06-30 02:31 - 2011-08-16 12:45 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\iecompat.dll
2013-06-30 02:30 - 2013-06-30 02:33 - 00065536 ____A C:\Windows\System32\config\Internet.evt
2013-06-30 02:30 - 2013-06-30 02:30 - 00000000 ____D C:\Windows\ie8updates
2013-06-30 02:30 - 2013-05-08 00:28 - 11112960 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ieframe.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 02005504 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\iertutil.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00743424 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\iedvtool.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00630272 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msfeeds.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00247808 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ieproxy.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00055296 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msfeedsbs.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00012800 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\xpshims.dll
2013-06-30 02:29 - 2013-06-30 02:30 - 00000000 __HDC C:\Windows\ie8
2013-06-30 02:24 - 2013-06-02 17:21 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB946648$
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB2712808$
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB2387149$
2013-06-30 02:21 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB960859$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2659262$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2564958$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2544893-v2$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2536276-v2$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2479943$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2478971$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB975558_WM8$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB923723$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2691442$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2631813$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2585542$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2296011$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2115168$
2013-06-30 02:19 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB955759$
2013-06-30 02:19 - 2013-06-30 02:19 - 00006332 ____A C:\Windows\System32\TZLog.log
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB975713$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB950974$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2655992$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2485663$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2378111_WM9$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2229593$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB972270$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB956844$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB956572$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB954155_WM9$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB2686509$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB2598479$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB973869$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB941569$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2592799$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2535512$
2013-06-30 02:16 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB950762$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB978695_WM9$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB973904$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB952287$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2603381$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2570947$
2013-06-30 02:15 - 2013-06-30 02:15 - 00000000 __HDC C:\Windows\$NtUninstallKB973540_WM9$
2013-06-30 02:15 - 2013-06-30 02:15 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB981997$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB979309$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB952069_WM9$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2723135-v2$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2698365$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2618451$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB923561$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2620712$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2393802$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB975467$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2661637$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2584146$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2566454$
2013-06-30 02:11 - 2013-06-30 02:11 - 00000000 __HDC C:\Windows\$NtUninstallKB968389$
2013-06-30 02:11 - 2013-06-30 02:11 - 00000000 __HDC C:\Windows\$NtUninstallKB2423089$
2013-06-30 02:10 - 2013-06-30 02:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2360937$
2013-06-30 02:01 - 2008-06-14 19:32 - 00273024 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\bthport.sys
2013-06-30 01:59 - 2011-02-08 15:33 - 00978944 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mfc42.dll
2013-06-30 01:59 - 2010-09-18 08:52 - 00953856 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mfc40u.dll
2013-06-30 01:58 - 2011-07-15 15:29 - 00456320 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mrxsmb.sys
2013-06-30 01:58 - 2010-08-23 18:11 - 00617472 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\comctl32.dll
2013-06-30 01:57 - 2009-11-21 17:54 - 00471552 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\aclayers.dll
2013-06-30 01:51 - 2010-06-14 16:31 - 00744448 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\helpsvc.exe
2013-06-30 01:50 - 2010-08-27 10:01 - 00119808 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\t2embed.dll
2013-06-30 01:50 - 2009-10-15 18:28 - 00081920 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\fontsub.dll
2013-06-30 01:49 - 2012-12-16 14:23 - 00290560 ____N (Adobe Systems Incorporated) C:\Windows\System32\dllcache\atmfd.dll
2013-06-30 01:49 - 2009-06-21 23:45 - 00153088 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\triedit.dll
2013-06-30 01:49 - 2009-03-06 16:19 - 00286720 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\pdh.dll
2013-06-30 01:49 - 2009-02-09 13:21 - 00111104 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\services.exe
2013-06-30 01:49 - 2009-02-09 12:51 - 00678400 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\advapi32.dll
2013-06-30 01:49 - 2009-02-09 12:51 - 00473600 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\fastprox.dll
2013-06-30 01:49 - 2009-02-09 12:51 - 00453120 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\wmiprvsd.dll
2013-06-30 01:49 - 2009-02-09 12:51 - 00401408 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\rpcss.dll
2013-06-30 01:49 - 2009-02-06 12:10 - 00227840 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\wmiprvse.exe
2013-06-30 01:48 - 2013-02-12 02:32 - 00012928 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\usb8023x.sys
2013-06-30 01:48 - 2013-02-12 02:32 - 00012928 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\usb8023.sys
2013-06-30 01:48 - 2011-08-17 15:49 - 00138496 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\afd.sys
2013-06-30 01:48 - 2011-04-21 15:37 - 00105472 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mup.sys
2013-06-30 01:48 - 2009-07-28 00:24 - 00128512 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\dhtmled.ocx
2013-06-30 01:48 - 2008-05-08 16:02 - 00203136 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\rmcast.sys
2013-06-30 01:47 - 2013-06-30 01:58 - 00044240 ____A C:\Windows\System32\Drivers\fsbts.sys
2013-06-30 01:47 - 2008-05-01 16:34 - 00331776 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msadce.dll
2013-06-30 01:46 - 2013-06-30 01:46 - 00019406 ____A C:\Windows\prodsett_copy.ini
2013-06-30 01:45 - 2010-02-12 12:03 - 00293376 ____N (Microsoft Corporation) C:\Windows\System32\browserchoice.exe
2013-06-30 01:44 - 2012-05-28 20:16 - 00536576 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msado15.dll
2013-06-30 01:43 - 2012-07-04 16:05 - 00139784 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\rdpwd.sys
2013-06-30 01:43 - 2010-06-18 15:36 - 03558912 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\moviemk.exe
2013-06-30 01:40 - 2013-05-03 07:39 - 02195840 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntoskrnl.exe
2013-06-30 01:40 - 2013-05-03 07:39 - 02152448 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrnlmp.exe
2013-06-30 01:40 - 2013-05-03 07:39 - 02072448 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrnlpa.exe
2013-06-30 01:40 - 2013-05-03 07:39 - 02031104 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrpamp.exe
2013-06-30 01:40 - 2011-07-08 16:02 - 00010496 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ndistapi.sys
2013-06-30 01:40 - 2010-12-09 17:15 - 00743936 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntdll.dll
2013-06-30 01:40 - 2010-07-16 14:01 - 00220160 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\wordpad.exe
2013-06-30 01:40 - 2009-11-21 17:54 - 01206508 ____N C:\Windows\System32\dllcache\sysmain.sdb
2013-06-30 01:39 - 2012-01-11 21:06 - 00003072 ____N C:\Windows\System32\iacenc.dll
2013-06-30 01:39 - 2012-01-11 21:06 - 00003072 ____N C:\Windows\System32\dllcache\iacenc.dll
2013-06-30 01:39 - 2010-10-11 16:59 - 00045568 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\wab.exe
2013-06-30 01:39 - 2010-08-16 10:44 - 00590848 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\rpcrt4.dll
2013-06-30 01:25 - 2013-06-30 01:25 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-06-30 01:25 - 2004-08-04 14:00 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\wmpns.dll
2013-06-30 01:19 - 2013-06-30 09:16 - 00000000 ____D C:\Windows\System32\de-de
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\de
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\bits
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\l2schemas
2013-06-30 01:19 - 2012-11-10 02:39 - 00046080 ____N (Microsoft Corporation) C:\Windows\System32\tzchange.exe
2013-06-30 01:19 - 2012-11-06 04:01 - 01371648 ____N (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-06-30 01:19 - 2012-11-06 04:01 - 01371648 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msxml6.dll
2013-06-30 01:19 - 2009-01-07 18:21 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2013-06-30 01:19 - 2008-04-14 07:53 - 00032866 ____N (Smart Link) C:\Windows\slrundll.exe
2013-06-30 01:19 - 2008-04-14 07:53 - 00032768 ____N (Microsoft Corporation) C:\Windows\System32\setupn.exe
2013-06-30 01:19 - 2008-04-14 07:53 - 00028672 ____N (Microsoft Corporation) C:\Windows\System32\vidcap.ax
2013-06-30 01:19 - 2008-04-14 07:53 - 00028672 ____N (Microsoft Corporation) C:\Windows\System32\verclsid.exe
2013-06-30 01:19 - 2008-04-14 07:53 - 00023040 ____N (ATI Technologies Inc.) C:\Windows\System32\ativmvxx.ax
2013-06-30 01:19 - 2008-04-14 07:53 - 00009728 ____N (ATI Technologies Inc.) C:\Windows\System32\ativdaxx.ax
2013-06-30 01:19 - 2008-04-14 07:52 - 04274816 ____N (NVIDIA Corporation) C:\Windows\System32\nv4_disp.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 01737856 ____N (Matrox Graphics Inc.) C:\Windows\System32\mtxparhd.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00870784 ____N (ATI Technologies Inc. ) C:\Windows\System32\ati3d1ag.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00712704 ____N (Microsoft Corporation) C:\Windows\System32\windowscodecs.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00651264 ____N (Microsoft Corporation) C:\Windows\System32\dot3ui.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00412160 ____N (Microsoft Corporation) C:\Windows\System32\photometadatahandler.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00397312 ____N (Microsoft Corporation) C:\Windows\System32\mmcex.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00397056 ____N (S3 Graphics, Inc.) C:\Windows\System32\s3gnb.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00377984 ____N (ATI Technologies Inc.) C:\Windows\System32\ati2dvaa.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00346112 ____N (Microsoft Corporation) C:\Windows\System32\windowscodecsext.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00294400 ____N (Microsoft Corporation) C:\Windows\System32\qagentrt.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00290304 ____N (Microsoft Corporation) C:\Windows\System32\rhttpaa.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00276992 ____N (Microsoft Corporation) C:\Windows\System32\wmphoto.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00233472 ____N (Microsoft Corporation) C:\Windows\System32\azroles.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00198656 ____N (Microsoft Corporation) C:\Windows\System32\napmontr.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00184832 ____N (Microsoft Corporation) C:\Windows\System32\eapp3hst.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00184320 ____N (Microsoft Corporation) C:\Windows\System32\microsoft.managementconsole.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00182272 ____N (Microsoft Corporation) C:\Windows\System32\eapphost.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00177664 ____N (Microsoft Corporation) C:\Windows\System32\napstat.exe
2013-06-30 01:19 - 2008-04-14 07:52 - 00155136 ____N (Microsoft Corporation) C:\Windows\System32\mssha.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00151040 ____N (Microsoft Corporation) C:\Windows\System32\qagent.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00145408 ____N (Microsoft Corporation) C:\Windows\System32\onex.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00136192 ____N (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00133120 ____N (Microsoft Corporation) C:\Windows\System32\dot3svc.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00126976 ____N (Microsoft Corporation) C:\Windows\System32\eappcfg.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00106496 ____N (Microsoft Corporation) C:\Windows\System32\mmcfxcommon.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00095232 ____N (Microsoft Corporation) C:\Windows\System32\eappgnui.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00086016 ____N (Conexant) C:\Windows\System32\mdmxsdk.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00076800 ____N (Microsoft Corporation) C:\Windows\System32\qutil.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00069120 ____N (Microsoft Corporation) C:\Windows\System32\wlanapi.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00062976 ____N (Microsoft Corporation) C:\Windows\System32\dot3cfg.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00062464 ____N (Microsoft Corporation) C:\Windows\System32\qcliprov.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00061952 ____N (Microsoft Corporation) C:\Windows\System32\rasqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00061440 ____N (Microsoft Corporation) C:\Windows\System32\kmsvc.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00059392 ____N (Microsoft Corporation) C:\Windows\System32\eapqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00056832 ____N (Microsoft Corporation) C:\Windows\System32\dot3msm.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00053248 ____N (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00050688 ____N (Microsoft Corporation) C:\Windows\System32\tspkg.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00048640 ____N (Microsoft Corporation) C:\Windows\System32\dhcpqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00040960 ____N (Microsoft Corporation) C:\Windows\System32\eappprxy.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00039936 ____N (Microsoft Corporation) C:\Windows\System32\dot3gpclnt.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00039936 ____N (Microsoft Corporation) C:\Windows\System32\dimsroam.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00037376 ____N (Microsoft Corporation) C:\Windows\System32\l2gpstore.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00033792 ____N (Microsoft Corporation) C:\Windows\System32\mmcperf.exe
2013-06-30 01:19 - 2008-04-14 07:52 - 00033792 ____N (Microsoft Corporation) C:\Windows\System32\eapsvc.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00032768 ____N (ATI Technologies Inc.) C:\Windows\System32\ativtmxx.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00032285 ____N (Conexant Systems, Inc.) C:\Windows\System32\hsfcisp2.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00030720 ____N (Microsoft Corporation) C:\Windows\System32\eapolqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00030208 ____N (Microsoft Corporation) C:\Windows\System32\napipsec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00026112 ____N (Microsoft Corporation) C:\Windows\System32\dot3api.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00019456 ____N (Microsoft Corporation) C:\Windows\System32\dimsntfy.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00012800 ____N (Microsoft Corporation) C:\Windows\System32\credssp.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00009216 ____N (Microsoft Corporation) C:\Windows\System32\dot3dlg.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00007168 ____N (Microsoft Corporation) C:\Windows\System32\bitsprx4.dll
2013-06-30 01:19 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdpash.dll
2013-06-30 01:19 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdnepr.dll
2013-06-30 01:19 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdiultn.dll
2013-06-30 01:19 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdbhc.dll
2013-06-30 01:19 - 2008-04-14 07:27 - 00093184 ____N (Microsoft Corporation) C:\Windows\System32\msxml6r.dll
2013-06-30 01:19 - 2008-04-14 07:27 - 00093184 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msxml6r.dll
2013-06-30 01:19 - 2008-04-14 07:26 - 00081408 ____N (Microsoft Corporation) C:\Windows\System32\msshavmsg.dll
2013-06-30 01:16 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\ServicePackFiles
2013-06-30 01:14 - 2013-02-12 02:32 - 00012928 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023x.sys
2013-06-30 01:14 - 2008-06-14 19:32 - 00273024 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2013-06-30 01:14 - 2008-04-14 07:52 - 00025471 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv04nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00021183 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv01nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00017279 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv10nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00015423 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\ch7xxnt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00014143 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv06nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00011359 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv02nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00011325 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\vchnt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00004255 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv01nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003967 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv02nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003901 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\siint5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003775 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv11nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003711 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv09nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003647 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv07nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003615 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv05nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003135 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv08nt5.dll
2013-06-30 01:14 - 2008-04-14 07:24 - 00025856 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2013-06-30 01:14 - 2008-04-14 07:21 - 00327168 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtaa.sys
2013-06-30 01:14 - 2008-04-14 00:26 - 00030592 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\rndismpx.sys
2013-06-30 01:14 - 2008-04-14 00:21 - 00101120 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthpan.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00121984 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00059136 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00037888 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00036480 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthprint.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00018944 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthusb.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00017024 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2013-06-30 01:14 - 2008-04-14 00:15 - 00019200 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys
2013-06-30 01:14 - 2008-04-14 00:13 - 00014208 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys
2013-06-30 01:14 - 2008-04-14 00:13 - 00012672 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\mutohpen.sys
2013-06-30 01:14 - 2008-04-14 00:10 - 00010240 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_mmc.sys
2013-06-30 01:14 - 2008-04-14 00:06 - 00046464 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\gagp30kx.sys
2013-06-30 01:14 - 2008-04-14 00:06 - 00044672 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\uagp35.sys
2013-06-30 01:14 - 2008-04-14 00:06 - 00005888 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\smbali.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 01041536 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfdpsp2.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 00685056 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfcxts2.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 00220032 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfbs2s2.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 00129535 ____N (Smart Link) C:\Windows\System32\Drivers\slnt7554.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 00011868 ____N (Conexant) C:\Windows\System32\Drivers\mdmxsdk.sys
2013-06-30 01:14 - 2008-04-13 22:06 - 00144384 ____N (Windows (R) Server 2003 DDK provider) C:\Windows\System32\Drivers\hdaudbus.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 01897408 ____N (NVIDIA Corporation) C:\Windows\System32\Drivers\nv4_mini.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00452736 ____N (Matrox Graphics Inc.) C:\Windows\System32\Drivers\mtxparhm.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00166912 ____N (S3 Graphics, Inc.) C:\Windows\System32\Drivers\s3gnbm.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00104960 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinrvxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00073216 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atintuxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00063663 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1rvxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00063488 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxsxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00057856 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinbtxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00056623 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1btxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00052224 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinraxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00036463 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1tuxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00034735 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xsxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00031744 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxbxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00030671 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1raxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00029455 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xbxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00028672 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinsnxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00026367 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1snxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00025471 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\watv10nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00022271 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\watv06nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00021343 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1ttxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00014336 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinpdxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinttxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinmdxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00012047 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1pdxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011935 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv11nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011871 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv09nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011807 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv07nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011615 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1mdxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011295 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv08nt.sys
2013-06-30 01:14 - 2007-04-02 21:36 - 00129045 ____N C:\Windows\System32\Drivers\cxthsfs2.cty
2013-06-30 01:14 - 2006-12-29 20:21 - 00064352 ____N C:\Windows\System32\Drivers\ativmc20.cod
2013-06-30 01:14 - 2006-12-29 20:02 - 00067866 ____N C:\Windows\System32\Drivers\netwlan5.img
2013-06-30 01:11 - 2006-12-29 00:31 - 00019569 ____A C:\Windows\002643_.tmp
2013-06-30 01:09 - 2013-06-30 01:11 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-06-30 01:06 - 2013-06-30 01:06 - 00001086 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce751d42e5e6ac.job
2013-06-29 19:09 - 2013-06-29 19:09 - 00000000 ___HD C:\Windows\PIF
==================== One Month Modified Files and Folders ========
2013-07-05 11:29 - 2013-07-05 11:29 - 00000000 ____D C:\FRST
2013-07-05 11:22 - 2005-02-01 11:53 - 01818710 ____A C:\Windows\WindowsUpdate.log
2013-07-05 11:21 - 2006-07-08 09:46 - 00000660 ____A C:\Windows\ULEAD32.INI
2013-07-05 11:20 - 2005-02-01 11:50 - 00000159 ____A C:\Windows\wiadebug.log
2013-07-05 11:20 - 2005-02-01 11:50 - 00000050 ____A C:\Windows\wiaservc.log
2013-07-04 17:54 - 2006-05-26 16:27 - 00000116 ____A C:\Windows\NeroDigital.ini
2013-07-04 17:18 - 2012-04-14 17:01 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-07-04 17:18 - 2012-04-14 17:01 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-04 17:18 - 2011-08-21 09:33 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-07-04 17:09 - 2005-01-18 21:17 - 00012598 ____A C:\Windows\System32\wpa.dbl
2013-07-03 07:08 - 2013-07-03 07:08 - 00007301 ____A C:\Windows\KB2510531-IE8.log
2013-07-03 07:08 - 2013-07-03 07:08 - 00000000 __HDC C:\Windows\$NtUninstallKB970430$
2013-07-03 07:08 - 2013-07-03 07:08 - 00000000 __HDC C:\Windows\$NtUninstallKB2345886$
2013-07-03 07:08 - 2013-07-03 06:59 - 00012768 ____A C:\Windows\KB2345886.log
2013-07-03 07:08 - 2013-06-30 09:40 - 00013067 ____A C:\Windows\updspapi.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00333867 ____A C:\Windows\FaxSetup.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00159624 ____A C:\Windows\ocgen.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00127388 ____A C:\Windows\tsoc.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00110969 ____A C:\Windows\comsetup.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00079610 ____A C:\Windows\setupapi.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00067158 ____A C:\Windows\ntdtcsetup.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00052777 ____A C:\Windows\iis6.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00018468 ____A C:\Windows\ocmsn.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00016686 ____A C:\Windows\msgsocm.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00001355 ____A C:\Windows\imsins.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00001355 ____A C:\Windows\imsins.BAK
2013-07-03 07:08 - 2005-10-25 14:25 - 00000000 ___HD C:\Windows\$hf_mig$
2013-06-30 10:07 - 2005-02-01 11:47 - 00196160 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-30 09:48 - 2013-06-30 09:48 - 00028343 ____A C:\Windows\KB974318.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00028106 ____A C:\Windows\KB951978.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00027396 ____A C:\Windows\KB969059.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00026703 ____A C:\Windows\KB2443105.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB974318$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB969059$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB951978$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB2443105$
2013-06-30 09:48 - 2013-06-30 09:47 - 00027629 ____A C:\Windows\KB2481109.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00867240 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-06-30 09:47 - 2013-06-30 09:47 - 00263592 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00094632 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-30 09:47 - 2013-06-30 09:47 - 00027118 ____A C:\Windows\KB971657.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00027056 ____A C:\Windows\KB982132.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00026829 ____A C:\Windows\KB2440591.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB982132$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB971657$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB2481109$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB2440591$
2013-06-30 09:47 - 2013-06-30 09:46 - 00027423 ____A C:\Windows\KB978338.log
2013-06-30 09:47 - 2011-06-26 10:01 - 00789416 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-06-30 09:47 - 2011-06-26 10:01 - 00144896 ____A (Oracle Corporation) C:\Windows\System32\javacpl.cpl
2013-06-30 09:47 - 2005-02-01 11:48 - 00897778 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-30 09:46 - 2013-06-30 09:46 - 00027137 ____A C:\Windows\KB2780091.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00027077 ____A C:\Windows\KB2507938.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB978338$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB974112$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB2507938$
2013-06-30 09:46 - 2013-06-30 09:45 - 00027196 ____A C:\Windows\KB974112.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00027722 ____A C:\Windows\KB2624667.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00027481 ____A C:\Windows\KB979687.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00026802 ____A C:\Windows\KB2483185.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00026382 ____A C:\Windows\KB2719985.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00025793 ____A C:\Windows\KB975025.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB979687$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB975025$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2719985$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2624667$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2483185$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2347290$
2013-06-30 09:44 - 2013-06-30 09:44 - 00026841 ____A C:\Windows\KB952004.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00025415 ____A C:\Windows\KB974571.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00025105 ____A C:\Windows\KB973507.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00024523 ____A C:\Windows\KB977816.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00023678 ____A C:\Windows\KB2839229.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB977816$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB975560$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB974571$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB973507$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB952004$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-06-30 09:44 - 2013-06-30 09:43 - 00024908 ____A C:\Windows\KB981322.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00025279 ____A C:\Windows\KB2419632.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00024542 ____A C:\Windows\KB2820917.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00023820 ____A C:\Windows\KB2757638.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00018613 ____A C:\Windows\KB2508429.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017979 ____A C:\Windows\KB2653956.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017634 ____A C:\Windows\KB974392.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017270 ____A C:\Windows\KB2749655.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB981322$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB974392$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2653956$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2508429$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2419632$
2013-06-30 09:43 - 2013-06-30 09:42 - 00016980 ____A C:\Windows\KB971029.log
2013-06-30 09:42 - 2013-06-30 09:42 - 00016695 ____A C:\Windows\KB2506212.log
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB977914$
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB971029$
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB2506212$
2013-06-30 09:42 - 2013-06-30 09:41 - 00017075 ____A C:\Windows\KB977914.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00016601 ____A C:\Windows\KB2705219-v2.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015833 ____A C:\Windows\KB2619339.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015097 ____A C:\Windows\KB2727528.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015023 ____A C:\Windows\KB978542.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB978542$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2705219-v2$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2619339$
2013-06-30 09:41 - 2013-06-30 09:40 - 00015144 ____A C:\Windows\KB979482.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015991 ____A C:\Windows\KB2661254-v2.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015712 ____A C:\Windows\KB2813345.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015458 ____A C:\Windows\KB973815.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015408 ____A C:\Windows\KB956802.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015236 ____A C:\Windows\KB978706.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB979482$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB978706$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB973815$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB956802$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2509553$
2013-06-30 09:40 - 2013-06-30 09:39 - 00016081 ____A C:\Windows\KB2509553.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00015645 ____A C:\Windows\KB2676562.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00012979 ____A C:\Windows\KB982665.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00011379 ____A C:\Windows\KB2829361.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB982665$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2676562$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2478960$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 ____A C:\Windows\setupact.log
2013-06-30 09:33 - 2012-01-10 15:05 - 00000000 ____D C:\Windows\Minidump
2013-06-30 09:28 - 2005-10-25 14:25 - 00000000 ___RD C:\Programme
2013-06-30 09:16 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\de-de
2013-06-30 09:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\Help
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB959426$
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB952954$
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB951376-v2$
2013-06-30 02:33 - 2013-06-30 02:30 - 00065536 ____A C:\Windows\System32\config\Internet.evt
2013-06-30 02:31 - 2013-06-30 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2467659$
2013-06-30 02:30 - 2013-06-30 02:30 - 00000000 ____D C:\Windows\ie8updates
2013-06-30 02:30 - 2013-06-30 02:29 - 00000000 __HDC C:\Windows\ie8
2013-06-30 02:30 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\Media
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB946648$
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB2712808$
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB2387149$
2013-06-30 02:22 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB960859$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2659262$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2564958$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2544893-v2$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2536276-v2$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2479943$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2478971$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB975558_WM8$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB923723$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2691442$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2631813$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2585542$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2296011$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2115168$
2013-06-30 02:20 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB955759$
2013-06-30 02:19 - 2013-06-30 02:19 - 00006332 ____A C:\Windows\System32\TZLog.log
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB975713$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB950974$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2655992$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2485663$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2378111_WM9$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2229593$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB972270$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB956844$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB956572$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB954155_WM9$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB2686509$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB2598479$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB973869$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB941569$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2592799$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2535512$
2013-06-30 02:17 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB950762$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB978695_WM9$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB973904$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB952287$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2603381$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2570947$
2013-06-30 02:15 - 2013-06-30 02:15 - 00000000 __HDC C:\Windows\$NtUninstallKB973540_WM9$
2013-06-30 02:15 - 2013-06-30 02:15 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB981997$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB979309$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB952069_WM9$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2723135-v2$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2698365$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2618451$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB923561$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2620712$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2393802$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB975467$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2661637$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2584146$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2566454$
2013-06-30 02:11 - 2013-06-30 02:11 - 00000000 __HDC C:\Windows\$NtUninstallKB968389$
2013-06-30 02:11 - 2013-06-30 02:11 - 00000000 __HDC C:\Windows\$NtUninstallKB2423089$
2013-06-30 02:10 - 2013-06-30 02:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2360937$
2013-06-30 01:58 - 2013-06-30 01:47 - 00044240 ____A C:\Windows\System32\Drivers\fsbts.sys
2013-06-30 01:46 - 2013-06-30 01:46 - 00019406 ____A C:\Windows\prodsett_copy.ini
2013-06-30 01:25 - 2013-06-30 01:25 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-06-30 01:25 - 2005-01-18 21:30 - 00316640 ____A C:\Windows\WMSysPr9.prx
2013-06-30 01:23 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\security
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\de
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\bits
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\l2schemas
2013-06-30 01:19 - 2013-06-30 01:16 - 00000000 ____D C:\Windows\ServicePackFiles
2013-06-30 01:19 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\System32\usmt
2013-06-30 01:19 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\PeerNet
2013-06-30 01:19 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\ime
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\System32\Restore
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\System32\npp
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\System32\Com
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\system
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\srchasst
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\msagent
2013-06-30 01:13 - 2005-01-18 21:17 - 00251712 _RASH C:\ntldr
2013-06-30 01:11 - 2013-06-30 01:09 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-06-30 01:11 - 2005-10-25 12:09 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2013-06-30 01:06 - 2013-06-30 01:06 - 00001086 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce751d42e5e6ac.job
2013-06-29 19:09 - 2013-06-29 19:09 - 00000000 ___HD C:\Windows\PIF
2013-06-29 19:09 - 2005-01-18 21:17 - 00000439 ____A C:\Windows\system.ini
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2005-01-18 21:17] - [2008-04-14 07:52] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2005-01-18 21:17] - [2008-04-14 07:53] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2005-01-18 21:17] - [2008-04-14 07:53] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2005-01-18 21:17] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc
C:\Windows\System32\User32.dll
[2005-01-18 21:17] - [2008-04-14 07:52] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2005-01-18 21:17] - [2008-04-14 07:53] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2005-01-18 21:17] - [2008-04-14 07:22] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
SOWIE Addition.txt: FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-07-2013
Ran by Champ at 2013-07-05 11:30:18
Running from C:\Dokumente und Einstellungen\Champ\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
ABBYY FineReader 6.0 Sprint (Version: 6.00.1395.4512)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader 8.1.3 - Deutsch (Version: 8.1.3)
AFPL Ghostscript 8.11
AFPL Ghostscript Fonts
ANNO 1602 Königs-Edition (Version: 1.00)
AOL Coach Version 1.0(Build:20040229.1 de)
AOL Deinstallation
AOL Meine Fotos Bildschirmschoner
Athlon 64 Processor Driver (Version: 1.2.2.2)
ATI - Dienstprogramm zur Deinstallation der Software (Version: 6.14.10.1012)
ATI Control Panel (Version: 6.14.10.5142)
ATI Display Driver (Version: 8.111-050222a-021277C-ATI)
Audiograbber 1.83 SE (Version: 1.83 SE)
AVM FRITZ!WLAN
Camera RAW Plug-In for EPSON Creativity Suite (Version: 2.2.0.0)
CCleaner (Version: 4.03)
CloneDVD2OEM
Computer Security 12.77.100.0 (release) (Version: 12.77.100.0)
CoverPro
DivX Codec 3d release
DruckStudio ArtEdition
ELSA Configuration Manager
EPSON Attach To Email (Version: 1.01.0000)
EPSON Copy Utility 3 (Version: 3.3.0.0)
EPSON Easy Photo Print (Version: 1.5.0.0)
EPSON File Manager (Version: 1.3.0.0)
EPSON Scan
EPSON Scan Assistant (Version: 1.10.00)
EPSON Stylus CX7300_CX8300_DX7400_DX8400 Handbuch
EPSON Web-To-Page
EPSON-Drucker-Software
FreePDF 2.11
F-Secure (Version: 1.77.243.0)
F-Secure CCF Reputation (Version: 1.0.25.1877)
F-Secure CCF Scanning 1.23.124.8831 (release) (Version: 1.23.124.8831)
F-Secure Network CCF 1.02.128 (Version: 1.02.128)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.145)
HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs (Version: 1.1.1905.1)
HijackThis 1.98.2 (Version: 1.98.2)
Hotfix für Windows XP (KB2779562) (Version: 1)
Hotfix für Windows XP (KB952287) (Version: 1)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java(TM) 6 Update 26 (Version: 6.0.260)
Learn2 Player (Uninstall Only)
Messer v0.992
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft Office XP Professional mit FrontPage (Version: 10.0.2701.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Windows-Journal-Viewer (Version: 1.5.2316.3)
Mjuice Components
Mozilla Firefox 20.0.1 (x86 de) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
Nero 7 Demo (Version: 7.00.1466)
NetXfer 2.89.502
Online Safety 2.77.1170.803 (Version: 2.77.1170.803)
Presto! Mr. Photo 4 (Version: 4.00.09)
QuickTime (Version: 7.0.3)
RealPlayer Basic
Realtek AC'97 Audio
Sicherheitsupdate für Microsoft Windows (KB2564958)
Sicherheitsupdate für Step by Step Interactive Training (KB898458) (Version: 20050502.101010)
Sicherheitsupdate für Step by Step Interactive Training (KB923723) (Version: 20050502.101010)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2618444) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2744842) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2838727) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (Version: 1)
Sicherheitsupdate für Windows Media Player (KB2378111)
Sicherheitsupdate für Windows Media Player (KB952069)
Sicherheitsupdate für Windows Media Player (KB954155)
Sicherheitsupdate für Windows Media Player (KB973540)
Sicherheitsupdate für Windows Media Player (KB975558)
Sicherheitsupdate für Windows Media Player (KB978695)
Sicherheitsupdate für Windows XP (KB2115168) (Version: 1)
Sicherheitsupdate für Windows XP (KB2229593) (Version: 1)
Sicherheitsupdate für Windows XP (KB2296011) (Version: 1)
Sicherheitsupdate für Windows XP (KB2347290) (Version: 1)
Sicherheitsupdate für Windows XP (KB2360937) (Version: 1)
Sicherheitsupdate für Windows XP (KB2387149) (Version: 1)
Sicherheitsupdate für Windows XP (KB2393802) (Version: 1)
Sicherheitsupdate für Windows XP (KB2419632) (Version: 1)
Sicherheitsupdate für Windows XP (KB2423089) (Version: 1)
Sicherheitsupdate für Windows XP (KB2440591) (Version: 1)
Sicherheitsupdate für Windows XP (KB2443105) (Version: 1)
Sicherheitsupdate für Windows XP (KB2478960) (Version: 1)
Sicherheitsupdate für Windows XP (KB2478971) (Version: 1)
Sicherheitsupdate für Windows XP (KB2479943) (Version: 1)
Sicherheitsupdate für Windows XP (KB2481109) (Version: 1)
Sicherheitsupdate für Windows XP (KB2483185) (Version: 1)
Sicherheitsupdate für Windows XP (KB2485663) (Version: 1)
Sicherheitsupdate für Windows XP (KB2506212) (Version: 1)
Sicherheitsupdate für Windows XP (KB2507938) (Version: 1)
Sicherheitsupdate für Windows XP (KB2508429) (Version: 1)
Sicherheitsupdate für Windows XP (KB2509553) (Version: 1)
Sicherheitsupdate für Windows XP (KB2535512) (Version: 1)
Sicherheitsupdate für Windows XP (KB2536276-v2) (Version: 2)
Sicherheitsupdate für Windows XP (KB2544893-v2) (Version: 2)
Sicherheitsupdate für Windows XP (KB2566454) (Version: 1)
Sicherheitsupdate für Windows XP (KB2570947) (Version: 1)
Sicherheitsupdate für Windows XP (KB2584146) (Version: 1)
Sicherheitsupdate für Windows XP (KB2585542) (Version: 1)
Sicherheitsupdate für Windows XP (KB2592799) (Version: 1)
Sicherheitsupdate für Windows XP (KB2598479) (Version: 1)
Sicherheitsupdate für Windows XP (KB2603381) (Version: 1)
Sicherheitsupdate für Windows XP (KB2618451) (Version: 1)
Sicherheitsupdate für Windows XP (KB2619339) (Version: 1)
Sicherheitsupdate für Windows XP (KB2620712) (Version: 1)
Sicherheitsupdate für Windows XP (KB2624667) (Version: 1)
Sicherheitsupdate für Windows XP (KB2631813) (Version: 1)
Sicherheitsupdate für Windows XP (KB2653956) (Version: 1)
Sicherheitsupdate für Windows XP (KB2655992) (Version: 1)
Sicherheitsupdate für Windows XP (KB2659262) (Version: 1)
Sicherheitsupdate für Windows XP (KB2661637) (Version: 1)
Sicherheitsupdate für Windows XP (KB2676562) (Version: 1)
Sicherheitsupdate für Windows XP (KB2686509) (Version: 1)
Sicherheitsupdate für Windows XP (KB2691442) (Version: 1)
Sicherheitsupdate für Windows XP (KB2698365) (Version: 1)
Sicherheitsupdate für Windows XP (KB2705219-v2) (Version: 2)
Sicherheitsupdate für Windows XP (KB2712808) (Version: 1)
Sicherheitsupdate für Windows XP (KB2719985) (Version: 1)
Sicherheitsupdate für Windows XP (KB2723135-v2) (Version: 2)
Sicherheitsupdate für Windows XP (KB2727528) (Version: 1)
Sicherheitsupdate für Windows XP (KB2753842-v2) (Version: 2)
Sicherheitsupdate für Windows XP (KB2757638) (Version: 1)
Sicherheitsupdate für Windows XP (KB2758857) (Version: 1)
Sicherheitsupdate für Windows XP (KB2770660) (Version: 1)
Sicherheitsupdate für Windows XP (KB2780091) (Version: 1)
Sicherheitsupdate für Windows XP (KB2802968) (Version: 1)
Sicherheitsupdate für Windows XP (KB2807986) (Version: 1)
Sicherheitsupdate für Windows XP (KB2813345) (Version: 1)
Sicherheitsupdate für Windows XP (KB2820197) (Version: 1)
Sicherheitsupdate für Windows XP (KB2820917) (Version: 1)
Sicherheitsupdate für Windows XP (KB2829361) (Version: 1)
Sicherheitsupdate für Windows XP (KB2839229) (Version: 1)
Sicherheitsupdate für Windows XP (KB923561) (Version: 1)
Sicherheitsupdate für Windows XP (KB941569)
Sicherheitsupdate für Windows XP (KB946648) (Version: 1)
Sicherheitsupdate für Windows XP (KB950762) (Version: 1)
Sicherheitsupdate für Windows XP (KB950974) (Version: 1)
Sicherheitsupdate für Windows XP (KB951376-v2) (Version: 2)
Sicherheitsupdate für Windows XP (KB952004) (Version: 1)
Sicherheitsupdate für Windows XP (KB952954) (Version: 1)
Sicherheitsupdate für Windows XP (KB956572) (Version: 1)
Sicherheitsupdate für Windows XP (KB956802) (Version: 1)
Sicherheitsupdate für Windows XP (KB956844) (Version: 1)
Sicherheitsupdate für Windows XP (KB959426) (Version: 1)
Sicherheitsupdate für Windows XP (KB960859) (Version: 1)
Sicherheitsupdate für Windows XP (KB969059) (Version: 1)
Sicherheitsupdate für Windows XP (KB970430) (Version: 1)
Sicherheitsupdate für Windows XP (KB971657) (Version: 1)
Sicherheitsupdate für Windows XP (KB972270) (Version: 1)
Sicherheitsupdate für Windows XP (KB973507) (Version: 1)
Sicherheitsupdate für Windows XP (KB973869) (Version: 1)
Sicherheitsupdate für Windows XP (KB973904) (Version: 1)
Sicherheitsupdate für Windows XP (KB974112) (Version: 1)
Sicherheitsupdate für Windows XP (KB974318) (Version: 1)
Sicherheitsupdate für Windows XP (KB974392) (Version: 1)
Sicherheitsupdate für Windows XP (KB974571) (Version: 1)
Sicherheitsupdate für Windows XP (KB975025) (Version: 1)
Sicherheitsupdate für Windows XP (KB975467) (Version: 1)
Sicherheitsupdate für Windows XP (KB975560) (Version: 1)
Sicherheitsupdate für Windows XP (KB975713) (Version: 1)
Sicherheitsupdate für Windows XP (KB977816) (Version: 1)
Sicherheitsupdate für Windows XP (KB977914) (Version: 1)
Sicherheitsupdate für Windows XP (KB978338) (Version: 1)
Sicherheitsupdate für Windows XP (KB978542) (Version: 1)
Sicherheitsupdate für Windows XP (KB978706) (Version: 1)
Sicherheitsupdate für Windows XP (KB979309) (Version: 1)
Sicherheitsupdate für Windows XP (KB979482) (Version: 1)
Sicherheitsupdate für Windows XP (KB979687) (Version: 1)
Sicherheitsupdate für Windows XP (KB981322) (Version: 1)
Sicherheitsupdate für Windows XP (KB981997) (Version: 1)
Sicherheitsupdate für Windows XP (KB982132) (Version: 1)
Sicherheitsupdate für Windows XP (KB982665) (Version: 1)
Smart Start UP (Version: 1.00.000)
Sonic CinePlayer (Version: 2.0.0)
Sonic MyDVD (Version: 6.0)
Sonic RecordNow! Plus (Version: 7.3)
Sonic Simple Backup (Version: 5.1)
Sonic Update Manager (Version: 3.0.0)
Sudden Strike - Resource War
TKexe Kalender
TVUPlayer 2.5.2.2 (Version: 2.5.2.2)
Ulead Photo Express 2.0 SE
Update für Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update für Windows XP (KB2345886) (Version: 1)
Update für Windows XP (KB2467659) (Version: 1)
Update für Windows XP (KB2661254-v2) (Version: 2)
Update für Windows XP (KB2749655) (Version: 1)
Update für Windows XP (KB951978) (Version: 1)
Update für Windows XP (KB955759) (Version: 1)
Update für Windows XP (KB968389) (Version: 1)
Update für Windows XP (KB971029) (Version: 1)
Update für Windows XP (KB973815) (Version: 1)
Viewpoint Media Player
WebFldrs XP (Version: 9.50.7523)
Winamp (remove only)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Connect
Windows Media Connect (Version: 1.0.0.0)
Windows Media Format Runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 10
Windows XP Service Pack 3 (Version: 20080414.031514)
==================== Restore Points =========================
26-11-2005 10:21:38 Systemprüfpunkt
27-11-2005 06:46:37 Microsoft Office XP Professional mit FrontPage wird installiert
27-11-2005 11:31:51 Nero 7 Demo wird installiert
07-07-2006 14:41:42 Installation eines unsignierten Treibers
08-07-2006 07:50:30 Installation eines unsignierten Treibers
15-08-2006 15:00:59 Installiert ANNO 1602 Königs-Edition
06-01-2007 15:55:55 Install CloneDVD2OEM
08-04-2007 07:24:45 Adobe Reader 7.0 - Deutsch wird entfernt
08-04-2007 07:24:58 Adobe Reader 8 - Deutsch wird installiert
08-04-2007 07:37:23 AntiVir PersonalEdition Classic - 08.04.2007 09:37
03-11-2007 15:47:43 Windows XP KB885295 wurde installiert.
06-06-2009 15:20:03 Installiert InstallShield Wiederherstellungspunkt
06-06-2009 15:21:01 ABBYY FineReader 6.0 Sprint wird installiert
06-06-2009 15:21:40 Installiert EPSON Web-To-Page
06-06-2009 15:21:53 Installiert EPSON Easy Photo Print
06-06-2009 15:21:56 Installiert EPSON Easy Photo Print
06-06-2009 15:23:34 Installed EPSON Attach To Email
06-06-2009 15:23:55 Installiert EPSON Scan Assistant
06-06-2009 15:24:14 Installiert EPSON File Manager
06-06-2009 15:24:17 Installiert EPSON File Manager
06-06-2009 15:24:58 Installiert Camera RAW Plug-In for EPSON Creativity Suite
06-06-2009 15:25:01 Installiert Camera RAW Plug-In for EPSON Creativity Suite
24-06-2009 14:45:40 Installiert Presto! Mr. Photo 4
24-06-2009 14:46:18 Installiert Smart Start UP
24-06-2009 14:47:47 Installiert QuickTime
12-09-2009 18:41:36 AntiVir PersonalEdition Classic - 12.09.2009 20:41
12-09-2009 18:42:11 Avira AntiVir Personal - 12.09.2009 20:42
26-06-2011 08:01:24 Java(TM) 6 Update 26 wird installiert
30-07-2011 12:57:30 Adobe Reader 8 - Deutsch wird entfernt
29-06-2013 23:11:55 Windows XP Service Pack 3 wurde installiert.
30-06-2013 00:09:00 Software Distribution Service 3.0
30-06-2013 07:38:35 Software Distribution Service 3.0
03-07-2013 05:08:03 Software Distribution Service 3.0
==================== Hosts content: ==========================
2005-01-18 21:17 - 2004-08-04 14:00 - 00000820 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce751d42e5e6ac.job => C:\Programme\Google\Update\GoogleUpdate.exe
==================== Faulty Device Manager Devices =============
Name: Smart Link 56K Voice Modem
Description: Smart Link 56K Voice Modem
Class Guid: {4D36E96D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Smart Link (www.smlink.com)
Service: Modem
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/04/2013 05:50:44 PM) (Source: F-Secure Anti-Virus) (User: )
Description: 1 2013-07-04 17:50:43+02:00 NIRVANA NIRVANA\Champ F-Secure Anti-Virus
Manual scanning was finished - workstation was found infected!
Error: (06/30/2013 01:56:56 AM) (Source: Microsoft Office 10) (User: )
Description: Rejected Safe Mode action : Microsoft Excel.
Error: (06/30/2013 01:28:15 AM) (Source: crypt32) (User: )
Description: Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (06/30/2013 01:28:15 AM) (Source: crypt32) (User: )
Description: Die Extrahierung der Drittanbieterstammlisten aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error: (06/29/2013 05:06:55 PM) (Source: crypt32) (User: )
Description: Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
.
Error: (03/24/2013 11:54:27 AM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung iexplore.exe, Version 6.0.2900.2180, fehlgeschlagenes Modul mshtml.dll, Version 6.0.2900.2769, Fehleradresse 0x00116ecb.
Das medienspezifische Ereignis für [iexplore.exe!ws!] wird verarbeitet.
Error: (03/24/2013 11:29:01 AM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung iexplore.exe, Version 6.0.2900.2180, fehlgeschlagenes Modul mshtml.dll, Version 6.0.2900.2769, Fehleradresse 0x00116ecb.
Das medienspezifische Ereignis für [iexplore.exe!ws!] wird verarbeitet.
Error: (03/17/2013 01:37:53 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung iexplore.exe, Version 6.0.2900.2180, fehlgeschlagenes Modul urlmon.dll, Version 6.0.2900.2753, Fehleradresse 0x00039146.
Das medienspezifische Ereignis für [iexplore.exe!ws!] wird verarbeitet.
Error: (02/27/2013 05:16:42 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung mrstart.exe, Version 4.0.9.1000, fehlgeschlagenes Modul mrstart.exe, Version 4.0.9.1000, Fehleradresse 0x0000b3e6.
Das medienspezifische Ereignis für [mrstart.exe!ws!] wird verarbeitet.
Error: (01/25/2013 01:47:41 PM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung mrstart.exe, Version 4.0.9.1000, fehlgeschlagenes Modul mrstart.exe, Version 4.0.9.1000, Fehleradresse 0x0000b3e6.
Das medienspezifische Ereignis für [mrstart.exe!ws!] wird verarbeitet.
System errors:
=============
Error: (07/05/2013 07:32:56 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: Der Server "{4EB61BAC-A3B6-4760-9581-655041EF4D69}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (07/03/2013 06:53:27 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: Der Server "{4EB61BAC-A3B6-4760-9581-655041EF4D69}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/30/2013 09:18:26 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: Der Server "{4EB61BAC-A3B6-4760-9581-655041EF4D69}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/30/2013 01:04:59 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:
%%1460
Error: (06/29/2013 08:34:02 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: Bei DCOM ist der Fehler "%%1084" aufgetreten, als der Dienst "EventSystem" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (06/29/2013 08:33:54 PM) (Source: DCOM) (User: NIRVANA)
Description: Bei DCOM ist der Fehler "%%1084" aufgetreten, als der Dienst "netman" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}
Error: (06/29/2013 08:33:47 PM) (Source: DCOM) (User: NIRVANA)
Description: Bei DCOM ist der Fehler "%%1084" aufgetreten, als der Dienst "netman" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
Error: (06/29/2013 08:33:37 PM) (Source: DCOM) (User: NIRVANA)
Description: Bei DCOM ist der Fehler "%%1084" aufgetreten, als der Dienst "netman" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
Error: (06/29/2013 08:33:13 PM) (Source: DCOM) (User: NIRVANA)
Description: Bei DCOM ist der Fehler "%%1084" aufgetreten, als der Dienst "StiSvc" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error: (06/29/2013 08:32:55 PM) (Source: DCOM) (User: NIRVANA)
Description: Bei DCOM ist der Fehler "%%1084" aufgetreten, als der Dienst "netman" mit den Argumenten ""
gestartet wurde, um den folgenden Server zu verwenden:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
Microsoft Office Sessions:
=========================
Error: (07/04/2013 05:50:44 PM) (Source: F-Secure Anti-Virus)(User: )
Description: 1 2013-07-04 17:50:43+02:00 NIRVANA NIRVANA\Champ F-Secure Anti-Virus
Manual scanning was finished - workstation was found infected!
Error: (06/30/2013 01:56:56 AM) (Source: Microsoft Office 10)(User: )
Description: Microsoft Excel:\AMPM
Error: (06/30/2013 01:28:15 AM) (Source: crypt32)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (06/30/2013 01:28:15 AM) (Source: crypt32)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (06/29/2013 05:06:55 PM) (Source: crypt32)(User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtDer Servername oder die Serveradresse konnte nicht verarbeitet werden.
Error: (03/24/2013 11:54:27 AM) (Source: Application Error)(User: )
Description: iexplore.exe6.0.2900.2180mshtml.dll6.0.2900.276900116ecb
Error: (03/24/2013 11:29:01 AM) (Source: Application Error)(User: )
Description: iexplore.exe6.0.2900.2180mshtml.dll6.0.2900.276900116ecb
Error: (03/17/2013 01:37:53 PM) (Source: Application Error)(User: )
Description: iexplore.exe6.0.2900.2180urlmon.dll6.0.2900.275300039146
Error: (02/27/2013 05:16:42 PM) (Source: Application Error)(User: )
Description: mrstart.exe4.0.9.1000mrstart.exe4.0.9.10000000b3e6
Error: (01/25/2013 01:47:41 PM) (Source: Application Error)(User: )
Description: mrstart.exe4.0.9.1000mrstart.exe4.0.9.10000000b3e6
==================== Memory info ===========================
Percentage of memory in use: 54%
Total physical RAM: 894.48 MB
Available physical RAM: 407.89 MB
Total Pagefile: 2167.92 MB
Available Pagefile: 1610.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.36 MB
==================== Drives ================================
Drive c: (Daten) (Fixed) (Total:279.46 GB) (Free:208.93 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 279 GB) (Disk ID: DFFCDFFC)
Partition 1: (Active) - (Size=279 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
05.07.2013, 17:00
| #4 |
| /// the machine /// TB-Ausbilder | Wie bekomme ich "dirtydecrypt.exe" wieder los?Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.07.2013, 07:21
| #5 |
| | Wie bekomme ich "dirtydecrypt.exe" wieder los? Hallo Schrauber, hab ich gemacht: Combofix Logfile: Code:
ATTFilter ComboFix 13-07-06.02 - Champ 06.07.2013 8:04.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.894.508 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Champ\Desktop\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *Enabled/Outdated* {00000000-0000-0000-0000-000000000000}
AV: Computer Security *Disabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-06-06 bis 2013-07-06 ))))))))))))))))))))))))))))))
.
.
2013-07-05 09:29 . 2013-07-05 09:29 -------- d-----w- C:\FRST
2013-07-04 15:24 . 2013-07-04 15:24 -------- d-----w- c:\dokumente und einstellungen\Champ\Lokale Einstellungen\Anwendungsdaten\Sun
2013-06-30 08:09 . 2013-06-30 08:09 -------- d-sh--w- c:\dokumente und einstellungen\NetworkService\IETldCache
2013-06-30 07:47 . 2013-06-30 07:47 -------- d-----w- c:\programme\Gemeinsame Dateien\Java
2013-06-30 07:47 . 2013-06-30 07:47 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-30 07:47 . 2013-06-30 07:47 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-30 07:28 . 2013-06-30 07:28 -------- d-----w- c:\programme\CCleaner
2013-06-30 07:24 . 2010-11-02 15:17 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2013-06-30 07:22 . 2013-06-30 07:22 -------- d-sh--w- c:\dokumente und einstellungen\Champ\PrivacIE
2013-06-30 07:22 . 2013-06-30 07:22 -------- d-sh--w- c:\dokumente und einstellungen\Champ\IECompatCache
2013-06-30 07:16 . 2013-06-30 07:16 -------- d-sh--w- c:\dokumente und einstellungen\Champ\IETldCache
2013-06-30 00:31 . 2013-05-07 22:28 522240 ------w- c:\windows\system32\dllcache\jsdbgui.dll
2013-06-30 00:31 . 2011-08-16 10:45 6144 ------w- c:\windows\system32\dllcache\iecompat.dll
2013-06-30 00:30 . 2013-05-07 22:28 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2013-06-30 00:30 . 2013-05-07 22:28 630272 ------w- c:\windows\system32\dllcache\msfeeds.dll
2013-06-30 00:30 . 2013-05-07 22:28 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2013-06-30 00:30 . 2013-05-07 22:28 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2013-06-30 00:30 . 2013-05-07 22:28 2005504 ------w- c:\windows\system32\dllcache\iertutil.dll
2013-06-30 00:30 . 2013-05-07 22:28 11112960 ------w- c:\windows\system32\dllcache\ieframe.dll
2013-06-30 00:30 . 2013-05-07 22:28 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2013-06-30 00:29 . 2013-06-30 00:30 -------- dc-h--w- c:\windows\ie8
2013-06-30 00:01 . 2008-06-14 17:32 273024 ------w- c:\windows\system32\dllcache\bthport.sys
2013-06-29 23:59 . 2010-09-18 06:52 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2013-06-29 23:59 . 2011-02-08 13:33 978944 ------w- c:\windows\system32\dllcache\mfc42.dll
2013-06-29 23:58 . 2011-07-15 13:29 456320 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2013-06-29 23:58 . 2010-08-23 16:11 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2013-06-29 23:57 . 2009-11-21 15:54 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2013-06-29 23:51 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2013-06-29 23:50 . 2010-08-27 08:01 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2013-06-29 23:50 . 2009-10-15 16:28 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2013-06-29 23:49 . 2009-06-21 21:45 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2013-06-29 23:49 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2013-06-29 23:49 . 2009-03-06 14:19 286720 ------w- c:\windows\system32\dllcache\pdh.dll
2013-06-29 23:49 . 2009-02-09 11:21 111104 ------w- c:\windows\system32\dllcache\services.exe
2013-06-29 23:49 . 2009-02-09 10:51 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2013-06-29 23:49 . 2009-02-09 10:51 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2013-06-29 23:49 . 2009-02-09 10:51 678400 ------w- c:\windows\system32\dllcache\advapi32.dll
2013-06-29 23:49 . 2009-02-09 10:51 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2013-06-29 23:49 . 2012-12-16 12:23 290560 ------w- c:\windows\system32\dllcache\atmfd.dll
2013-06-29 23:48 . 2013-02-12 00:32 12928 ------w- c:\windows\system32\dllcache\usb8023x.sys
2013-06-29 23:48 . 2013-02-12 00:32 12928 ------w- c:\windows\system32\dllcache\usb8023.sys
2013-06-29 23:48 . 2008-05-08 14:02 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2013-06-29 23:48 . 2011-08-17 13:49 138496 ------w- c:\windows\system32\dllcache\afd.sys
2013-06-29 23:48 . 2011-04-21 13:37 105472 ------w- c:\windows\system32\dllcache\mup.sys
2013-06-29 23:47 . 2013-06-29 23:58 44240 ----a-w- c:\windows\system32\drivers\fsbts.sys
2013-06-29 23:47 . 2008-05-01 14:34 331776 ------w- c:\windows\system32\dllcache\msadce.dll
2013-06-29 23:45 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2013-06-29 23:44 . 2013-06-29 23:44 -------- d-----w- c:\dokumente und einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\F-Secure
2013-06-29 23:44 . 2012-05-28 18:16 536576 ------w- c:\windows\system32\dllcache\msado15.dll
2013-06-29 23:43 . 2010-06-18 13:36 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2013-06-29 23:43 . 2012-07-04 14:05 139784 ------w- c:\windows\system32\dllcache\rdpwd.sys
2013-06-29 23:40 . 2010-12-09 15:15 743936 ------w- c:\windows\system32\dllcache\ntdll.dll
2013-06-29 23:40 . 2013-05-03 05:39 2195840 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2013-06-29 23:40 . 2013-05-03 05:39 2152448 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2013-06-29 23:40 . 2013-05-03 05:39 2031104 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2013-06-29 23:40 . 2013-05-03 05:39 2072448 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2013-06-29 23:40 . 2010-07-16 12:01 220160 ------w- c:\windows\system32\dllcache\wordpad.exe
2013-06-29 23:40 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2013-06-29 23:39 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2013-06-29 23:39 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\dllcache\iacenc.dll
2013-06-29 23:39 . 2010-10-11 14:59 45568 ------w- c:\windows\system32\dllcache\wab.exe
2013-06-29 23:39 . 2010-08-16 08:44 590848 ------w- c:\windows\system32\dllcache\rpcrt4.dll
2013-06-29 23:28 . 2013-06-29 23:52 -------- d-----w- c:\programme\F-Secure
2013-06-29 23:25 . 2004-08-04 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2013-06-29 23:14 . 2008-04-14 05:52 4255 ------w- c:\windows\system32\drivers\adv01nt5.dll
2013-06-29 23:11 . 2006-12-28 22:31 19569 ----a-w- c:\windows\002643_.tmp
2013-06-29 23:09 . 2013-06-29 23:09 -------- d-----w- c:\windows\EHome
2013-06-29 18:28 . 2013-06-29 23:54 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\F-Secure
2013-06-29 17:09 . 2013-06-29 17:09 -------- d--h--w- c:\windows\PIF
2013-06-23 05:07 . 2013-06-23 05:07 -------- d-----w- c:\dokumente und einstellungen\Administrator
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-04 15:18 . 2012-04-14 15:01 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-04 15:18 . 2011-08-21 07:33 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-30 07:47 . 2011-06-26 08:01 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-06-30 07:47 . 2011-06-26 08:01 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-05-07 22:28 . 2005-01-18 19:17 920064 ----a-w- c:\windows\system32\wininet.dll
2013-05-07 22:28 . 2005-01-18 19:17 43520 ------w- c:\windows\system32\licmgr10.dll
2013-05-07 22:28 . 2005-01-18 19:17 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-05-07 21:53 . 2005-01-18 19:17 385024 ------w- c:\windows\system32\html.iec
2013-05-03 05:39 . 2005-02-01 09:40 2195840 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 05:39 . 2004-08-04 00:50 2072448 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-12 14:00 . 2005-01-18 19:17 1876480 ----a-w- c:\windows\system32\win32k.sys
2013-05-09 12:28 . 2013-05-09 12:28 263064 ----a-w- c:\programme\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DirtyDecrypt"="\\?\c:\dokumente und einstellungen\Champ\Anwendungsdaten\Dirty\DirtyDecrypt.exe" [?]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208]
"swg"="c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-26 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"ATIPTA"="c:\programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-02-22 339968]
"SoundMan"="SOUNDMAN.EXE" [2005-03-24 77824]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"PE2CKFNT SE"="c:\programme\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe" [1998-07-03 25088]
"FreePDFAssistent"="c:\programme\FreePDF\FreePDFA.exe" [2003-12-24 150528]
"WinampAgent"="c:\programme\Winamp\winampa.exe" [2007-02-13 35328]
"RealTray"="c:\programme\Real\RealPlayer\RealPlay.exe" [2005-01-18 26112]
"AOLDialer"="c:\programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe" [2007-06-21 70952]
"HostManager"="c:\programme\Gemeinsame Dateien\AOL\1194104839\ee\AOLSoftware.exe" [2006-09-26 50736]
"Smart Start UP"="c:\programme\NewSoft\Smart Start UP\PnPDetect.exe" [2007-04-27 104528]
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2009-06-24 155648]
"AVMWlanClient"="c:\programme\avmwlanstick\wlangui.exe" [2008-09-05 1794048]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"F-Secure Hoster (666)"="c:\programme\F-Secure\fshoster32.exe" [2013-01-18 188400]
"F-Secure Manager"="c:\programme\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" [2013-01-03 311432]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
AOL 9.0 Tray-Symbol.lnk - c:\programme\AOL 9.0\aoltray.exe -check [2007-7-8 156784]
Microsoft Office.lnk - c:\programme\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
Photo Express Calendar Checker SE.lnk - c:\programme\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe [2006-7-8 55296]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Gemeinsame Dateien\\AOL\\ACS\\AOLDial.exe"=
"c:\\Programme\\Gemeinsame Dateien\\AOL\\ACS\\AOLAcsd.exe"=
"c:\\Programme\\AOL 9.0\\waol.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [30.06.2013 01:47 44240]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\programme\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [30.06.2013 01:50 73248]
R2 fshoster;F-Secure Dll Hoster;c:\programme\F-Secure\fshoster32.exe -hosterid:0 --> c:\programme\F-Secure\fshoster32.exe -hosterid:0 [?]
R2 FSORSPClient;F-Secure ORSP Client;c:\programme\F-Secure\apps\CCF_Reputation\fsorsp.exe [06.08.2012 14:53 60352]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\programme\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [30.06.2013 01:46 145856]
R3 fsni;fsni;c:\programme\F-Secure\apps\CCF_Scanning\fsnixp32.sys [25.04.2013 12:52 50112]
R3 fsnitdi;fsnitdi;c:\programme\F-Secure\apps\CCF_Scanning\fsnitdi32.sys [25.04.2013 12:52 21952]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\drivers\fwlanusb.sys [12.09.2009 09:26 265088]
S3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [12.09.2009 09:26 4352]
S3 PsShutdownSvc;PsShutdown;c:\windows\system32\PSSDNSVC.EXE [18.01.2005 21:39 65536]
S3 S6U12BScanner;MUSTEK 1200 UB Still Image Device Service;c:\windows\system32\drivers\usbscan.sys [08.07.2006 09:42 15104]
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 15:18]
.
2013-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore1ce7a05bfb8e034.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-12-26 15:45]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.hotmail.com/
IE: Alles mit NetXfer herunterladen - c:\programme\Xi\NetXfer\NXAddList.html
IE: Herunterladen mit NetXfer - c:\programme\Xi\NetXfer\NXAddLink.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\dokumente und einstellungen\Champ\Anwendungsdaten\Mozilla\Firefox\Profiles\8ovd1kw1.default\
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-07-06 08:11
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\fshoster]
"ImagePath"="c:\programme\F-Secure\fshoster32.exe -hosterid:0"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\F-Secure\My Services Agent\Protected]
@Denied: ) (Everyone)
"AgentIdentifier"="dcee9383-924b-42ca-b606-7b4e6d26a6fe"
"AuthorizationCode"=""
"666_AgentIdentifier"="dcee9383-924b-42ca-b606-7b4e6d26a6fe"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(696)
c:\windows\system32\Ati2evxx.dll
c:\programme\f-secure\apps\computersecurity\hips\fshook32.dll
.
- - - - - - - > 'explorer.exe'(2944)
c:\windows\system32\webcheck.dll
.
Zeit der Fertigstellung: 2013-07-06 08:13:08
ComboFix-quarantined-files.txt 2013-07-06 06:13
ComboFix2.txt 2013-07-06 05:46
.
Vor Suchlauf: 14 Verzeichnis(se), 224.370.741.248 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 224.359.100.416 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - EDB49B7339571FBD7914FD2B0C7DE729
8F558EB6672622401DA993E1E865C861 |
|
06.07.2013, 09:06
| #6 |
| /// the machine /// TB-Ausbilder | Wie bekomme ich "dirtydecrypt.exe" wieder los? Bitte den Inhalt von C:\Qoobox\ComboFix2.txt posten. Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST Log bitte.
__________________ --> Wie bekomme ich "dirtydecrypt.exe" wieder los? |
|
06.07.2013, 10:52
| #7 |
| | Wie bekomme ich "dirtydecrypt.exe" wieder los? Hier erstmal die combofix2.txt: Combofix Logfile: Code:
ATTFilter ComboFix 13-07-06.02 - Champ 06.07.2013 7:36.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.49.1031.18.894.538 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Champ\Desktop\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *Enabled/Outdated* {00000000-0000-0000-0000-000000000000}
AV: Computer Security *Disabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\Administrator.NIRVANA\Anwendungsdaten\Dirty
c:\dokumente und einstellungen\Administrator.NIRVANA\Anwendungsdaten\Dirty\alertwall.jpg
c:\dokumente und einstellungen\Administrator.NIRVANA\Anwendungsdaten\Dirty\DirtyDecrypt.exe.virus
c:\dokumente und einstellungen\Administrator.NIRVANA\rstrui.exe
c:\dokumente und einstellungen\Champ\Anwendungsdaten\Dirty
c:\dokumente und einstellungen\Champ\Anwendungsdaten\Dirty\alertwall.jpg
c:\dokumente und einstellungen\Champ\Anwendungsdaten\Dirty\DirtyDecrypt.exe.virus
c:\dokumente und einstellungen\Champ\WINDOWS
c:\windows\IsUn0407.exe
c:\windows\jestertb.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-06-06 bis 2013-07-06 ))))))))))))))))))))))))))))))
.
.
2013-07-05 09:29 . 2013-07-05 09:29 -------- d-----w- C:\FRST
2013-07-04 15:24 . 2013-07-04 15:24 -------- d-----w- c:\dokumente und einstellungen\Champ\Lokale Einstellungen\Anwendungsdaten\Sun
2013-06-30 08:09 . 2013-06-30 08:09 -------- d-sh--w- c:\dokumente und einstellungen\NetworkService\IETldCache
2013-06-30 07:47 . 2013-06-30 07:47 -------- d-----w- c:\programme\Gemeinsame Dateien\Java
2013-06-30 07:47 . 2013-06-30 07:47 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-30 07:47 . 2013-06-30 07:47 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-30 07:28 . 2013-06-30 07:28 -------- d-----w- c:\programme\CCleaner
2013-06-30 07:24 . 2010-11-02 15:17 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2013-06-30 07:22 . 2013-06-30 07:22 -------- d-sh--w- c:\dokumente und einstellungen\Champ\PrivacIE
2013-06-30 07:22 . 2013-06-30 07:22 -------- d-sh--w- c:\dokumente und einstellungen\Champ\IECompatCache
2013-06-30 07:16 . 2013-06-30 07:16 -------- d-sh--w- c:\dokumente und einstellungen\Champ\IETldCache
2013-06-30 00:31 . 2013-05-07 22:28 522240 ------w- c:\windows\system32\dllcache\jsdbgui.dll
2013-06-30 00:31 . 2011-08-16 10:45 6144 ------w- c:\windows\system32\dllcache\iecompat.dll
2013-06-30 00:30 . 2013-05-07 22:28 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2013-06-30 00:30 . 2013-05-07 22:28 630272 ------w- c:\windows\system32\dllcache\msfeeds.dll
2013-06-30 00:30 . 2013-05-07 22:28 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2013-06-30 00:30 . 2013-05-07 22:28 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2013-06-30 00:30 . 2013-05-07 22:28 2005504 ------w- c:\windows\system32\dllcache\iertutil.dll
2013-06-30 00:30 . 2013-05-07 22:28 11112960 ------w- c:\windows\system32\dllcache\ieframe.dll
2013-06-30 00:30 . 2013-05-07 22:28 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2013-06-30 00:29 . 2013-06-30 00:30 -------- dc-h--w- c:\windows\ie8
2013-06-30 00:01 . 2008-06-14 17:32 273024 ------w- c:\windows\system32\dllcache\bthport.sys
2013-06-29 23:59 . 2010-09-18 06:52 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2013-06-29 23:59 . 2011-02-08 13:33 978944 ------w- c:\windows\system32\dllcache\mfc42.dll
2013-06-29 23:58 . 2011-07-15 13:29 456320 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2013-06-29 23:58 . 2010-08-23 16:11 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2013-06-29 23:57 . 2009-11-21 15:54 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2013-06-29 23:51 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2013-06-29 23:50 . 2010-08-27 08:01 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2013-06-29 23:50 . 2009-10-15 16:28 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2013-06-29 23:49 . 2009-06-21 21:45 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2013-06-29 23:49 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2013-06-29 23:49 . 2009-03-06 14:19 286720 ------w- c:\windows\system32\dllcache\pdh.dll
2013-06-29 23:49 . 2009-02-09 11:21 111104 ------w- c:\windows\system32\dllcache\services.exe
2013-06-29 23:49 . 2009-02-09 10:51 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2013-06-29 23:49 . 2009-02-09 10:51 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2013-06-29 23:49 . 2009-02-09 10:51 678400 ------w- c:\windows\system32\dllcache\advapi32.dll
2013-06-29 23:49 . 2009-02-09 10:51 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2013-06-29 23:49 . 2012-12-16 12:23 290560 ------w- c:\windows\system32\dllcache\atmfd.dll
2013-06-29 23:48 . 2013-02-12 00:32 12928 ------w- c:\windows\system32\dllcache\usb8023x.sys
2013-06-29 23:48 . 2013-02-12 00:32 12928 ------w- c:\windows\system32\dllcache\usb8023.sys
2013-06-29 23:48 . 2008-05-08 14:02 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2013-06-29 23:48 . 2011-08-17 13:49 138496 ------w- c:\windows\system32\dllcache\afd.sys
2013-06-29 23:48 . 2011-04-21 13:37 105472 ------w- c:\windows\system32\dllcache\mup.sys
2013-06-29 23:47 . 2013-06-29 23:58 44240 ----a-w- c:\windows\system32\drivers\fsbts.sys
2013-06-29 23:47 . 2008-05-01 14:34 331776 ------w- c:\windows\system32\dllcache\msadce.dll
2013-06-29 23:45 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2013-06-29 23:44 . 2013-06-29 23:44 -------- d-----w- c:\dokumente und einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\F-Secure
2013-06-29 23:44 . 2012-05-28 18:16 536576 ------w- c:\windows\system32\dllcache\msado15.dll
2013-06-29 23:43 . 2010-06-18 13:36 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2013-06-29 23:43 . 2012-07-04 14:05 139784 ------w- c:\windows\system32\dllcache\rdpwd.sys
2013-06-29 23:40 . 2010-12-09 15:15 743936 ------w- c:\windows\system32\dllcache\ntdll.dll
2013-06-29 23:40 . 2013-05-03 05:39 2195840 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2013-06-29 23:40 . 2013-05-03 05:39 2152448 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2013-06-29 23:40 . 2013-05-03 05:39 2031104 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2013-06-29 23:40 . 2013-05-03 05:39 2072448 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2013-06-29 23:40 . 2010-07-16 12:01 220160 ------w- c:\windows\system32\dllcache\wordpad.exe
2013-06-29 23:40 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2013-06-29 23:39 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2013-06-29 23:39 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\dllcache\iacenc.dll
2013-06-29 23:39 . 2010-10-11 14:59 45568 ------w- c:\windows\system32\dllcache\wab.exe
2013-06-29 23:39 . 2010-08-16 08:44 590848 ------w- c:\windows\system32\dllcache\rpcrt4.dll
2013-06-29 23:28 . 2013-06-29 23:52 -------- d-----w- c:\programme\F-Secure
2013-06-29 23:25 . 2004-08-04 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2013-06-29 23:14 . 2008-04-14 05:52 4255 ------w- c:\windows\system32\drivers\adv01nt5.dll
2013-06-29 23:11 . 2006-12-28 22:31 19569 ----a-w- c:\windows\002643_.tmp
2013-06-29 23:09 . 2013-06-29 23:09 -------- d-----w- c:\windows\EHome
2013-06-29 18:28 . 2013-06-29 23:54 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\F-Secure
2013-06-29 17:09 . 2013-06-29 17:09 -------- d--h--w- c:\windows\PIF
2013-06-23 05:07 . 2013-06-23 05:07 -------- d-----w- c:\dokumente und einstellungen\Administrator
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-04 15:18 . 2012-04-14 15:01 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-04 15:18 . 2011-08-21 07:33 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-30 07:47 . 2011-06-26 08:01 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-06-30 07:47 . 2011-06-26 08:01 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-05-07 22:28 . 2005-01-18 19:17 920064 ----a-w- c:\windows\system32\wininet.dll
2013-05-07 22:28 . 2005-01-18 19:17 43520 ------w- c:\windows\system32\licmgr10.dll
2013-05-07 22:28 . 2005-01-18 19:17 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-05-07 21:53 . 2005-01-18 19:17 385024 ------w- c:\windows\system32\html.iec
2013-05-03 05:39 . 2005-02-01 09:40 2195840 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 05:39 . 2004-08-04 00:50 2072448 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-12 14:00 . 2005-01-18 19:17 1876480 ----a-w- c:\windows\system32\win32k.sys
2013-05-09 12:28 . 2013-05-09 12:28 263064 ----a-w- c:\programme\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DirtyDecrypt"="\\?\c:\dokumente und einstellungen\Champ\Anwendungsdaten\Dirty\DirtyDecrypt.exe" [?]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208]
"swg"="c:\programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-26 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"ATIPTA"="c:\programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-02-22 339968]
"SoundMan"="SOUNDMAN.EXE" [2005-03-24 77824]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"PE2CKFNT SE"="c:\programme\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe" [1998-07-03 25088]
"FreePDFAssistent"="c:\programme\FreePDF\FreePDFA.exe" [2003-12-24 150528]
"WinampAgent"="c:\programme\Winamp\winampa.exe" [2007-02-13 35328]
"RealTray"="c:\programme\Real\RealPlayer\RealPlay.exe" [2005-01-18 26112]
"AOLDialer"="c:\programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe" [2007-06-21 70952]
"HostManager"="c:\programme\Gemeinsame Dateien\AOL\1194104839\ee\AOLSoftware.exe" [2006-09-26 50736]
"Smart Start UP"="c:\programme\NewSoft\Smart Start UP\PnPDetect.exe" [2007-04-27 104528]
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2009-06-24 155648]
"AVMWlanClient"="c:\programme\avmwlanstick\wlangui.exe" [2008-09-05 1794048]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"F-Secure Hoster (666)"="c:\programme\F-Secure\fshoster32.exe" [2013-01-18 188400]
"F-Secure Manager"="c:\programme\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" [2013-01-03 311432]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
AOL 9.0 Tray-Symbol.lnk - c:\programme\AOL 9.0\aoltray.exe -check [2007-7-8 156784]
Microsoft Office.lnk - c:\programme\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
Photo Express Calendar Checker SE.lnk - c:\programme\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe [2006-7-8 55296]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Gemeinsame Dateien\\AOL\\ACS\\AOLDial.exe"=
"c:\\Programme\\Gemeinsame Dateien\\AOL\\ACS\\AOLAcsd.exe"=
"c:\\Programme\\AOL 9.0\\waol.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [30.06.2013 01:47 44240]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\programme\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [30.06.2013 01:50 73248]
R2 fshoster;F-Secure Dll Hoster;c:\programme\F-Secure\fshoster32.exe -hosterid:0 --> c:\programme\F-Secure\fshoster32.exe -hosterid:0 [?]
R2 FSORSPClient;F-Secure ORSP Client;c:\programme\F-Secure\apps\CCF_Reputation\fsorsp.exe [06.08.2012 14:53 60352]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\programme\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [30.06.2013 01:46 145856]
R3 fsni;fsni;c:\programme\F-Secure\apps\CCF_Scanning\fsnixp32.sys [25.04.2013 12:52 50112]
R3 fsnitdi;fsnitdi;c:\programme\F-Secure\apps\CCF_Scanning\fsnitdi32.sys [25.04.2013 12:52 21952]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\drivers\fwlanusb.sys [12.09.2009 09:26 265088]
S3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [12.09.2009 09:26 4352]
S3 PsShutdownSvc;PsShutdown;c:\windows\system32\PSSDNSVC.EXE [18.01.2005 21:39 65536]
S3 S6U12BScanner;MUSTEK 1200 UB Still Image Device Service;c:\windows\system32\drivers\usbscan.sys [08.07.2006 09:42 15104]
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 15:18]
.
2013-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore1ce7a05bfb8e034.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-12-26 15:45]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.hotmail.com/
IE: Alles mit NetXfer herunterladen - c:\programme\Xi\NetXfer\NXAddList.html
IE: Herunterladen mit NetXfer - c:\programme\Xi\NetXfer\NXAddLink.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\dokumente und einstellungen\Champ\Anwendungsdaten\Mozilla\Firefox\Profiles\8ovd1kw1.default\
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-DIVXCodec - c:\windows\rundll.exe
AddRemove-Kalender - c:\windows\Uninstall_tkexe -kalender
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0407.exe
AddRemove-MJuiceWinamp - c:\programme\Mjuice Media PlayerMJUninst.exe
AddRemove-Ulead Photo Express 2.0 SE - c:\windows\IsUn0407.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-07-06 07:44
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\fshoster]
"ImagePath"="c:\programme\F-Secure\fshoster32.exe -hosterid:0"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\F-Secure\My Services Agent\Protected]
@Denied: ) (Everyone)
"AgentIdentifier"="dcee9383-924b-42ca-b606-7b4e6d26a6fe"
"AuthorizationCode"=""
"666_AgentIdentifier"="dcee9383-924b-42ca-b606-7b4e6d26a6fe"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'winlogon.exe'(696)
c:\windows\system32\Ati2evxx.dll
c:\programme\f-secure\apps\computersecurity\hips\fshook32.dll
.
Zeit der Fertigstellung: 2013-07-06 07:46:02
ComboFix-quarantined-files.txt 2013-07-06 05:45
.
Vor Suchlauf: 14 Verzeichnis(se), 224.220.413.952 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 224.366.129.152 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 580CE50B5FC30951EE49D9DFA1D9D16E
8F558EB6672622401DA993E1E865C861 dann die 1. Awd.txt:AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.304 - Datei am 06/07/2013 um 11:42:15 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Champ - NIRVANA
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Champ\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gefunden : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
Ordner Gefunden : C:\Programme\Viewpoint
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Schlüssel Gefunden : HKLM\Software\MetaStream
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Schlüssel Gefunden : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Schlüssel Gefunden : HKLM\Software\Viewpoint
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0.1 (de)
Datei : C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Firefox\Profiles\8ovd1kw1.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [2140 octets] - [06/07/2013 11:42:15]
########## EOF - C:\AdwCleaner[R1].txt - [2200 octets] ##########
und die 2. dazu:AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.304 - Datei am 06/07/2013 um 11:42:54 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Champ - NIRVANA
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Champ\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
Ordner Gelöscht : C:\Programme\Viewpoint
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Schlüssel Gelöscht : HKLM\Software\MetaStream
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Schlüssel Gelöscht : HKLM\Software\Viewpoint
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0.1 (de)
Datei : C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Firefox\Profiles\8ovd1kw1.default\prefs.js
C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Firefox\Profiles\8ovd1kw1.default\user.js ... Gelöscht !
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [2269 octets] - [06/07/2013 11:42:15]
AdwCleaner[S1].txt - [2323 octets] - [06/07/2013 11:42:54]
########## EOF - C:\AdwCleaner[S1].txt - [2383 octets] ##########
und die JRT.txt: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Microsoft Windows XP x86 Ran by Champ on 06.07.2013 at 11:49:39,51 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 06.07.2013 at 11:52:10,15 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ und FRST: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2013
Ran by Champ (administrator) on 06-07-2013 11:53:21
Running from C:\Dokumente und Einstellungen\Champ\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(AVM Berlin) C:\Programme\avmwlanstick\WlanNetService.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(F-Secure Corporation) C:\Programme\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Programme\F-Secure\apps\CCF_Reputation\fsorsp.exe
(F-Secure Corporation) C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Google Inc.) C:\Programme\Google\Update\GoogleUpdate.exe
(Smart Link) C:\WINDOWS\system32\slserv.exe
(InstallShield Software Corporation) C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
(ATI Technologies, Inc.) C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(shbox) C:\Programme\FreePDF\FreePDFA.exe
(NewSoft Technology Corporation) C:\Programme\NewSoft\Smart Start UP\PnPDetect.exe
(AVM Berlin) C:\Programme\avmwlanstick\wlangui.exe
(F-Secure Corporation) C:\Programme\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Nero AG) C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe
(Google Inc.) C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(F-Secure Corporation) C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(F-Secure Corporation) C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [221184 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start [81920 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe [339968 2005-02-22] (ATI Technologies, Inc.)
HKLM\...\Run: [SoundMan] SOUNDMAN.EXE [x]
HKLM\...\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [PE2CKFNT SE] C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe [25088 1998-07-03] ()
HKLM\...\Run: [FreePDFAssistent] C:\Programme\FreePDF\FreePDFA.exe [150528 2003-12-24] (shbox)
HKLM\...\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe [35328 2007-02-13] ()
HKLM\...\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER [26112 2005-01-18] (RealNetworks, Inc.)
HKLM\...\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe [x]
HKLM\...\Run: [Smart Start UP] C:\Programme\NewSoft\Smart Start UP\PnPDetect.exe /Automation [104528 2007-04-27] (NewSoft Technology Corporation)
HKLM\...\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime [155648 2009-06-24] (Apple Computer, Inc.)
HKLM\...\Run: [AVMWlanClient] C:\Programme\avmwlanstick\wlangui.exe [1794048 2008-09-05] (AVM Berlin)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [39792 2008-10-15] (Adobe Systems Incorporated)
HKLM\...\Run: [F-Secure Hoster (666)] "C:\Programme\F-Secure\fshoster32.exe" -app -hosterid:1 [188400 2013-01-18] (F-Secure Corporation)
HKLM\...\Run: [F-Secure Manager] "C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" /splash [311432 2013-01-03] (F-Secure Corporation)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe" [94208 2005-10-28] (Nero AG)
HKCU\...\Run: [DirtyDecrypt] "\\?\C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Dirty\DirtyDecrypt.exe" /hide [x]
HKCU\...\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-12-26] (Google Inc.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Sign In
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Programme\Xi\NetXfer\NXToolBar.dll (Xi)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU -EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Firefox\Profiles\8ovd1kw1.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: TVU Web Player - C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Firefox\Profiles\8ovd1kw1.default\Extensions\firefox@tvunetworks.com
========================== Services (Whitelisted) =================
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [516096 2005-02-22] ()
R2 AVM WLAN Connection Service; C:\Programme\avmwlanstick\WlanNetService.exe [364544 2008-09-05] (AVM Berlin)
R2 fshoster; C:\Programme\F-Secure\fshoster32.exe [188400 2013-01-18] (F-Secure Corporation)
R3 FSMA; C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [209032 2013-01-03] (F-Secure Corporation)
R2 FSORSPClient; C:\Programme\F-Secure\apps\CCF_Reputation\fsorsp.exe [60352 2013-06-30] (F-Secure Corporation)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-12-26] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-12-26] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2012-09-26] (Google)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [115608 2013-05-09] (Mozilla Foundation)
S3 PsShutdownSvc; C:\Windows\System32\PSSDNSVC.EXE [65536 2005-01-18] (Systems Internals)
R2 SLService; C:\Windows\System32\slserv.exe [73796 2008-04-14] (Smart Link)
S3 WmcCds; c:\programme\windows media connect\mswmccds.exe [483328 2004-08-11] (Microsoft Corporation)
S3 WmcCdsLs; C:\Programme\Windows Media Connect\mswmcls.exe [28160 2004-08-10] (Microsoft Corporation)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre7\bin\jqs.exe" -service -config "C:\Programme\Java\jre7\lib\deploy\jqs\jqs.conf" [x]
==================== Drivers (Whitelisted) ====================
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [2314560 2005-03-25] (Realtek Semiconductor Corp.)
R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [43008 2005-03-09] (Advanced Micro Devices)
R2 ASCTRM; C:\Windows\System32\Drivers\ASCTRM.sys [8552 2005-01-18] (Windows (R) 2000 DDK provider)
R3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [986624 2005-02-23] (ATI Technologies Inc.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2008-09-05] (AVM Berlin)
R1 Cinemsup; C:\Windows\System32\Drivers\Cinemsup.sys [6656 2003-12-19] (Sonic Solutions)
R2 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [8064 2006-04-22] (Elaborate Bytes AG)
R3 ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [4608 2005-04-12] (Elaborate Bytes AG)
R3 F-Secure Gatekeeper; C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [145856 2013-06-30] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Programme\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [73248 2013-06-30] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [44240 2013-06-30] ()
R3 fsni; C:\Programme\F-Secure\apps\CCF_Scanning\fsnixp32.sys [50112 2013-04-25] (F-Secure Corporation)
R3 fsnitdi; C:\Programme\F-Secure\apps\CCF_Scanning\fsnitdi32.sys [21952 2013-04-25] (F-Secure Corporation)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2008-09-05] (AVM GmbH)
S3 Mtlmnt5; C:\Windows\System32\DRIVERS\Mtlmnt5.sys [126686 2004-08-03] (Smart Link)
S3 Mtlstrm; C:\Windows\System32\DRIVERS\Mtlstrm.sys [1309184 2004-08-03] (Smart Link)
S3 NtMtlFax; C:\Windows\System32\DRIVERS\NtMtlFax.sys [180360 2004-08-03] (Smart Link)
R0 RecAgent; C:\Windows\System32\DRIVERS\RecAgent.sys [13776 2004-08-03] (Smart Link)
R3 RTL8023; C:\Windows\System32\DRIVERS\Rtlnic51.sys [69504 2003-12-31] (Realtek Semiconductor Corporation )
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 S6U12BScanner; C:\Windows\System32\drivers\usbscan.sys [15104 2008-04-14] (Microsoft Corporation)
S3 Slntamr; C:\Windows\System32\DRIVERS\slntamr.sys [404990 2004-08-03] (Smart Link)
S3 SlNtHal; C:\Windows\System32\DRIVERS\Slnthal.sys [95424 2004-08-03] (Smart Link)
S3 SlWdmSup; C:\Windows\System32\DRIVERS\SlWdmSup.sys [13240 2004-08-03] (Smart Link)
S3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S3 catchme; \??\C:\DOKUME~1\Champ\LOKALE~1\Temp\catchme.sys [x]
S4 InCDFs; system32\drivers\InCDFs.sys [x]
S1 InCDPass; system32\drivers\InCDPass.sys [x]
S1 InCDRm; system32\drivers\InCDRm.sys [x]
U3 TlntSvr;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-06 11:49 - 2013-07-06 11:49 - 00000000 ____D C:\Windows\ERUNT
2013-07-06 11:49 - 2013-07-06 11:49 - 00000000 ____D C:\JRT
2013-07-06 11:42 - 2013-07-06 11:43 - 00002452 ____A C:\AdwCleaner[S1].txt
2013-07-06 11:42 - 2013-07-06 11:42 - 00002269 ____A C:\AdwCleaner[R1].txt
2013-07-06 08:13 - 2013-07-06 08:13 - 00016934 ____A C:\ComboFix.txt
2013-07-06 08:02 - 2013-07-06 08:02 - 00000000 RASHD C:\cmdcons
2013-07-06 07:34 - 2013-07-06 07:34 - 00000327 ____A C:\Boot.bak
2013-07-06 07:34 - 2004-08-03 23:00 - 00262448 _RASH C:\cmldr
2013-07-06 07:32 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-07-06 07:32 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-07-06 07:32 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-07-06 07:32 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-07-06 07:32 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-07-06 07:32 - 2000-08-31 02:00 - 00212480 ____A (SteelWerX) C:\Windows\SWXCACLS.exe
2013-07-06 07:32 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-07-06 07:32 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-07-06 07:32 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-07-06 07:29 - 2013-07-06 08:13 - 00000000 ____D C:\Qoobox
2013-07-06 07:29 - 2013-07-06 07:44 - 00000000 ____D C:\Windows\erdnt
2013-07-06 07:00 - 2013-07-06 07:00 - 00001086 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7a05bfb8e034.job
2013-07-05 11:29 - 2013-07-05 11:29 - 00000000 ____D C:\FRST
2013-07-03 07:08 - 2013-07-03 07:08 - 00007301 ____A C:\Windows\KB2510531-IE8.log
2013-07-03 07:08 - 2013-07-03 07:08 - 00000000 __HDC C:\Windows\$NtUninstallKB970430$
2013-07-03 07:08 - 2013-07-03 07:08 - 00000000 __HDC C:\Windows\$NtUninstallKB2345886$
2013-07-03 06:59 - 2013-07-03 07:08 - 00012768 ____A C:\Windows\KB2345886.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00028343 ____A C:\Windows\KB974318.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00028106 ____A C:\Windows\KB951978.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00027396 ____A C:\Windows\KB969059.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00026703 ____A C:\Windows\KB2443105.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB974318$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB969059$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB951978$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB2443105$
2013-06-30 09:47 - 2013-06-30 09:48 - 00027629 ____A C:\Windows\KB2481109.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00867240 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-06-30 09:47 - 2013-06-30 09:47 - 00263592 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00094632 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-30 09:47 - 2013-06-30 09:47 - 00027118 ____A C:\Windows\KB971657.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00027056 ____A C:\Windows\KB982132.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00026829 ____A C:\Windows\KB2440591.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB982132$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB971657$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB2481109$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB2440591$
2013-06-30 09:46 - 2013-06-30 09:47 - 00027423 ____A C:\Windows\KB978338.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00027137 ____A C:\Windows\KB2780091.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00027077 ____A C:\Windows\KB2507938.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB978338$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB974112$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB2507938$
2013-06-30 09:45 - 2013-06-30 09:46 - 00027196 ____A C:\Windows\KB974112.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00027722 ____A C:\Windows\KB2624667.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00027481 ____A C:\Windows\KB979687.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00026802 ____A C:\Windows\KB2483185.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00026382 ____A C:\Windows\KB2719985.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00025793 ____A C:\Windows\KB975025.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB979687$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB975025$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2719985$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2624667$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2483185$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2347290$
2013-06-30 09:44 - 2013-06-30 09:44 - 00026841 ____A C:\Windows\KB952004.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00025415 ____A C:\Windows\KB974571.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00025105 ____A C:\Windows\KB973507.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00024523 ____A C:\Windows\KB977816.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00023678 ____A C:\Windows\KB2839229.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB977816$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB975560$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB974571$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB973507$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB952004$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-06-30 09:43 - 2013-06-30 09:44 - 00024908 ____A C:\Windows\KB981322.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00025279 ____A C:\Windows\KB2419632.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00024542 ____A C:\Windows\KB2820917.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00023820 ____A C:\Windows\KB2757638.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00018613 ____A C:\Windows\KB2508429.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017979 ____A C:\Windows\KB2653956.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017634 ____A C:\Windows\KB974392.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017270 ____A C:\Windows\KB2749655.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB981322$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB974392$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2653956$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2508429$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2419632$
2013-06-30 09:42 - 2013-06-30 09:43 - 00016980 ____A C:\Windows\KB971029.log
2013-06-30 09:42 - 2013-06-30 09:42 - 00016695 ____A C:\Windows\KB2506212.log
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB977914$
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB971029$
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB2506212$
2013-06-30 09:41 - 2013-06-30 09:42 - 00017075 ____A C:\Windows\KB977914.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00016601 ____A C:\Windows\KB2705219-v2.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015833 ____A C:\Windows\KB2619339.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015097 ____A C:\Windows\KB2727528.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015023 ____A C:\Windows\KB978542.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB978542$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2705219-v2$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2619339$
2013-06-30 09:40 - 2013-07-03 07:08 - 00013067 ____A C:\Windows\updspapi.log
2013-06-30 09:40 - 2013-06-30 09:41 - 00015144 ____A C:\Windows\KB979482.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015991 ____A C:\Windows\KB2661254-v2.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015712 ____A C:\Windows\KB2813345.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015458 ____A C:\Windows\KB973815.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015408 ____A C:\Windows\KB956802.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015236 ____A C:\Windows\KB978706.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB979482$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB978706$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB973815$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB956802$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2509553$
2013-06-30 09:39 - 2013-07-06 08:44 - 00080879 ____A C:\Windows\setupapi.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00333867 ____A C:\Windows\FaxSetup.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00159624 ____A C:\Windows\ocgen.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00127388 ____A C:\Windows\tsoc.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00110969 ____A C:\Windows\comsetup.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00067158 ____A C:\Windows\ntdtcsetup.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00052777 ____A C:\Windows\iis6.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00018468 ____A C:\Windows\ocmsn.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00016686 ____A C:\Windows\msgsocm.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00001355 ____A C:\Windows\imsins.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00001355 ____A C:\Windows\imsins.BAK
2013-06-30 09:39 - 2013-06-30 09:40 - 00016081 ____A C:\Windows\KB2509553.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00015645 ____A C:\Windows\KB2676562.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00012979 ____A C:\Windows\KB982665.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00011379 ____A C:\Windows\KB2829361.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB982665$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2676562$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2478960$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 ____A C:\Windows\setupact.log
2013-06-30 09:24 - 2010-11-02 17:17 - 00040960 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ndproxy.sys
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB959426$
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB952954$
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB951376-v2$
2013-06-30 02:31 - 2013-06-30 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2467659$
2013-06-30 02:31 - 2013-05-08 00:28 - 00522240 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\jsdbgui.dll
2013-06-30 02:31 - 2011-08-16 12:45 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\iecompat.dll
2013-06-30 02:30 - 2013-06-30 02:33 - 00065536 ____A C:\Windows\System32\config\Internet.evt
2013-06-30 02:30 - 2013-06-30 02:30 - 00000000 ____D C:\Windows\ie8updates
2013-06-30 02:30 - 2013-05-08 00:28 - 11112960 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ieframe.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 02005504 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\iertutil.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00743424 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\iedvtool.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00630272 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msfeeds.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00247808 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ieproxy.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00055296 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msfeedsbs.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00012800 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\xpshims.dll
2013-06-30 02:29 - 2013-06-30 02:30 - 00000000 __HDC C:\Windows\ie8
2013-06-30 02:24 - 2013-06-02 17:21 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB946648$
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB2712808$
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB2387149$
2013-06-30 02:21 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB960859$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2659262$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2564958$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2544893-v2$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2536276-v2$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2479943$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2478971$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB975558_WM8$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB923723$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2691442$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2631813$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2585542$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2296011$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2115168$
2013-06-30 02:19 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB955759$
2013-06-30 02:19 - 2013-06-30 02:19 - 00006332 ____A C:\Windows\System32\TZLog.log
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB975713$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB950974$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2655992$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2485663$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2378111_WM9$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2229593$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB972270$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB956844$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB956572$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB954155_WM9$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB2686509$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB2598479$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB973869$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB941569$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2592799$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2535512$
2013-06-30 02:16 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB950762$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB978695_WM9$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB973904$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB952287$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2603381$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2570947$
2013-06-30 02:15 - 2013-06-30 02:15 - 00000000 __HDC C:\Windows\$NtUninstallKB973540_WM9$
2013-06-30 02:15 - 2013-06-30 02:15 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB981997$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB979309$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB952069_WM9$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2723135-v2$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2698365$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2618451$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB923561$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2620712$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2393802$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB975467$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2661637$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2584146$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2566454$
2013-06-30 02:11 - 2013-06-30 02:11 - 00000000 __HDC C:\Windows\$NtUninstallKB968389$
2013-06-30 02:11 - 2013-06-30 02:11 - 00000000 __HDC C:\Windows\$NtUninstallKB2423089$
2013-06-30 02:10 - 2013-06-30 02:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2360937$
2013-06-30 02:01 - 2008-06-14 19:32 - 00273024 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\bthport.sys
2013-06-30 01:59 - 2011-02-08 15:33 - 00978944 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mfc42.dll
2013-06-30 01:59 - 2010-09-18 08:52 - 00953856 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mfc40u.dll
2013-06-30 01:58 - 2011-07-15 15:29 - 00456320 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mrxsmb.sys
2013-06-30 01:58 - 2010-08-23 18:11 - 00617472 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\comctl32.dll
2013-06-30 01:57 - 2009-11-21 17:54 - 00471552 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\aclayers.dll
2013-06-30 01:51 - 2010-06-14 16:31 - 00744448 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\helpsvc.exe
2013-06-30 01:50 - 2010-08-27 10:01 - 00119808 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\t2embed.dll
2013-06-30 01:50 - 2009-10-15 18:28 - 00081920 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\fontsub.dll
2013-06-30 01:49 - 2012-12-16 14:23 - 00290560 ____N (Adobe Systems Incorporated) C:\Windows\System32\dllcache\atmfd.dll
2013-06-30 01:49 - 2009-06-21 23:45 - 00153088 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\triedit.dll
2013-06-30 01:49 - 2009-03-06 16:19 - 00286720 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\pdh.dll
2013-06-30 01:49 - 2009-02-09 13:21 - 00111104 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\services.exe
2013-06-30 01:49 - 2009-02-09 12:51 - 00678400 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\advapi32.dll
2013-06-30 01:49 - 2009-02-09 12:51 - 00473600 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\fastprox.dll
2013-06-30 01:49 - 2009-02-09 12:51 - 00453120 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\wmiprvsd.dll
2013-06-30 01:49 - 2009-02-09 12:51 - 00401408 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\rpcss.dll
2013-06-30 01:49 - 2009-02-06 12:10 - 00227840 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\wmiprvse.exe
2013-06-30 01:48 - 2013-02-12 02:32 - 00012928 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\usb8023x.sys
2013-06-30 01:48 - 2013-02-12 02:32 - 00012928 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\usb8023.sys
2013-06-30 01:48 - 2011-08-17 15:49 - 00138496 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\afd.sys
2013-06-30 01:48 - 2011-04-21 15:37 - 00105472 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mup.sys
2013-06-30 01:48 - 2009-07-28 00:24 - 00128512 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\dhtmled.ocx
2013-06-30 01:48 - 2008-05-08 16:02 - 00203136 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\rmcast.sys
2013-06-30 01:47 - 2013-06-30 01:58 - 00044240 ____A C:\Windows\System32\Drivers\fsbts.sys
2013-06-30 01:47 - 2008-05-01 16:34 - 00331776 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msadce.dll
2013-06-30 01:46 - 2013-06-30 01:46 - 00019406 ____A C:\Windows\prodsett_copy.ini
2013-06-30 01:45 - 2010-02-12 12:03 - 00293376 ____N (Microsoft Corporation) C:\Windows\System32\browserchoice.exe
2013-06-30 01:44 - 2012-05-28 20:16 - 00536576 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msado15.dll
2013-06-30 01:43 - 2012-07-04 16:05 - 00139784 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\rdpwd.sys
2013-06-30 01:43 - 2010-06-18 15:36 - 03558912 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\moviemk.exe
2013-06-30 01:40 - 2013-05-03 07:39 - 02195840 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntoskrnl.exe
2013-06-30 01:40 - 2013-05-03 07:39 - 02152448 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrnlmp.exe
2013-06-30 01:40 - 2013-05-03 07:39 - 02072448 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrnlpa.exe
2013-06-30 01:40 - 2013-05-03 07:39 - 02031104 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrpamp.exe
2013-06-30 01:40 - 2011-07-08 16:02 - 00010496 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ndistapi.sys
2013-06-30 01:40 - 2010-12-09 17:15 - 00743936 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntdll.dll
2013-06-30 01:40 - 2010-07-16 14:01 - 00220160 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\wordpad.exe
2013-06-30 01:40 - 2009-11-21 17:54 - 01206508 ____N C:\Windows\System32\dllcache\sysmain.sdb
2013-06-30 01:39 - 2012-01-11 21:06 - 00003072 ____N C:\Windows\System32\iacenc.dll
2013-06-30 01:39 - 2012-01-11 21:06 - 00003072 ____N C:\Windows\System32\dllcache\iacenc.dll
2013-06-30 01:39 - 2010-10-11 16:59 - 00045568 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\wab.exe
2013-06-30 01:39 - 2010-08-16 10:44 - 00590848 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\rpcrt4.dll
2013-06-30 01:25 - 2013-06-30 01:25 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-06-30 01:25 - 2004-08-04 14:00 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\wmpns.dll
2013-06-30 01:19 - 2013-06-30 09:16 - 00000000 ____D C:\Windows\System32\de-de
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\de
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\bits
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\l2schemas
2013-06-30 01:19 - 2012-11-10 02:39 - 00046080 ____N (Microsoft Corporation) C:\Windows\System32\tzchange.exe
2013-06-30 01:19 - 2012-11-06 04:01 - 01371648 ____N (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-06-30 01:19 - 2012-11-06 04:01 - 01371648 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msxml6.dll
2013-06-30 01:19 - 2009-01-07 18:21 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2013-06-30 01:19 - 2008-04-14 07:53 - 00032866 ____N (Smart Link) C:\Windows\slrundll.exe
2013-06-30 01:19 - 2008-04-14 07:53 - 00032768 ____N (Microsoft Corporation) C:\Windows\System32\setupn.exe
2013-06-30 01:19 - 2008-04-14 07:53 - 00028672 ____N (Microsoft Corporation) C:\Windows\System32\vidcap.ax
2013-06-30 01:19 - 2008-04-14 07:53 - 00028672 ____N (Microsoft Corporation) C:\Windows\System32\verclsid.exe
2013-06-30 01:19 - 2008-04-14 07:53 - 00023040 ____N (ATI Technologies Inc.) C:\Windows\System32\ativmvxx.ax
2013-06-30 01:19 - 2008-04-14 07:53 - 00009728 ____N (ATI Technologies Inc.) C:\Windows\System32\ativdaxx.ax
2013-06-30 01:19 - 2008-04-14 07:52 - 04274816 ____N (NVIDIA Corporation) C:\Windows\System32\nv4_disp.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 01737856 ____N (Matrox Graphics Inc.) C:\Windows\System32\mtxparhd.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00870784 ____N (ATI Technologies Inc. ) C:\Windows\System32\ati3d1ag.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00712704 ____N (Microsoft Corporation) C:\Windows\System32\windowscodecs.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00651264 ____N (Microsoft Corporation) C:\Windows\System32\dot3ui.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00412160 ____N (Microsoft Corporation) C:\Windows\System32\photometadatahandler.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00397312 ____N (Microsoft Corporation) C:\Windows\System32\mmcex.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00397056 ____N (S3 Graphics, Inc.) C:\Windows\System32\s3gnb.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00377984 ____N (ATI Technologies Inc.) C:\Windows\System32\ati2dvaa.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00346112 ____N (Microsoft Corporation) C:\Windows\System32\windowscodecsext.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00294400 ____N (Microsoft Corporation) C:\Windows\System32\qagentrt.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00290304 ____N (Microsoft Corporation) C:\Windows\System32\rhttpaa.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00276992 ____N (Microsoft Corporation) C:\Windows\System32\wmphoto.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00233472 ____N (Microsoft Corporation) C:\Windows\System32\azroles.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00198656 ____N (Microsoft Corporation) C:\Windows\System32\napmontr.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00184832 ____N (Microsoft Corporation) C:\Windows\System32\eapp3hst.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00184320 ____N (Microsoft Corporation) C:\Windows\System32\microsoft.managementconsole.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00182272 ____N (Microsoft Corporation) C:\Windows\System32\eapphost.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00177664 ____N (Microsoft Corporation) C:\Windows\System32\napstat.exe
2013-06-30 01:19 - 2008-04-14 07:52 - 00155136 ____N (Microsoft Corporation) C:\Windows\System32\mssha.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00151040 ____N (Microsoft Corporation) C:\Windows\System32\qagent.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00145408 ____N (Microsoft Corporation) C:\Windows\System32\onex.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00136192 ____N (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00133120 ____N (Microsoft Corporation) C:\Windows\System32\dot3svc.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00126976 ____N (Microsoft Corporation) C:\Windows\System32\eappcfg.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00106496 ____N (Microsoft Corporation) C:\Windows\System32\mmcfxcommon.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00095232 ____N (Microsoft Corporation) C:\Windows\System32\eappgnui.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00086016 ____N (Conexant) C:\Windows\System32\mdmxsdk.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00076800 ____N (Microsoft Corporation) C:\Windows\System32\qutil.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00069120 ____N (Microsoft Corporation) C:\Windows\System32\wlanapi.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00062976 ____N (Microsoft Corporation) C:\Windows\System32\dot3cfg.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00062464 ____N (Microsoft Corporation) C:\Windows\System32\qcliprov.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00061952 ____N (Microsoft Corporation) C:\Windows\System32\rasqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00061440 ____N (Microsoft Corporation) C:\Windows\System32\kmsvc.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00059392 ____N (Microsoft Corporation) C:\Windows\System32\eapqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00056832 ____N (Microsoft Corporation) C:\Windows\System32\dot3msm.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00053248 ____N (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00050688 ____N (Microsoft Corporation) C:\Windows\System32\tspkg.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00048640 ____N (Microsoft Corporation) C:\Windows\System32\dhcpqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00040960 ____N (Microsoft Corporation) C:\Windows\System32\eappprxy.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00039936 ____N (Microsoft Corporation) C:\Windows\System32\dot3gpclnt.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00039936 ____N (Microsoft Corporation) C:\Windows\System32\dimsroam.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00037376 ____N (Microsoft Corporation) C:\Windows\System32\l2gpstore.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00033792 ____N (Microsoft Corporation) C:\Windows\System32\mmcperf.exe
2013-06-30 01:19 - 2008-04-14 07:52 - 00033792 ____N (Microsoft Corporation) C:\Windows\System32\eapsvc.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00032768 ____N (ATI Technologies Inc.) C:\Windows\System32\ativtmxx.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00032285 ____N (Conexant Systems, Inc.) C:\Windows\System32\hsfcisp2.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00030720 ____N (Microsoft Corporation) C:\Windows\System32\eapolqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00030208 ____N (Microsoft Corporation) C:\Windows\System32\napipsec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00026112 ____N (Microsoft Corporation) C:\Windows\System32\dot3api.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00019456 ____N (Microsoft Corporation) C:\Windows\System32\dimsntfy.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00012800 ____N (Microsoft Corporation) C:\Windows\System32\credssp.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00009216 ____N (Microsoft Corporation) C:\Windows\System32\dot3dlg.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00007168 ____N (Microsoft Corporation) C:\Windows\System32\bitsprx4.dll
2013-06-30 01:19 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdpash.dll
2013-06-30 01:19 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdnepr.dll
2013-06-30 01:19 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdiultn.dll
2013-06-30 01:19 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdbhc.dll
2013-06-30 01:19 - 2008-04-14 07:27 - 00093184 ____N (Microsoft Corporation) C:\Windows\System32\msxml6r.dll
2013-06-30 01:19 - 2008-04-14 07:27 - 00093184 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msxml6r.dll
2013-06-30 01:19 - 2008-04-14 07:26 - 00081408 ____N (Microsoft Corporation) C:\Windows\System32\msshavmsg.dll
2013-06-30 01:16 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\ServicePackFiles
2013-06-30 01:14 - 2013-02-12 02:32 - 00012928 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023x.sys
2013-06-30 01:14 - 2008-06-14 19:32 - 00273024 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2013-06-30 01:14 - 2008-04-14 07:52 - 00025471 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv04nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00021183 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv01nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00017279 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv10nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00015423 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\ch7xxnt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00014143 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv06nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00011359 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv02nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00011325 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\vchnt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00004255 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv01nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003967 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv02nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003901 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\siint5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003775 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv11nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003711 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv09nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003647 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv07nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003615 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv05nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003135 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv08nt5.dll
2013-06-30 01:14 - 2008-04-14 07:24 - 00025856 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2013-06-30 01:14 - 2008-04-14 07:21 - 00327168 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtaa.sys
2013-06-30 01:14 - 2008-04-14 00:26 - 00030592 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\rndismpx.sys
2013-06-30 01:14 - 2008-04-14 00:21 - 00101120 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthpan.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00121984 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00059136 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00037888 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00036480 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthprint.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00018944 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthusb.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00017024 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2013-06-30 01:14 - 2008-04-14 00:15 - 00019200 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys
2013-06-30 01:14 - 2008-04-14 00:13 - 00014208 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys
2013-06-30 01:14 - 2008-04-14 00:13 - 00012672 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\mutohpen.sys
2013-06-30 01:14 - 2008-04-14 00:10 - 00010240 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_mmc.sys
2013-06-30 01:14 - 2008-04-14 00:06 - 00046464 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\gagp30kx.sys
2013-06-30 01:14 - 2008-04-14 00:06 - 00044672 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\uagp35.sys
2013-06-30 01:14 - 2008-04-14 00:06 - 00005888 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\smbali.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 01041536 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfdpsp2.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 00685056 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfcxts2.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 00220032 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfbs2s2.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 00129535 ____N (Smart Link) C:\Windows\System32\Drivers\slnt7554.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 00011868 ____N (Conexant) C:\Windows\System32\Drivers\mdmxsdk.sys
2013-06-30 01:14 - 2008-04-13 22:06 - 00144384 ____N (Windows (R) Server 2003 DDK provider) C:\Windows\System32\Drivers\hdaudbus.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 01897408 ____N (NVIDIA Corporation) C:\Windows\System32\Drivers\nv4_mini.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00452736 ____N (Matrox Graphics Inc.) C:\Windows\System32\Drivers\mtxparhm.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00166912 ____N (S3 Graphics, Inc.) C:\Windows\System32\Drivers\s3gnbm.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00104960 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinrvxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00073216 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atintuxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00063663 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1rvxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00063488 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxsxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00057856 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinbtxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00056623 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1btxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00052224 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinraxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00036463 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1tuxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00034735 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xsxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00031744 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxbxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00030671 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1raxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00029455 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xbxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00028672 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinsnxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00026367 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1snxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00025471 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\watv10nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00022271 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\watv06nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00021343 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1ttxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00014336 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinpdxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinttxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinmdxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00012047 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1pdxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011935 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv11nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011871 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv09nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011807 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv07nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011615 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1mdxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011295 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv08nt.sys
2013-06-30 01:14 - 2007-04-02 21:36 - 00129045 ____N C:\Windows\System32\Drivers\cxthsfs2.cty
2013-06-30 01:14 - 2006-12-29 20:21 - 00064352 ____N C:\Windows\System32\Drivers\ativmc20.cod
2013-06-30 01:14 - 2006-12-29 20:02 - 00067866 ____N C:\Windows\System32\Drivers\netwlan5.img
2013-06-30 01:11 - 2006-12-29 00:31 - 00019569 ____A C:\Windows\002643_.tmp
2013-06-30 01:09 - 2013-06-30 01:11 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-06-29 19:09 - 2013-06-29 19:09 - 00000000 ___HD C:\Windows\PIF
==================== One Month Modified Files and Folders ========
2013-07-06 11:49 - 2013-07-06 11:49 - 00000000 ____D C:\Windows\ERUNT
2013-07-06 11:49 - 2013-07-06 11:49 - 00000000 ____D C:\JRT
2013-07-06 11:46 - 2005-02-01 11:53 - 01861092 ____A C:\Windows\WindowsUpdate.log
2013-07-06 11:45 - 2006-07-08 09:46 - 00000660 ____A C:\Windows\ULEAD32.INI
2013-07-06 11:45 - 2005-02-01 11:50 - 00000159 ____A C:\Windows\wiadebug.log
2013-07-06 11:45 - 2005-02-01 11:50 - 00000050 ____A C:\Windows\wiaservc.log
2013-07-06 11:43 - 2013-07-06 11:42 - 00002452 ____A C:\AdwCleaner[S1].txt
2013-07-06 11:43 - 2005-10-25 14:25 - 00000000 ___RD C:\Programme
2013-07-06 11:42 - 2013-07-06 11:42 - 00002269 ____A C:\AdwCleaner[R1].txt
2013-07-06 08:44 - 2013-06-30 09:39 - 00080879 ____A C:\Windows\setupapi.log
2013-07-06 08:44 - 2005-01-18 21:17 - 00000617 ____A C:\Windows\win.ini
2013-07-06 08:43 - 2007-07-08 10:56 - 00000004 ____A C:\Windows\msoffice.ini
2013-07-06 08:13 - 2013-07-06 08:13 - 00016934 ____A C:\ComboFix.txt
2013-07-06 08:13 - 2013-07-06 07:29 - 00000000 ____D C:\Qoobox
2013-07-06 08:11 - 2005-01-18 21:17 - 00000435 ____A C:\Windows\system.ini
2013-07-06 08:02 - 2013-07-06 08:02 - 00000000 RASHD C:\cmdcons
2013-07-06 08:02 - 2005-01-18 21:17 - 00000327 _RASH C:\boot.ini
2013-07-06 07:44 - 2013-07-06 07:29 - 00000000 ____D C:\Windows\erdnt
2013-07-06 07:34 - 2013-07-06 07:34 - 00000327 ____A C:\Boot.bak
2013-07-06 07:00 - 2013-07-06 07:00 - 00001086 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7a05bfb8e034.job
2013-07-05 11:29 - 2013-07-05 11:29 - 00000000 ____D C:\FRST
2013-07-04 17:54 - 2006-05-26 16:27 - 00000116 ____A C:\Windows\NeroDigital.ini
2013-07-04 17:18 - 2012-04-14 17:01 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-07-04 17:18 - 2012-04-14 17:01 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-04 17:18 - 2011-08-21 09:33 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-07-04 17:09 - 2005-01-18 21:17 - 00012598 ____A C:\Windows\System32\wpa.dbl
2013-07-03 07:08 - 2013-07-03 07:08 - 00007301 ____A C:\Windows\KB2510531-IE8.log
2013-07-03 07:08 - 2013-07-03 07:08 - 00000000 __HDC C:\Windows\$NtUninstallKB970430$
2013-07-03 07:08 - 2013-07-03 07:08 - 00000000 __HDC C:\Windows\$NtUninstallKB2345886$
2013-07-03 07:08 - 2013-07-03 06:59 - 00012768 ____A C:\Windows\KB2345886.log
2013-07-03 07:08 - 2013-06-30 09:40 - 00013067 ____A C:\Windows\updspapi.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00333867 ____A C:\Windows\FaxSetup.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00159624 ____A C:\Windows\ocgen.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00127388 ____A C:\Windows\tsoc.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00110969 ____A C:\Windows\comsetup.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00067158 ____A C:\Windows\ntdtcsetup.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00052777 ____A C:\Windows\iis6.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00018468 ____A C:\Windows\ocmsn.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00016686 ____A C:\Windows\msgsocm.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00001355 ____A C:\Windows\imsins.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00001355 ____A C:\Windows\imsins.BAK
2013-07-03 07:08 - 2005-10-25 14:25 - 00000000 ___HD C:\Windows\$hf_mig$
2013-06-30 10:07 - 2005-02-01 11:47 - 00196160 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-30 09:48 - 2013-06-30 09:48 - 00028343 ____A C:\Windows\KB974318.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00028106 ____A C:\Windows\KB951978.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00027396 ____A C:\Windows\KB969059.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00026703 ____A C:\Windows\KB2443105.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB974318$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB969059$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB951978$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB2443105$
2013-06-30 09:48 - 2013-06-30 09:47 - 00027629 ____A C:\Windows\KB2481109.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00867240 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-06-30 09:47 - 2013-06-30 09:47 - 00263592 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00094632 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-30 09:47 - 2013-06-30 09:47 - 00027118 ____A C:\Windows\KB971657.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00027056 ____A C:\Windows\KB982132.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00026829 ____A C:\Windows\KB2440591.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB982132$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB971657$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB2481109$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB2440591$
2013-06-30 09:47 - 2013-06-30 09:46 - 00027423 ____A C:\Windows\KB978338.log
2013-06-30 09:47 - 2011-06-26 10:01 - 00789416 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-06-30 09:47 - 2011-06-26 10:01 - 00144896 ____A (Oracle Corporation) C:\Windows\System32\javacpl.cpl
2013-06-30 09:47 - 2005-02-01 11:48 - 00897778 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-30 09:46 - 2013-06-30 09:46 - 00027137 ____A C:\Windows\KB2780091.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00027077 ____A C:\Windows\KB2507938.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB978338$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB974112$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB2507938$
2013-06-30 09:46 - 2013-06-30 09:45 - 00027196 ____A C:\Windows\KB974112.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00027722 ____A C:\Windows\KB2624667.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00027481 ____A C:\Windows\KB979687.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00026802 ____A C:\Windows\KB2483185.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00026382 ____A C:\Windows\KB2719985.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00025793 ____A C:\Windows\KB975025.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB979687$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB975025$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2719985$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2624667$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2483185$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2347290$
2013-06-30 09:44 - 2013-06-30 09:44 - 00026841 ____A C:\Windows\KB952004.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00025415 ____A C:\Windows\KB974571.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00025105 ____A C:\Windows\KB973507.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00024523 ____A C:\Windows\KB977816.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00023678 ____A C:\Windows\KB2839229.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB977816$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB975560$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB974571$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB973507$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB952004$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-06-30 09:44 - 2013-06-30 09:43 - 00024908 ____A C:\Windows\KB981322.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00025279 ____A C:\Windows\KB2419632.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00024542 ____A C:\Windows\KB2820917.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00023820 ____A C:\Windows\KB2757638.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00018613 ____A C:\Windows\KB2508429.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017979 ____A C:\Windows\KB2653956.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017634 ____A C:\Windows\KB974392.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017270 ____A C:\Windows\KB2749655.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB981322$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB974392$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2653956$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2508429$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2419632$
2013-06-30 09:43 - 2013-06-30 09:42 - 00016980 ____A C:\Windows\KB971029.log
2013-06-30 09:42 - 2013-06-30 09:42 - 00016695 ____A C:\Windows\KB2506212.log
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB977914$
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB971029$
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB2506212$
2013-06-30 09:42 - 2013-06-30 09:41 - 00017075 ____A C:\Windows\KB977914.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00016601 ____A C:\Windows\KB2705219-v2.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015833 ____A C:\Windows\KB2619339.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015097 ____A C:\Windows\KB2727528.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015023 ____A C:\Windows\KB978542.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB978542$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2705219-v2$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2619339$
2013-06-30 09:41 - 2013-06-30 09:40 - 00015144 ____A C:\Windows\KB979482.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015991 ____A C:\Windows\KB2661254-v2.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015712 ____A C:\Windows\KB2813345.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015458 ____A C:\Windows\KB973815.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015408 ____A C:\Windows\KB956802.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015236 ____A C:\Windows\KB978706.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB979482$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB978706$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB973815$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB956802$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2509553$
2013-06-30 09:40 - 2013-06-30 09:39 - 00016081 ____A C:\Windows\KB2509553.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00015645 ____A C:\Windows\KB2676562.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00012979 ____A C:\Windows\KB982665.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00011379 ____A C:\Windows\KB2829361.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB982665$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2676562$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2478960$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 ____A C:\Windows\setupact.log
2013-06-30 09:33 - 2012-01-10 15:05 - 00000000 ____D C:\Windows\Minidump
2013-06-30 09:16 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\de-de
2013-06-30 09:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\Help
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB959426$
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB952954$
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB951376-v2$
2013-06-30 02:33 - 2013-06-30 02:30 - 00065536 ____A C:\Windows\System32\config\Internet.evt
2013-06-30 02:31 - 2013-06-30 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2467659$
2013-06-30 02:30 - 2013-06-30 02:30 - 00000000 ____D C:\Windows\ie8updates
2013-06-30 02:30 - 2013-06-30 02:29 - 00000000 __HDC C:\Windows\ie8
2013-06-30 02:30 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\Media
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB946648$
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB2712808$
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB2387149$
2013-06-30 02:22 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB960859$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2659262$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2564958$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2544893-v2$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2536276-v2$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2479943$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2478971$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB975558_WM8$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB923723$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2691442$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2631813$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2585542$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2296011$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2115168$
2013-06-30 02:20 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB955759$
2013-06-30 02:19 - 2013-06-30 02:19 - 00006332 ____A C:\Windows\System32\TZLog.log
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB975713$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB950974$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2655992$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2485663$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2378111_WM9$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2229593$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB972270$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB956844$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB956572$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB954155_WM9$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB2686509$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB2598479$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB973869$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB941569$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2592799$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2535512$
2013-06-30 02:17 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB950762$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB978695_WM9$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB973904$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB952287$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2603381$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2570947$
2013-06-30 02:15 - 2013-06-30 02:15 - 00000000 __HDC C:\Windows\$NtUninstallKB973540_WM9$
2013-06-30 02:15 - 2013-06-30 02:15 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB981997$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB979309$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB952069_WM9$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2723135-v2$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2698365$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2618451$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB923561$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2620712$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2393802$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB975467$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2661637$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2584146$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2566454$
2013-06-30 02:11 - 2013-06-30 02:11 - 00000000 __HDC C:\Windows\$NtUninstallKB968389$
2013-06-30 02:11 - 2013-06-30 02:11 - 00000000 __HDC C:\Windows\$NtUninstallKB2423089$
2013-06-30 02:10 - 2013-06-30 02:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2360937$
2013-06-30 01:58 - 2013-06-30 01:47 - 00044240 ____A C:\Windows\System32\Drivers\fsbts.sys
2013-06-30 01:46 - 2013-06-30 01:46 - 00019406 ____A C:\Windows\prodsett_copy.ini
2013-06-30 01:25 - 2013-06-30 01:25 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-06-30 01:25 - 2005-01-18 21:30 - 00316640 ____A C:\Windows\WMSysPr9.prx
2013-06-30 01:23 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\security
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\de
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\bits
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\l2schemas
2013-06-30 01:19 - 2013-06-30 01:16 - 00000000 ____D C:\Windows\ServicePackFiles
2013-06-30 01:19 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\System32\usmt
2013-06-30 01:19 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\PeerNet
2013-06-30 01:19 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\ime
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\System32\Restore
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\System32\npp
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\System32\Com
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\system
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\srchasst
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\msagent
2013-06-30 01:13 - 2005-01-18 21:17 - 00251712 _RASH C:\ntldr
2013-06-30 01:11 - 2013-06-30 01:09 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-06-30 01:11 - 2005-10-25 12:09 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2013-06-29 19:09 - 2013-06-29 19:09 - 00000000 ___HD C:\Windows\PIF
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2005-01-18 21:17] - [2008-04-14 07:52] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2005-01-18 21:17] - [2008-04-14 07:53] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2005-01-18 21:17] - [2008-04-14 07:53] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2005-01-18 21:17] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc
C:\Windows\System32\User32.dll
[2005-01-18 21:17] - [2008-04-14 07:52] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2005-01-18 21:17] - [2008-04-14 07:53] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2005-01-18 21:17] - [2008-04-14 07:22] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
--- --- --- |
|
06.07.2013, 10:56
| #8 |
| | Wie bekomme ich "dirtydecrypt.exe" wieder los? und FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2013
Ran by Champ (administrator) on 06-07-2013 11:53:21
Running from C:\Dokumente und Einstellungen\Champ\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(AVM Berlin) C:\Programme\avmwlanstick\WlanNetService.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(F-Secure Corporation) C:\Programme\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Programme\F-Secure\apps\CCF_Reputation\fsorsp.exe
(F-Secure Corporation) C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Google Inc.) C:\Programme\Google\Update\GoogleUpdate.exe
(Smart Link) C:\WINDOWS\system32\slserv.exe
(InstallShield Software Corporation) C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
(ATI Technologies, Inc.) C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(shbox) C:\Programme\FreePDF\FreePDFA.exe
(NewSoft Technology Corporation) C:\Programme\NewSoft\Smart Start UP\PnPDetect.exe
(AVM Berlin) C:\Programme\avmwlanstick\wlangui.exe
(F-Secure Corporation) C:\Programme\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Nero AG) C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe
(Google Inc.) C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(F-Secure Corporation) C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(F-Secure Corporation) C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [221184 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start [81920 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe [339968 2005-02-22] (ATI Technologies, Inc.)
HKLM\...\Run: [SoundMan] SOUNDMAN.EXE [x]
HKLM\...\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [PE2CKFNT SE] C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe [25088 1998-07-03] ()
HKLM\...\Run: [FreePDFAssistent] C:\Programme\FreePDF\FreePDFA.exe [150528 2003-12-24] (shbox)
HKLM\...\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe [35328 2007-02-13] ()
HKLM\...\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER [26112 2005-01-18] (RealNetworks, Inc.)
HKLM\...\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe [x]
HKLM\...\Run: [Smart Start UP] C:\Programme\NewSoft\Smart Start UP\PnPDetect.exe /Automation [104528 2007-04-27] (NewSoft Technology Corporation)
HKLM\...\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime [155648 2009-06-24] (Apple Computer, Inc.)
HKLM\...\Run: [AVMWlanClient] C:\Programme\avmwlanstick\wlangui.exe [1794048 2008-09-05] (AVM Berlin)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [39792 2008-10-15] (Adobe Systems Incorporated)
HKLM\...\Run: [F-Secure Hoster (666)] "C:\Programme\F-Secure\fshoster32.exe" -app -hosterid:1 [188400 2013-01-18] (F-Secure Corporation)
HKLM\...\Run: [F-Secure Manager] "C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" /splash [311432 2013-01-03] (F-Secure Corporation)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe" [94208 2005-10-28] (Nero AG)
HKCU\...\Run: [DirtyDecrypt] "\\?\C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Dirty\DirtyDecrypt.exe" /hide [x]
HKCU\...\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-12-26] (Google Inc.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Sign In
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Programme\Xi\NetXfer\NXToolBar.dll (Xi)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU -EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Firefox\Profiles\8ovd1kw1.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: TVU Web Player - C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Firefox\Profiles\8ovd1kw1.default\Extensions\firefox@tvunetworks.com
========================== Services (Whitelisted) =================
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [516096 2005-02-22] ()
R2 AVM WLAN Connection Service; C:\Programme\avmwlanstick\WlanNetService.exe [364544 2008-09-05] (AVM Berlin)
R2 fshoster; C:\Programme\F-Secure\fshoster32.exe [188400 2013-01-18] (F-Secure Corporation)
R3 FSMA; C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [209032 2013-01-03] (F-Secure Corporation)
R2 FSORSPClient; C:\Programme\F-Secure\apps\CCF_Reputation\fsorsp.exe [60352 2013-06-30] (F-Secure Corporation)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-12-26] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-12-26] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2012-09-26] (Google)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [115608 2013-05-09] (Mozilla Foundation)
S3 PsShutdownSvc; C:\Windows\System32\PSSDNSVC.EXE [65536 2005-01-18] (Systems Internals)
R2 SLService; C:\Windows\System32\slserv.exe [73796 2008-04-14] (Smart Link)
S3 WmcCds; c:\programme\windows media connect\mswmccds.exe [483328 2004-08-11] (Microsoft Corporation)
S3 WmcCdsLs; C:\Programme\Windows Media Connect\mswmcls.exe [28160 2004-08-10] (Microsoft Corporation)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre7\bin\jqs.exe" -service -config "C:\Programme\Java\jre7\lib\deploy\jqs\jqs.conf" [x]
==================== Drivers (Whitelisted) ====================
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [2314560 2005-03-25] (Realtek Semiconductor Corp.)
R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [43008 2005-03-09] (Advanced Micro Devices)
R2 ASCTRM; C:\Windows\System32\Drivers\ASCTRM.sys [8552 2005-01-18] (Windows (R) 2000 DDK provider)
R3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [986624 2005-02-23] (ATI Technologies Inc.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2008-09-05] (AVM Berlin)
R1 Cinemsup; C:\Windows\System32\Drivers\Cinemsup.sys [6656 2003-12-19] (Sonic Solutions)
R2 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [8064 2006-04-22] (Elaborate Bytes AG)
R3 ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [4608 2005-04-12] (Elaborate Bytes AG)
R3 F-Secure Gatekeeper; C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [145856 2013-06-30] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Programme\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [73248 2013-06-30] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [44240 2013-06-30] ()
R3 fsni; C:\Programme\F-Secure\apps\CCF_Scanning\fsnixp32.sys [50112 2013-04-25] (F-Secure Corporation)
R3 fsnitdi; C:\Programme\F-Secure\apps\CCF_Scanning\fsnitdi32.sys [21952 2013-04-25] (F-Secure Corporation)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2008-09-05] (AVM GmbH)
S3 Mtlmnt5; C:\Windows\System32\DRIVERS\Mtlmnt5.sys [126686 2004-08-03] (Smart Link)
S3 Mtlstrm; C:\Windows\System32\DRIVERS\Mtlstrm.sys [1309184 2004-08-03] (Smart Link)
S3 NtMtlFax; C:\Windows\System32\DRIVERS\NtMtlFax.sys [180360 2004-08-03] (Smart Link)
R0 RecAgent; C:\Windows\System32\DRIVERS\RecAgent.sys [13776 2004-08-03] (Smart Link)
R3 RTL8023; C:\Windows\System32\DRIVERS\Rtlnic51.sys [69504 2003-12-31] (Realtek Semiconductor Corporation )
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 S6U12BScanner; C:\Windows\System32\drivers\usbscan.sys [15104 2008-04-14] (Microsoft Corporation)
S3 Slntamr; C:\Windows\System32\DRIVERS\slntamr.sys [404990 2004-08-03] (Smart Link)
S3 SlNtHal; C:\Windows\System32\DRIVERS\Slnthal.sys [95424 2004-08-03] (Smart Link)
S3 SlWdmSup; C:\Windows\System32\DRIVERS\SlWdmSup.sys [13240 2004-08-03] (Smart Link)
S3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S3 catchme; \??\C:\DOKUME~1\Champ\LOKALE~1\Temp\catchme.sys [x]
S4 InCDFs; system32\drivers\InCDFs.sys [x]
S1 InCDPass; system32\drivers\InCDPass.sys [x]
S1 InCDRm; system32\drivers\InCDRm.sys [x]
U3 TlntSvr;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-06 11:49 - 2013-07-06 11:49 - 00000000 ____D C:\Windows\ERUNT
2013-07-06 11:49 - 2013-07-06 11:49 - 00000000 ____D C:\JRT
2013-07-06 11:42 - 2013-07-06 11:43 - 00002452 ____A C:\AdwCleaner[S1].txt
2013-07-06 11:42 - 2013-07-06 11:42 - 00002269 ____A C:\AdwCleaner[R1].txt
2013-07-06 08:13 - 2013-07-06 08:13 - 00016934 ____A C:\ComboFix.txt
2013-07-06 08:02 - 2013-07-06 08:02 - 00000000 RASHD C:\cmdcons
2013-07-06 07:34 - 2013-07-06 07:34 - 00000327 ____A C:\Boot.bak
2013-07-06 07:34 - 2004-08-03 23:00 - 00262448 _RASH C:\cmldr
2013-07-06 07:32 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-07-06 07:32 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-07-06 07:32 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-07-06 07:32 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-07-06 07:32 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-07-06 07:32 - 2000-08-31 02:00 - 00212480 ____A (SteelWerX) C:\Windows\SWXCACLS.exe
2013-07-06 07:32 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-07-06 07:32 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-07-06 07:32 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-07-06 07:29 - 2013-07-06 08:13 - 00000000 ____D C:\Qoobox
2013-07-06 07:29 - 2013-07-06 07:44 - 00000000 ____D C:\Windows\erdnt
2013-07-06 07:00 - 2013-07-06 07:00 - 00001086 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7a05bfb8e034.job
2013-07-05 11:29 - 2013-07-05 11:29 - 00000000 ____D C:\FRST
2013-07-03 07:08 - 2013-07-03 07:08 - 00007301 ____A C:\Windows\KB2510531-IE8.log
2013-07-03 07:08 - 2013-07-03 07:08 - 00000000 __HDC C:\Windows\$NtUninstallKB970430$
2013-07-03 07:08 - 2013-07-03 07:08 - 00000000 __HDC C:\Windows\$NtUninstallKB2345886$
2013-07-03 06:59 - 2013-07-03 07:08 - 00012768 ____A C:\Windows\KB2345886.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00028343 ____A C:\Windows\KB974318.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00028106 ____A C:\Windows\KB951978.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00027396 ____A C:\Windows\KB969059.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00026703 ____A C:\Windows\KB2443105.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB974318$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB969059$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB951978$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB2443105$
2013-06-30 09:47 - 2013-06-30 09:48 - 00027629 ____A C:\Windows\KB2481109.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00867240 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-06-30 09:47 - 2013-06-30 09:47 - 00263592 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00094632 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-30 09:47 - 2013-06-30 09:47 - 00027118 ____A C:\Windows\KB971657.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00027056 ____A C:\Windows\KB982132.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00026829 ____A C:\Windows\KB2440591.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB982132$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB971657$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB2481109$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB2440591$
2013-06-30 09:46 - 2013-06-30 09:47 - 00027423 ____A C:\Windows\KB978338.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00027137 ____A C:\Windows\KB2780091.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00027077 ____A C:\Windows\KB2507938.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB978338$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB974112$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB2507938$
2013-06-30 09:45 - 2013-06-30 09:46 - 00027196 ____A C:\Windows\KB974112.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00027722 ____A C:\Windows\KB2624667.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00027481 ____A C:\Windows\KB979687.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00026802 ____A C:\Windows\KB2483185.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00026382 ____A C:\Windows\KB2719985.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00025793 ____A C:\Windows\KB975025.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB979687$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB975025$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2719985$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2624667$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2483185$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2347290$
2013-06-30 09:44 - 2013-06-30 09:44 - 00026841 ____A C:\Windows\KB952004.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00025415 ____A C:\Windows\KB974571.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00025105 ____A C:\Windows\KB973507.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00024523 ____A C:\Windows\KB977816.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00023678 ____A C:\Windows\KB2839229.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB977816$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB975560$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB974571$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB973507$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB952004$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-06-30 09:43 - 2013-06-30 09:44 - 00024908 ____A C:\Windows\KB981322.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00025279 ____A C:\Windows\KB2419632.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00024542 ____A C:\Windows\KB2820917.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00023820 ____A C:\Windows\KB2757638.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00018613 ____A C:\Windows\KB2508429.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017979 ____A C:\Windows\KB2653956.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017634 ____A C:\Windows\KB974392.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017270 ____A C:\Windows\KB2749655.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB981322$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB974392$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2653956$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2508429$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2419632$
2013-06-30 09:42 - 2013-06-30 09:43 - 00016980 ____A C:\Windows\KB971029.log
2013-06-30 09:42 - 2013-06-30 09:42 - 00016695 ____A C:\Windows\KB2506212.log
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB977914$
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB971029$
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB2506212$
2013-06-30 09:41 - 2013-06-30 09:42 - 00017075 ____A C:\Windows\KB977914.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00016601 ____A C:\Windows\KB2705219-v2.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015833 ____A C:\Windows\KB2619339.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015097 ____A C:\Windows\KB2727528.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015023 ____A C:\Windows\KB978542.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB978542$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2705219-v2$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2619339$
2013-06-30 09:40 - 2013-07-03 07:08 - 00013067 ____A C:\Windows\updspapi.log
2013-06-30 09:40 - 2013-06-30 09:41 - 00015144 ____A C:\Windows\KB979482.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015991 ____A C:\Windows\KB2661254-v2.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015712 ____A C:\Windows\KB2813345.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015458 ____A C:\Windows\KB973815.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015408 ____A C:\Windows\KB956802.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015236 ____A C:\Windows\KB978706.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB979482$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB978706$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB973815$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB956802$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2509553$
2013-06-30 09:39 - 2013-07-06 08:44 - 00080879 ____A C:\Windows\setupapi.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00333867 ____A C:\Windows\FaxSetup.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00159624 ____A C:\Windows\ocgen.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00127388 ____A C:\Windows\tsoc.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00110969 ____A C:\Windows\comsetup.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00067158 ____A C:\Windows\ntdtcsetup.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00052777 ____A C:\Windows\iis6.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00018468 ____A C:\Windows\ocmsn.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00016686 ____A C:\Windows\msgsocm.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00001355 ____A C:\Windows\imsins.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00001355 ____A C:\Windows\imsins.BAK
2013-06-30 09:39 - 2013-06-30 09:40 - 00016081 ____A C:\Windows\KB2509553.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00015645 ____A C:\Windows\KB2676562.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00012979 ____A C:\Windows\KB982665.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00011379 ____A C:\Windows\KB2829361.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB982665$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2676562$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2478960$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 ____A C:\Windows\setupact.log
2013-06-30 09:24 - 2010-11-02 17:17 - 00040960 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ndproxy.sys
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB959426$
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB952954$
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB951376-v2$
2013-06-30 02:31 - 2013-06-30 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2467659$
2013-06-30 02:31 - 2013-05-08 00:28 - 00522240 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\jsdbgui.dll
2013-06-30 02:31 - 2011-08-16 12:45 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\iecompat.dll
2013-06-30 02:30 - 2013-06-30 02:33 - 00065536 ____A C:\Windows\System32\config\Internet.evt
2013-06-30 02:30 - 2013-06-30 02:30 - 00000000 ____D C:\Windows\ie8updates
2013-06-30 02:30 - 2013-05-08 00:28 - 11112960 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ieframe.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 02005504 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\iertutil.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00743424 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\iedvtool.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00630272 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msfeeds.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00247808 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ieproxy.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00055296 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msfeedsbs.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00012800 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\xpshims.dll
2013-06-30 02:29 - 2013-06-30 02:30 - 00000000 __HDC C:\Windows\ie8
2013-06-30 02:24 - 2013-06-02 17:21 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB946648$
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB2712808$
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB2387149$
2013-06-30 02:21 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB960859$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2659262$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2564958$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2544893-v2$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2536276-v2$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2479943$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2478971$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB975558_WM8$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB923723$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2691442$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2631813$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2585542$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2296011$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2115168$
2013-06-30 02:19 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB955759$
2013-06-30 02:19 - 2013-06-30 02:19 - 00006332 ____A C:\Windows\System32\TZLog.log
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB975713$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB950974$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2655992$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2485663$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2378111_WM9$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2229593$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB972270$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB956844$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB956572$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB954155_WM9$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB2686509$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB2598479$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB973869$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB941569$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2592799$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2535512$
2013-06-30 02:16 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB950762$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB978695_WM9$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB973904$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB952287$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2603381$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2570947$
2013-06-30 02:15 - 2013-06-30 02:15 - 00000000 __HDC C:\Windows\$NtUninstallKB973540_WM9$
2013-06-30 02:15 - 2013-06-30 02:15 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB981997$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB979309$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB952069_WM9$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2723135-v2$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2698365$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2618451$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB923561$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2620712$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2393802$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB975467$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2661637$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2584146$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2566454$
2013-06-30 02:11 - 2013-06-30 02:11 - 00000000 __HDC C:\Windows\$NtUninstallKB968389$
2013-06-30 02:11 - 2013-06-30 02:11 - 00000000 __HDC C:\Windows\$NtUninstallKB2423089$
2013-06-30 02:10 - 2013-06-30 02:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2360937$
2013-06-30 02:01 - 2008-06-14 19:32 - 00273024 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\bthport.sys
2013-06-30 01:59 - 2011-02-08 15:33 - 00978944 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mfc42.dll
2013-06-30 01:59 - 2010-09-18 08:52 - 00953856 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mfc40u.dll
2013-06-30 01:58 - 2011-07-15 15:29 - 00456320 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mrxsmb.sys
2013-06-30 01:58 - 2010-08-23 18:11 - 00617472 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\comctl32.dll
2013-06-30 01:57 - 2009-11-21 17:54 - 00471552 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\aclayers.dll
2013-06-30 01:51 - 2010-06-14 16:31 - 00744448 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\helpsvc.exe
2013-06-30 01:50 - 2010-08-27 10:01 - 00119808 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\t2embed.dll
2013-06-30 01:50 - 2009-10-15 18:28 - 00081920 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\fontsub.dll
2013-06-30 01:49 - 2012-12-16 14:23 - 00290560 ____N (Adobe Systems Incorporated) C:\Windows\System32\dllcache\atmfd.dll
2013-06-30 01:49 - 2009-06-21 23:45 - 00153088 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\triedit.dll
2013-06-30 01:49 - 2009-03-06 16:19 - 00286720 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\pdh.dll
2013-06-30 01:49 - 2009-02-09 13:21 - 00111104 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\services.exe
2013-06-30 01:49 - 2009-02-09 12:51 - 00678400 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\advapi32.dll
2013-06-30 01:49 - 2009-02-09 12:51 - 00473600 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\fastprox.dll
2013-06-30 01:49 - 2009-02-09 12:51 - 00453120 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\wmiprvsd.dll
2013-06-30 01:49 - 2009-02-09 12:51 - 00401408 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\rpcss.dll
2013-06-30 01:49 - 2009-02-06 12:10 - 00227840 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\wmiprvse.exe
2013-06-30 01:48 - 2013-02-12 02:32 - 00012928 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\usb8023x.sys
2013-06-30 01:48 - 2013-02-12 02:32 - 00012928 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\usb8023.sys
2013-06-30 01:48 - 2011-08-17 15:49 - 00138496 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\afd.sys
2013-06-30 01:48 - 2011-04-21 15:37 - 00105472 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mup.sys
2013-06-30 01:48 - 2009-07-28 00:24 - 00128512 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\dhtmled.ocx
2013-06-30 01:48 - 2008-05-08 16:02 - 00203136 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\rmcast.sys
2013-06-30 01:47 - 2013-06-30 01:58 - 00044240 ____A C:\Windows\System32\Drivers\fsbts.sys
2013-06-30 01:47 - 2008-05-01 16:34 - 00331776 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msadce.dll
2013-06-30 01:46 - 2013-06-30 01:46 - 00019406 ____A C:\Windows\prodsett_copy.ini
2013-06-30 01:45 - 2010-02-12 12:03 - 00293376 ____N (Microsoft Corporation) C:\Windows\System32\browserchoice.exe
2013-06-30 01:44 - 2012-05-28 20:16 - 00536576 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msado15.dll
2013-06-30 01:43 - 2012-07-04 16:05 - 00139784 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\rdpwd.sys
2013-06-30 01:43 - 2010-06-18 15:36 - 03558912 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\moviemk.exe
2013-06-30 01:40 - 2013-05-03 07:39 - 02195840 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntoskrnl.exe
2013-06-30 01:40 - 2013-05-03 07:39 - 02152448 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrnlmp.exe
2013-06-30 01:40 - 2013-05-03 07:39 - 02072448 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrnlpa.exe
2013-06-30 01:40 - 2013-05-03 07:39 - 02031104 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrpamp.exe
2013-06-30 01:40 - 2011-07-08 16:02 - 00010496 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ndistapi.sys
2013-06-30 01:40 - 2010-12-09 17:15 - 00743936 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntdll.dll
2013-06-30 01:40 - 2010-07-16 14:01 - 00220160 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\wordpad.exe
2013-06-30 01:40 - 2009-11-21 17:54 - 01206508 ____N C:\Windows\System32\dllcache\sysmain.sdb
2013-06-30 01:39 - 2012-01-11 21:06 - 00003072 ____N C:\Windows\System32\iacenc.dll
2013-06-30 01:39 - 2012-01-11 21:06 - 00003072 ____N C:\Windows\System32\dllcache\iacenc.dll
2013-06-30 01:39 - 2010-10-11 16:59 - 00045568 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\wab.exe
2013-06-30 01:39 - 2010-08-16 10:44 - 00590848 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\rpcrt4.dll
2013-06-30 01:25 - 2013-06-30 01:25 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-06-30 01:25 - 2004-08-04 14:00 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\wmpns.dll
2013-06-30 01:19 - 2013-06-30 09:16 - 00000000 ____D C:\Windows\System32\de-de
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\de
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\bits
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\l2schemas
2013-06-30 01:19 - 2012-11-10 02:39 - 00046080 ____N (Microsoft Corporation) C:\Windows\System32\tzchange.exe
2013-06-30 01:19 - 2012-11-06 04:01 - 01371648 ____N (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-06-30 01:19 - 2012-11-06 04:01 - 01371648 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msxml6.dll
2013-06-30 01:19 - 2009-01-07 18:21 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2013-06-30 01:19 - 2008-04-14 07:53 - 00032866 ____N (Smart Link) C:\Windows\slrundll.exe
2013-06-30 01:19 - 2008-04-14 07:53 - 00032768 ____N (Microsoft Corporation) C:\Windows\System32\setupn.exe
2013-06-30 01:19 - 2008-04-14 07:53 - 00028672 ____N (Microsoft Corporation) C:\Windows\System32\vidcap.ax
2013-06-30 01:19 - 2008-04-14 07:53 - 00028672 ____N (Microsoft Corporation) C:\Windows\System32\verclsid.exe
2013-06-30 01:19 - 2008-04-14 07:53 - 00023040 ____N (ATI Technologies Inc.) C:\Windows\System32\ativmvxx.ax
2013-06-30 01:19 - 2008-04-14 07:53 - 00009728 ____N (ATI Technologies Inc.) C:\Windows\System32\ativdaxx.ax
2013-06-30 01:19 - 2008-04-14 07:52 - 04274816 ____N (NVIDIA Corporation) C:\Windows\System32\nv4_disp.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 01737856 ____N (Matrox Graphics Inc.) C:\Windows\System32\mtxparhd.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00870784 ____N (ATI Technologies Inc. ) C:\Windows\System32\ati3d1ag.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00712704 ____N (Microsoft Corporation) C:\Windows\System32\windowscodecs.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00651264 ____N (Microsoft Corporation) C:\Windows\System32\dot3ui.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00412160 ____N (Microsoft Corporation) C:\Windows\System32\photometadatahandler.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00397312 ____N (Microsoft Corporation) C:\Windows\System32\mmcex.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00397056 ____N (S3 Graphics, Inc.) C:\Windows\System32\s3gnb.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00377984 ____N (ATI Technologies Inc.) C:\Windows\System32\ati2dvaa.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00346112 ____N (Microsoft Corporation) C:\Windows\System32\windowscodecsext.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00294400 ____N (Microsoft Corporation) C:\Windows\System32\qagentrt.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00290304 ____N (Microsoft Corporation) C:\Windows\System32\rhttpaa.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00276992 ____N (Microsoft Corporation) C:\Windows\System32\wmphoto.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00233472 ____N (Microsoft Corporation) C:\Windows\System32\azroles.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00198656 ____N (Microsoft Corporation) C:\Windows\System32\napmontr.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00184832 ____N (Microsoft Corporation) C:\Windows\System32\eapp3hst.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00184320 ____N (Microsoft Corporation) C:\Windows\System32\microsoft.managementconsole.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00182272 ____N (Microsoft Corporation) C:\Windows\System32\eapphost.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00177664 ____N (Microsoft Corporation) C:\Windows\System32\napstat.exe
2013-06-30 01:19 - 2008-04-14 07:52 - 00155136 ____N (Microsoft Corporation) C:\Windows\System32\mssha.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00151040 ____N (Microsoft Corporation) C:\Windows\System32\qagent.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00145408 ____N (Microsoft Corporation) C:\Windows\System32\onex.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00136192 ____N (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00133120 ____N (Microsoft Corporation) C:\Windows\System32\dot3svc.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00126976 ____N (Microsoft Corporation) C:\Windows\System32\eappcfg.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00106496 ____N (Microsoft Corporation) C:\Windows\System32\mmcfxcommon.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00095232 ____N (Microsoft Corporation) C:\Windows\System32\eappgnui.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00086016 ____N (Conexant) C:\Windows\System32\mdmxsdk.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00076800 ____N (Microsoft Corporation) C:\Windows\System32\qutil.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00069120 ____N (Microsoft Corporation) C:\Windows\System32\wlanapi.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00062976 ____N (Microsoft Corporation) C:\Windows\System32\dot3cfg.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00062464 ____N (Microsoft Corporation) C:\Windows\System32\qcliprov.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00061952 ____N (Microsoft Corporation) C:\Windows\System32\rasqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00061440 ____N (Microsoft Corporation) C:\Windows\System32\kmsvc.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00059392 ____N (Microsoft Corporation) C:\Windows\System32\eapqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00056832 ____N (Microsoft Corporation) C:\Windows\System32\dot3msm.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00053248 ____N (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00050688 ____N (Microsoft Corporation) C:\Windows\System32\tspkg.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00048640 ____N (Microsoft Corporation) C:\Windows\System32\dhcpqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00040960 ____N (Microsoft Corporation) C:\Windows\System32\eappprxy.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00039936 ____N (Microsoft Corporation) C:\Windows\System32\dot3gpclnt.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00039936 ____N (Microsoft Corporation) C:\Windows\System32\dimsroam.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00037376 ____N (Microsoft Corporation) C:\Windows\System32\l2gpstore.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00033792 ____N (Microsoft Corporation) C:\Windows\System32\mmcperf.exe
2013-06-30 01:19 - 2008-04-14 07:52 - 00033792 ____N (Microsoft Corporation) C:\Windows\System32\eapsvc.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00032768 ____N (ATI Technologies Inc.) C:\Windows\System32\ativtmxx.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00032285 ____N (Conexant Systems, Inc.) C:\Windows\System32\hsfcisp2.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00030720 ____N (Microsoft Corporation) C:\Windows\System32\eapolqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00030208 ____N (Microsoft Corporation) C:\Windows\System32\napipsec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00026112 ____N (Microsoft Corporation) C:\Windows\System32\dot3api.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00019456 ____N (Microsoft Corporation) C:\Windows\System32\dimsntfy.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00012800 ____N (Microsoft Corporation) C:\Windows\System32\credssp.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00009216 ____N (Microsoft Corporation) C:\Windows\System32\dot3dlg.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00007168 ____N (Microsoft Corporation) C:\Windows\System32\bitsprx4.dll
2013-06-30 01:19 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdpash.dll
2013-06-30 01:19 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdnepr.dll
2013-06-30 01:19 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdiultn.dll
2013-06-30 01:19 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdbhc.dll
2013-06-30 01:19 - 2008-04-14 07:27 - 00093184 ____N (Microsoft Corporation) C:\Windows\System32\msxml6r.dll
2013-06-30 01:19 - 2008-04-14 07:27 - 00093184 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msxml6r.dll
2013-06-30 01:19 - 2008-04-14 07:26 - 00081408 ____N (Microsoft Corporation) C:\Windows\System32\msshavmsg.dll
2013-06-30 01:16 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\ServicePackFiles
2013-06-30 01:14 - 2013-02-12 02:32 - 00012928 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023x.sys
2013-06-30 01:14 - 2008-06-14 19:32 - 00273024 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2013-06-30 01:14 - 2008-04-14 07:52 - 00025471 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv04nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00021183 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv01nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00017279 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv10nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00015423 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\ch7xxnt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00014143 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv06nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00011359 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv02nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00011325 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\vchnt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00004255 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv01nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003967 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv02nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003901 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\siint5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003775 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv11nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003711 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv09nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003647 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv07nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003615 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv05nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003135 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv08nt5.dll
2013-06-30 01:14 - 2008-04-14 07:24 - 00025856 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2013-06-30 01:14 - 2008-04-14 07:21 - 00327168 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtaa.sys
2013-06-30 01:14 - 2008-04-14 00:26 - 00030592 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\rndismpx.sys
2013-06-30 01:14 - 2008-04-14 00:21 - 00101120 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthpan.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00121984 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00059136 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00037888 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00036480 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthprint.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00018944 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthusb.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00017024 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2013-06-30 01:14 - 2008-04-14 00:15 - 00019200 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys
2013-06-30 01:14 - 2008-04-14 00:13 - 00014208 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys
2013-06-30 01:14 - 2008-04-14 00:13 - 00012672 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\mutohpen.sys
2013-06-30 01:14 - 2008-04-14 00:10 - 00010240 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_mmc.sys
2013-06-30 01:14 - 2008-04-14 00:06 - 00046464 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\gagp30kx.sys
2013-06-30 01:14 - 2008-04-14 00:06 - 00044672 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\uagp35.sys
2013-06-30 01:14 - 2008-04-14 00:06 - 00005888 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\smbali.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 01041536 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfdpsp2.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 00685056 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfcxts2.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 00220032 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfbs2s2.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 00129535 ____N (Smart Link) C:\Windows\System32\Drivers\slnt7554.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 00011868 ____N (Conexant) C:\Windows\System32\Drivers\mdmxsdk.sys
2013-06-30 01:14 - 2008-04-13 22:06 - 00144384 ____N (Windows (R) Server 2003 DDK provider) C:\Windows\System32\Drivers\hdaudbus.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 01897408 ____N (NVIDIA Corporation) C:\Windows\System32\Drivers\nv4_mini.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00452736 ____N (Matrox Graphics Inc.) C:\Windows\System32\Drivers\mtxparhm.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00166912 ____N (S3 Graphics, Inc.) C:\Windows\System32\Drivers\s3gnbm.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00104960 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinrvxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00073216 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atintuxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00063663 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1rvxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00063488 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxsxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00057856 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinbtxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00056623 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1btxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00052224 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinraxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00036463 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1tuxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00034735 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xsxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00031744 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxbxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00030671 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1raxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00029455 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xbxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00028672 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinsnxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00026367 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1snxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00025471 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\watv10nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00022271 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\watv06nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00021343 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1ttxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00014336 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinpdxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinttxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinmdxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00012047 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1pdxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011935 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv11nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011871 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv09nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011807 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv07nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011615 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1mdxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011295 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv08nt.sys
2013-06-30 01:14 - 2007-04-02 21:36 - 00129045 ____N C:\Windows\System32\Drivers\cxthsfs2.cty
2013-06-30 01:14 - 2006-12-29 20:21 - 00064352 ____N C:\Windows\System32\Drivers\ativmc20.cod
2013-06-30 01:14 - 2006-12-29 20:02 - 00067866 ____N C:\Windows\System32\Drivers\netwlan5.img
2013-06-30 01:11 - 2006-12-29 00:31 - 00019569 ____A C:\Windows\002643_.tmp
2013-06-30 01:09 - 2013-06-30 01:11 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-06-29 19:09 - 2013-06-29 19:09 - 00000000 ___HD C:\Windows\PIF
==================== One Month Modified Files and Folders ========
2013-07-06 11:49 - 2013-07-06 11:49 - 00000000 ____D C:\Windows\ERUNT
2013-07-06 11:49 - 2013-07-06 11:49 - 00000000 ____D C:\JRT
2013-07-06 11:46 - 2005-02-01 11:53 - 01861092 ____A C:\Windows\WindowsUpdate.log
2013-07-06 11:45 - 2006-07-08 09:46 - 00000660 ____A C:\Windows\ULEAD32.INI
2013-07-06 11:45 - 2005-02-01 11:50 - 00000159 ____A C:\Windows\wiadebug.log
2013-07-06 11:45 - 2005-02-01 11:50 - 00000050 ____A C:\Windows\wiaservc.log
2013-07-06 11:43 - 2013-07-06 11:42 - 00002452 ____A C:\AdwCleaner[S1].txt
2013-07-06 11:43 - 2005-10-25 14:25 - 00000000 ___RD C:\Programme
2013-07-06 11:42 - 2013-07-06 11:42 - 00002269 ____A C:\AdwCleaner[R1].txt
2013-07-06 08:44 - 2013-06-30 09:39 - 00080879 ____A C:\Windows\setupapi.log
2013-07-06 08:44 - 2005-01-18 21:17 - 00000617 ____A C:\Windows\win.ini
2013-07-06 08:43 - 2007-07-08 10:56 - 00000004 ____A C:\Windows\msoffice.ini
2013-07-06 08:13 - 2013-07-06 08:13 - 00016934 ____A C:\ComboFix.txt
2013-07-06 08:13 - 2013-07-06 07:29 - 00000000 ____D C:\Qoobox
2013-07-06 08:11 - 2005-01-18 21:17 - 00000435 ____A C:\Windows\system.ini
2013-07-06 08:02 - 2013-07-06 08:02 - 00000000 RASHD C:\cmdcons
2013-07-06 08:02 - 2005-01-18 21:17 - 00000327 _RASH C:\boot.ini
2013-07-06 07:44 - 2013-07-06 07:29 - 00000000 ____D C:\Windows\erdnt
2013-07-06 07:34 - 2013-07-06 07:34 - 00000327 ____A C:\Boot.bak
2013-07-06 07:00 - 2013-07-06 07:00 - 00001086 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7a05bfb8e034.job
2013-07-05 11:29 - 2013-07-05 11:29 - 00000000 ____D C:\FRST
2013-07-04 17:54 - 2006-05-26 16:27 - 00000116 ____A C:\Windows\NeroDigital.ini
2013-07-04 17:18 - 2012-04-14 17:01 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-07-04 17:18 - 2012-04-14 17:01 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-04 17:18 - 2011-08-21 09:33 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-07-04 17:09 - 2005-01-18 21:17 - 00012598 ____A C:\Windows\System32\wpa.dbl
2013-07-03 07:08 - 2013-07-03 07:08 - 00007301 ____A C:\Windows\KB2510531-IE8.log
2013-07-03 07:08 - 2013-07-03 07:08 - 00000000 __HDC C:\Windows\$NtUninstallKB970430$
2013-07-03 07:08 - 2013-07-03 07:08 - 00000000 __HDC C:\Windows\$NtUninstallKB2345886$
2013-07-03 07:08 - 2013-07-03 06:59 - 00012768 ____A C:\Windows\KB2345886.log
2013-07-03 07:08 - 2013-06-30 09:40 - 00013067 ____A C:\Windows\updspapi.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00333867 ____A C:\Windows\FaxSetup.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00159624 ____A C:\Windows\ocgen.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00127388 ____A C:\Windows\tsoc.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00110969 ____A C:\Windows\comsetup.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00067158 ____A C:\Windows\ntdtcsetup.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00052777 ____A C:\Windows\iis6.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00018468 ____A C:\Windows\ocmsn.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00016686 ____A C:\Windows\msgsocm.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00001355 ____A C:\Windows\imsins.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00001355 ____A C:\Windows\imsins.BAK
2013-07-03 07:08 - 2005-10-25 14:25 - 00000000 ___HD C:\Windows\$hf_mig$
2013-06-30 10:07 - 2005-02-01 11:47 - 00196160 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-30 09:48 - 2013-06-30 09:48 - 00028343 ____A C:\Windows\KB974318.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00028106 ____A C:\Windows\KB951978.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00027396 ____A C:\Windows\KB969059.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00026703 ____A C:\Windows\KB2443105.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB974318$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB969059$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB951978$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB2443105$
2013-06-30 09:48 - 2013-06-30 09:47 - 00027629 ____A C:\Windows\KB2481109.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00867240 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-06-30 09:47 - 2013-06-30 09:47 - 00263592 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00094632 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-30 09:47 - 2013-06-30 09:47 - 00027118 ____A C:\Windows\KB971657.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00027056 ____A C:\Windows\KB982132.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00026829 ____A C:\Windows\KB2440591.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB982132$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB971657$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB2481109$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB2440591$
2013-06-30 09:47 - 2013-06-30 09:46 - 00027423 ____A C:\Windows\KB978338.log
2013-06-30 09:47 - 2011-06-26 10:01 - 00789416 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-06-30 09:47 - 2011-06-26 10:01 - 00144896 ____A (Oracle Corporation) C:\Windows\System32\javacpl.cpl
2013-06-30 09:47 - 2005-02-01 11:48 - 00897778 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-30 09:46 - 2013-06-30 09:46 - 00027137 ____A C:\Windows\KB2780091.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00027077 ____A C:\Windows\KB2507938.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB978338$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB974112$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB2507938$
2013-06-30 09:46 - 2013-06-30 09:45 - 00027196 ____A C:\Windows\KB974112.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00027722 ____A C:\Windows\KB2624667.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00027481 ____A C:\Windows\KB979687.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00026802 ____A C:\Windows\KB2483185.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00026382 ____A C:\Windows\KB2719985.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00025793 ____A C:\Windows\KB975025.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB979687$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB975025$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2719985$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2624667$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2483185$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2347290$
2013-06-30 09:44 - 2013-06-30 09:44 - 00026841 ____A C:\Windows\KB952004.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00025415 ____A C:\Windows\KB974571.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00025105 ____A C:\Windows\KB973507.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00024523 ____A C:\Windows\KB977816.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00023678 ____A C:\Windows\KB2839229.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB977816$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB975560$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB974571$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB973507$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB952004$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-06-30 09:44 - 2013-06-30 09:43 - 00024908 ____A C:\Windows\KB981322.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00025279 ____A C:\Windows\KB2419632.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00024542 ____A C:\Windows\KB2820917.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00023820 ____A C:\Windows\KB2757638.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00018613 ____A C:\Windows\KB2508429.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017979 ____A C:\Windows\KB2653956.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017634 ____A C:\Windows\KB974392.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017270 ____A C:\Windows\KB2749655.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB981322$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB974392$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2653956$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2508429$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2419632$
2013-06-30 09:43 - 2013-06-30 09:42 - 00016980 ____A C:\Windows\KB971029.log
2013-06-30 09:42 - 2013-06-30 09:42 - 00016695 ____A C:\Windows\KB2506212.log
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB977914$
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB971029$
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB2506212$
2013-06-30 09:42 - 2013-06-30 09:41 - 00017075 ____A C:\Windows\KB977914.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00016601 ____A C:\Windows\KB2705219-v2.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015833 ____A C:\Windows\KB2619339.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015097 ____A C:\Windows\KB2727528.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015023 ____A C:\Windows\KB978542.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB978542$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2705219-v2$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2619339$
2013-06-30 09:41 - 2013-06-30 09:40 - 00015144 ____A C:\Windows\KB979482.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015991 ____A C:\Windows\KB2661254-v2.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015712 ____A C:\Windows\KB2813345.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015458 ____A C:\Windows\KB973815.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015408 ____A C:\Windows\KB956802.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015236 ____A C:\Windows\KB978706.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB979482$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB978706$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB973815$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB956802$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2509553$
2013-06-30 09:40 - 2013-06-30 09:39 - 00016081 ____A C:\Windows\KB2509553.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00015645 ____A C:\Windows\KB2676562.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00012979 ____A C:\Windows\KB982665.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00011379 ____A C:\Windows\KB2829361.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB982665$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2676562$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2478960$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 ____A C:\Windows\setupact.log
2013-06-30 09:33 - 2012-01-10 15:05 - 00000000 ____D C:\Windows\Minidump
2013-06-30 09:16 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\de-de
2013-06-30 09:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\Help
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB959426$
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB952954$
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB951376-v2$
2013-06-30 02:33 - 2013-06-30 02:30 - 00065536 ____A C:\Windows\System32\config\Internet.evt
2013-06-30 02:31 - 2013-06-30 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2467659$
2013-06-30 02:30 - 2013-06-30 02:30 - 00000000 ____D C:\Windows\ie8updates
2013-06-30 02:30 - 2013-06-30 02:29 - 00000000 __HDC C:\Windows\ie8
2013-06-30 02:30 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\Media
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB946648$
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB2712808$
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB2387149$
2013-06-30 02:22 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB960859$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2659262$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2564958$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2544893-v2$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2536276-v2$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2479943$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2478971$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB975558_WM8$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB923723$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2691442$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2631813$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2585542$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2296011$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2115168$
2013-06-30 02:20 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB955759$
2013-06-30 02:19 - 2013-06-30 02:19 - 00006332 ____A C:\Windows\System32\TZLog.log
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB975713$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB950974$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2655992$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2485663$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2378111_WM9$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2229593$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB972270$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB956844$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB956572$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB954155_WM9$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB2686509$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB2598479$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB973869$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB941569$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2592799$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2535512$
2013-06-30 02:17 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB950762$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB978695_WM9$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB973904$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB952287$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2603381$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2570947$
2013-06-30 02:15 - 2013-06-30 02:15 - 00000000 __HDC C:\Windows\$NtUninstallKB973540_WM9$
2013-06-30 02:15 - 2013-06-30 02:15 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB981997$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB979309$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB952069_WM9$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2723135-v2$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2698365$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2618451$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB923561$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2620712$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2393802$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB975467$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2661637$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2584146$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2566454$
2013-06-30 02:11 - 2013-06-30 02:11 - 00000000 __HDC C:\Windows\$NtUninstallKB968389$
2013-06-30 02:11 - 2013-06-30 02:11 - 00000000 __HDC C:\Windows\$NtUninstallKB2423089$
2013-06-30 02:10 - 2013-06-30 02:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2360937$
2013-06-30 01:58 - 2013-06-30 01:47 - 00044240 ____A C:\Windows\System32\Drivers\fsbts.sys
2013-06-30 01:46 - 2013-06-30 01:46 - 00019406 ____A C:\Windows\prodsett_copy.ini
2013-06-30 01:25 - 2013-06-30 01:25 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-06-30 01:25 - 2005-01-18 21:30 - 00316640 ____A C:\Windows\WMSysPr9.prx
2013-06-30 01:23 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\security
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\de
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\bits
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\l2schemas
2013-06-30 01:19 - 2013-06-30 01:16 - 00000000 ____D C:\Windows\ServicePackFiles
2013-06-30 01:19 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\System32\usmt
2013-06-30 01:19 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\PeerNet
2013-06-30 01:19 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\ime
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\System32\Restore
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\System32\npp
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\System32\Com
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\system
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\srchasst
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\msagent
2013-06-30 01:13 - 2005-01-18 21:17 - 00251712 _RASH C:\ntldr
2013-06-30 01:11 - 2013-06-30 01:09 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-06-30 01:11 - 2005-10-25 12:09 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2013-06-29 19:09 - 2013-06-29 19:09 - 00000000 ___HD C:\Windows\PIF
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2005-01-18 21:17] - [2008-04-14 07:52] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2005-01-18 21:17] - [2008-04-14 07:53] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2005-01-18 21:17] - [2008-04-14 07:53] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2005-01-18 21:17] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc
C:\Windows\System32\User32.dll
[2005-01-18 21:17] - [2008-04-14 07:52] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2005-01-18 21:17] - [2008-04-14 07:53] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2005-01-18 21:17] - [2008-04-14 07:22] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
|
|
06.07.2013, 11:09
| #9 |
| /// the machine /// TB-Ausbilder | Wie bekomme ich "dirtydecrypt.exe" wieder los?ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST Log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.07.2013, 17:17
| #10 |
| | Wie bekomme ich "dirtydecrypt.exe" wieder los? Hab ich alles gemacht, aber das Problem is noch immer da.... :-( Logfile ESET: ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=bdff9c9155be874ea9e551b2d720b74b # engine=14289 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-07-06 12:07:53 # local_time=2013-07-06 02:07:53 (+0100, Westeuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=1797 16774142 0 1 562495 562495 0 0 # compatibility_mode=2559 16777215 0 0 0 0 0 0 # scanned=118450 # found=110 # cleaned=0 # scan_time=6226 sh=442411905A3EA1B466DB8E575DF10A4EC681425E ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\lame3.98.zip" sh=15D9C9D84373D62DBB9055291452F556CDA6C791 ft=1 fh=5f2947fd857cce20 vn="a variant of Win32/Injector.AGQG trojan" ac=I fn="C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\12\21bc400c-2a4a0a5a.virus" sh=AF2CDF77657368A5A1A6F22F9929BB0D6174CCAD ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Dokumente und Einstellungen\Champ\Desktop\messer-v0992-setup.zip" sh=3F5ED1FCB64FB4C4A11C7FEE0EA46C9388FFB19E ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Dokumente und Einstellungen\Champ\Desktop\NXSetup_Vista(x86).zip" sh=934B88BB6325B96495677FF59E310B76167CABF2 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Dokumente und Einstellungen\Champ\Eigene Dateien\Archos_USB_Drivers_05-2004.zip" sh=01AFCF8E2C882BDB6E73DBE5D099AB7D717A1D3C ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Dokumente und Einstellungen\Champ\Eigene Dateien\Inhaltsverzeichnis.zip" sh=69F4D9A35708545D15A393ABBF1C0EDFE36B960A ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Dokumente und Einstellungen\Champ\Eigene Dateien\JB6000_Driver.zip" sh=AC10CF6E2DDA3707DBF38A61C8C1A3C07FC5EAB9 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Dokumente und Einstellungen\Champ\Eigene Dateien\Unfall Bergkirchweih\anschlusseheilbehandlung.zip" sh=7476C540411975C2F3632E58DC759C04028D2460 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Dokumente und Einstellungen\Champ\Eigene Dateien\Unfall Bergkirchweih\med_rehabilitation.zip" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\Dokumente und Einstellungen\Champ\Lokale Einstellungen\Anwendungsdaten\Dirty\DirtyDecrypt.exe.virus" sh=29D97323F9FFCD5788F21F62B2B3AD10D198D40C ft=0 fh=0000000000000000 vn="JS/AdWare.SearchPage.A virus" ac=I fn="C:\MP3\MP3 # 21 gebrannt\Chrismas Songs\LOVE.AVI" sh=72028D17F283D2984B0E60FD2A0B1B56AAFAA9C3 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Programme\Avira\AntiVir Desktop\sweb.zip" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\Programme\Dirty\DirtyDecrypt.exe.virus" sh=A166FCDB1BBB5AF52B9C22B07EB936FAEFD93E31 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Programme\Java\jre6\lib\deploy\ffjcext.zip" sh=8A206B8330806E72A4F45608370D829F0F2DD87B ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Programme\Windows Media Player\npdrmv2.zip" sh=2DF7B50241F597A8D61E1DE2154B2501A293EEDD ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Programme\Windows Media Player\npds.zip" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\Qoobox\Quarantine\C\Dokumente und Einstellungen\Administrator.NIRVANA\Anwendungsdaten\Dirty\DirtyDecrypt.exe.virus.vir" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\Qoobox\Quarantine\C\Dokumente und Einstellungen\Champ\Anwendungsdaten\Dirty\DirtyDecrypt.exe.virus.vir" sh=9EA705B336E52282C30F3AE11B7D32DB07694B7D ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Eigene Dateien 08-2005\A Thomas\Archos_USB_Drivers_05-2004.zip" sh=9DDFB2D2A50776F2E3F1279EDC292F71090A8016 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Eigene Dateien 08-2005\A Thomas\isobuster_all_lang.zip" sh=9644E9E978078DFB556A5D37BAC491650CD1B3F2 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Eigene Dateien 08-2005\A Thomas\JB20_Driver.zip" sh=1FE6CE2D5075668B2C043D053719173DA71A3919 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Festplatte D Erlangen\Championship.zip" sh=34CEC0A26468673D08A65A3C56CFB5207F29F404 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Festplatte D Erlangen\Save 2004\Abwehr LOVESAN\clrav.zip" sh=E7E1C900C62AA09C24F898C76C99EBF6456E0D79 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Festplatte D Erlangen\Save 2004\Downloads\Battlefield_1942.Update1.1.FDX.ShareReactor.rar" sh=F574DAE75F9D5F4F9AD744D47EE0F92092311895 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Festplatte D Erlangen\Sicherung\Studium Hildesheim\Diplomarbeit - Optimierungspot. der Personalpl. durch ATZ\Diplomarbeit - ENDVERSIONEN !!!\Diplomarbeit 18.12.2002 (anonym)\ATZ-Müller-AG.zip" sh=909082F26B1E541D7DBBBA4FDAA760224AD3C537 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Festplatte D Erlangen\Sicherung\Studium Hildesheim\Diplomarbeit - Optimierungspot. der Personalpl. durch ATZ\Diplomarbeit Marketing - Vergleichende Werbung als Wettbewerbsmittel der Krankenkassen im Wettbewerb\diplomarbeit2.zip" sh=93E2CEF5926879103F626455CCF26C3605C58853 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Antispy\xp-AntiSpy_deutsch392.zip" sh=344C39AEA51173B5B59BBB8BA4BB17DC25EB9449 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Alt\ATZ-Müller-AG.zip" sh=149119742E340E4C2C0EF270BC0E7BD81BC70928 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Alt\Brennprogramme\AUDIOGRABBER\FO_AG15F.ZIP" sh=B148A47F7B68345C2185DCAFD5FA6BD98E93CAD7 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Alt\Brennprogramme\CD_COVER_PROG\CDC32202.ZIP" sh=2B641BF74A69F8BF1551DF79831C881CBC0A4232 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Alt\Brennprogramme\CD_COVER_PROG\COVER70.ZIP" sh=92613724E6A18BEE3492EC4D52AF2B4FC725AA09 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Alt\Brennprogramme\NERO55_KEY_GENERATOR\ORNN5503.ZIP" sh=D47BA884AEF0DE3B75DC891A861BAF14B89EFE8C ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Alt\Brennprogramme\NERO_5580\5580.RAR" sh=D12C3CA303C35643A030D4D0AC73E85F6EAAEDF9 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Eigene Dateien 060105\Alte Sachen\ATZ.zip" sh=2CB6C8530DF537474CF26F26CF60C2826987C66B ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Eigene Dateien 060105\Alte Sachen\Aspi-Treiber\aspi-460-1019.zip" sh=B5BED2DD9D6D9F42D8F1BDBC37A3B525F495FD1E ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Eigene Dateien 060105\Alte Sachen\Downloads\nlcrinst.zip" sh=7EDCE62EBD8292E36C7E4FE899539B42B6C49E63 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Eigene Dateien 060105\Eigene Dateien 23.11.02\apsyc1_3.zip" sh=759422515348FA1C86207045EE319252C2A55F5D ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Eigene Dateien 060105\Eigene Dateien 23.11.02\imerzieh.zip" sh=8211E3C68C7ECEFA342DC4EAFE5B60362B9F88E3 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Eigene Dateien 060105\Eigene Dateien 23.11.02\Kopie von lizzyund.zip" sh=95A4CA139902AF5CE2BB7C16A3BEC75851A6C8A6 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Eigene Dateien 060105\Eigene Dateien 23.11.02\meinede3.zip" sh=5301D6C3E13E36A377E74A49C0DC25CB1C161D6E ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Eigene Dateien 060105\Eigene Dateien 23.11.02\thesadis.zip" sh=9097CB26AFC58D2B0555825A12132CADBBCEE10C ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Eigene Dateien 060105\Eigene Dateien 23.11.02\Alte Sachen\gunmanv1uknocd.zip" sh=EF044F1754D92DD4C1BE7A6A213911CCADDCC368 ft=0 fh=0000000000000000 vn="JS/Logo.A trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Eigene Dateien 060105\Favoriten\Welcome to Adult Friend Finder!.url" sh=A43171A818902F3B5B41A857AEED66EA9115D37E ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Neuer Ordner\ana04.zip" sh=6B56531F3739784B67678B7077C35A1B5885D7A3 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Neuer Ordner\thevisit.zip" sh=47D957BAE43F5122EBB2EB3D799ED0B4C746328C ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Neuer Ordner (2)\16338.zip" sh=32F466441738D5ADD85FB15407E310EDA5504BA2 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Neuer Ordner (2)\Angebotsvergleichsblatt_Sprachkurse.zip" sh=24E3C74B94C4403490334824D17C01177E1B0594 ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Neuer Ordner (2)\Intellectualservices2002.zip" sh=3AE880A6AD7A0DE68EBDA1E87190308BC845E16A ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Neuer Ordner (2)\Panzers-Cheats.rar" sh=7F9CB73EF5DD93AB02D7BF6E014A5E23987058BE ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Neuer Ordner (2)\PANZERS_V1.06_german_NoCD_by_S1elz.rar" sh=DF7745DE6C9EB9D5D48F0475030110C00884AD6C ft=0 fh=0000000000000000 vn="Win32/Filecoder.BH.Gen trojan" ac=I fn="C:\Sicherung alte Festplatten\Hordorf D\Desktop\Desktop\Neuer Ordner (2)\Rotlicht_Tycoon.rar" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{210364F3-030D-489D-BEEF-059C2E24FE19}\RP465\A0101202.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{210364F3-030D-489D-BEEF-059C2E24FE19}\RP465\A0101203.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{210364F3-030D-489D-BEEF-059C2E24FE19}\RP465\A0101204.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{210364F3-030D-489D-BEEF-059C2E24FE19}\RP465\A0101205.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{210364F3-030D-489D-BEEF-059C2E24FE19}\RP465\A0101206.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{210364F3-030D-489D-BEEF-059C2E24FE19}\RP465\A0101207.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{210364F3-030D-489D-BEEF-059C2E24FE19}\RP465\A0101209.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0054406.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0054407.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0054408.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0055406.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0055407.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0055408.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0056406.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0056407.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0056408.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0057406.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0057407.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0057408.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0058406.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0058407.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0058408.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0059406.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0059407.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0059408.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0060406.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0060407.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0060408.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0061406.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0061407.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0061408.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0062406.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0062407.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0062408.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0065413.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0065414.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0065415.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0066413.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0066414.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0066415.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0067413.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0067414.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0067415.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0068413.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0068414.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0068415.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0070413.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0070414.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0070415.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0071415.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0072413.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0072414.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0075413.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0075414.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0075415.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0076412.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0076413.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0077412.exe.virus" sh=F6B455497EFFA2608BB4CE89FAA4C2558D3F91C0 ft=1 fh=a90cd48aba97e757 vn="Win32/Filecoder.BH trojan" ac=I fn="C:\System Volume Information\_restore{A11D6FCD-EF8E-4B5C-825C-5292F47DB320}\RP29\A0077413.exe.virus" SOWIE checkup.txt: Results of screen317's Security Check version 0.99.68 Windows XP Service Pack 3 x86 Internet Explorer 8 Out of date! ``````````````Antivirus/Firewall Check:`````````````` ESET Online Scanner v3 `````````Anti-malware/Other Utilities Check:````````` CCleaner Java(TM) 6 Update 26 Java 7 Update 25 Adobe Flash Player 11.7.700.224 Adobe Reader 8 Adobe Reader out of Date! Mozilla Firefox 20.0.1 Firefox out of Date! ````````Process Check: objlist.exe by Laurent```````` F-Secure apps ComputerSecurity Anti-Virus\FSGK32.EXE F-Secure apps ComputerSecurity Anti-Virus\fssm32.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: ````````````````````End of Log`````````````````````` und hier noch die neueste FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-07-2013
Ran by Champ (administrator) on 06-07-2013 18:13:35
Running from C:\Dokumente und Einstellungen\Champ\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(AVM Berlin) C:\Programme\avmwlanstick\WlanNetService.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(F-Secure Corporation) C:\Programme\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Programme\F-Secure\apps\CCF_Reputation\fsorsp.exe
(F-Secure Corporation) C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Google Inc.) C:\Programme\Google\Update\GoogleUpdate.exe
(Smart Link) C:\WINDOWS\system32\slserv.exe
(InstallShield Software Corporation) C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
(ATI Technologies, Inc.) C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
(shbox) C:\Programme\FreePDF\FreePDFA.exe
(NewSoft Technology Corporation) C:\Programme\NewSoft\Smart Start UP\PnPDetect.exe
(AVM Berlin) C:\Programme\avmwlanstick\wlangui.exe
(F-Secure Corporation) C:\Programme\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Nero AG) C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe
(Google Inc.) C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(F-Secure Corporation) C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Microsoft Corporation) C:\Programme\internet explorer\iexplore.exe
(Microsoft Corporation) C:\Programme\internet explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\Programme\internet explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ISUSPM Startup] C:\PROGRA~1\GEMEIN~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [221184 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] "C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe" -start [81920 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe [339968 2005-02-22] (ATI Technologies, Inc.)
HKLM\...\Run: [SoundMan] SOUNDMAN.EXE [x]
HKLM\...\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [PE2CKFNT SE] C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe [25088 1998-07-03] ()
HKLM\...\Run: [FreePDFAssistent] C:\Programme\FreePDF\FreePDFA.exe [150528 2003-12-24] (shbox)
HKLM\...\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe [35328 2007-02-13] ()
HKLM\...\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER [26112 2005-01-18] (RealNetworks, Inc.)
HKLM\...\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe [x]
HKLM\...\Run: [Smart Start UP] C:\Programme\NewSoft\Smart Start UP\PnPDetect.exe /Automation [104528 2007-04-27] (NewSoft Technology Corporation)
HKLM\...\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime [155648 2009-06-24] (Apple Computer, Inc.)
HKLM\...\Run: [AVMWlanClient] C:\Programme\avmwlanstick\wlangui.exe [1794048 2008-09-05] (AVM Berlin)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [39792 2008-10-15] (Adobe Systems Incorporated)
HKLM\...\Run: [F-Secure Hoster (666)] "C:\Programme\F-Secure\fshoster32.exe" -app -hosterid:1 [188400 2013-01-18] (F-Secure Corporation)
HKLM\...\Run: [F-Secure Manager] "C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE" /splash [311432 2013-01-03] (F-Secure Corporation)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe" [94208 2005-10-28] (Nero AG)
HKCU\...\Run: [DirtyDecrypt] "\\?\C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Dirty\DirtyDecrypt.exe" /hide [x]
HKCU\...\Run: [swg] "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-12-26] (Google Inc.)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hotmail.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Programme\Xi\NetXfer\NXToolBar.dll (Xi)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -&Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU -EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler: ipp - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Firefox\Profiles\8ovd1kw1.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: TVU Web Player - C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Mozilla\Firefox\Profiles\8ovd1kw1.default\Extensions\firefox@tvunetworks.com
========================== Services (Whitelisted) =================
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [516096 2005-02-22] ()
R2 AVM WLAN Connection Service; C:\Programme\avmwlanstick\WlanNetService.exe [364544 2008-09-05] (AVM Berlin)
R2 fshoster; C:\Programme\F-Secure\fshoster32.exe [188400 2013-01-18] (F-Secure Corporation)
R3 FSMA; C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [209032 2013-01-03] (F-Secure Corporation)
R2 FSORSPClient; C:\Programme\F-Secure\apps\CCF_Reputation\fsorsp.exe [60352 2013-06-30] (F-Secure Corporation)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-12-26] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2009-12-26] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2012-09-26] (Google)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [115608 2013-05-09] (Mozilla Foundation)
S3 PsShutdownSvc; C:\Windows\System32\PSSDNSVC.EXE [65536 2005-01-18] (Systems Internals)
R2 SLService; C:\Windows\System32\slserv.exe [73796 2008-04-14] (Smart Link)
S3 WmcCds; c:\programme\windows media connect\mswmccds.exe [483328 2004-08-11] (Microsoft Corporation)
S3 WmcCdsLs; C:\Programme\Windows Media Connect\mswmcls.exe [28160 2004-08-10] (Microsoft Corporation)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre7\bin\jqs.exe" -service -config "C:\Programme\Java\jre7\lib\deploy\jqs\jqs.conf" [x]
==================== Drivers (Whitelisted) ====================
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [2314560 2005-03-25] (Realtek Semiconductor Corp.)
R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [43008 2005-03-09] (Advanced Micro Devices)
R2 ASCTRM; C:\Windows\System32\Drivers\ASCTRM.sys [8552 2005-01-18] (Windows (R) 2000 DDK provider)
R3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [986624 2005-02-23] (ATI Technologies Inc.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2008-09-05] (AVM Berlin)
R1 Cinemsup; C:\Windows\System32\Drivers\Cinemsup.sys [6656 2003-12-19] (Sonic Solutions)
R2 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [8064 2006-04-22] (Elaborate Bytes AG)
R3 ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [4608 2005-04-12] (Elaborate Bytes AG)
R3 F-Secure Gatekeeper; C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [145856 2013-06-30] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Programme\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [73248 2013-06-30] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [44240 2013-06-30] ()
R3 fsni; C:\Programme\F-Secure\apps\CCF_Scanning\fsnixp32.sys [50112 2013-04-25] (F-Secure Corporation)
R3 fsnitdi; C:\Programme\F-Secure\apps\CCF_Scanning\fsnitdi32.sys [21952 2013-04-25] (F-Secure Corporation)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2008-09-05] (AVM GmbH)
S3 Mtlmnt5; C:\Windows\System32\DRIVERS\Mtlmnt5.sys [126686 2004-08-03] (Smart Link)
S3 Mtlstrm; C:\Windows\System32\DRIVERS\Mtlstrm.sys [1309184 2004-08-03] (Smart Link)
S3 NtMtlFax; C:\Windows\System32\DRIVERS\NtMtlFax.sys [180360 2004-08-03] (Smart Link)
R0 RecAgent; C:\Windows\System32\DRIVERS\RecAgent.sys [13776 2004-08-03] (Smart Link)
R3 RTL8023; C:\Windows\System32\DRIVERS\Rtlnic51.sys [69504 2003-12-31] (Realtek Semiconductor Corporation )
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 S6U12BScanner; C:\Windows\System32\drivers\usbscan.sys [15104 2008-04-14] (Microsoft Corporation)
S3 Slntamr; C:\Windows\System32\DRIVERS\slntamr.sys [404990 2004-08-03] (Smart Link)
S3 SlNtHal; C:\Windows\System32\DRIVERS\Slnthal.sys [95424 2004-08-03] (Smart Link)
S3 SlWdmSup; C:\Windows\System32\DRIVERS\SlWdmSup.sys [13240 2004-08-03] (Smart Link)
S3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S3 catchme; \??\C:\DOKUME~1\Champ\LOKALE~1\Temp\catchme.sys [x]
S4 InCDFs; system32\drivers\InCDFs.sys [x]
S1 InCDPass; system32\drivers\InCDPass.sys [x]
S1 InCDRm; system32\drivers\InCDRm.sys [x]
U3 TlntSvr;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-06 11:49 - 2013-07-06 11:49 - 00000000 ____D C:\Windows\ERUNT
2013-07-06 11:49 - 2013-07-06 11:49 - 00000000 ____D C:\JRT
2013-07-06 11:42 - 2013-07-06 11:43 - 00002452 ____A C:\AdwCleaner[S1].txt
2013-07-06 11:42 - 2013-07-06 11:42 - 00002269 ____A C:\AdwCleaner[R1].txt
2013-07-06 08:13 - 2013-07-06 08:13 - 00016934 ____A C:\ComboFix.txt
2013-07-06 08:02 - 2013-07-06 08:02 - 00000000 RASHD C:\cmdcons
2013-07-06 07:34 - 2013-07-06 07:34 - 00000327 ____A C:\Boot.bak
2013-07-06 07:34 - 2004-08-03 23:00 - 00262448 _RASH C:\cmldr
2013-07-06 07:32 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-07-06 07:32 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-07-06 07:32 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-07-06 07:32 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-07-06 07:32 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-07-06 07:32 - 2000-08-31 02:00 - 00212480 ____A (SteelWerX) C:\Windows\SWXCACLS.exe
2013-07-06 07:32 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-07-06 07:32 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-07-06 07:32 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-07-06 07:29 - 2013-07-06 08:13 - 00000000 ____D C:\Qoobox
2013-07-06 07:29 - 2013-07-06 07:44 - 00000000 ____D C:\Windows\erdnt
2013-07-06 07:00 - 2013-07-06 07:00 - 00001086 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7a05bfb8e034.job
2013-07-05 11:29 - 2013-07-05 11:29 - 00000000 ____D C:\FRST
2013-07-03 07:08 - 2013-07-03 07:08 - 00007301 ____A C:\Windows\KB2510531-IE8.log
2013-07-03 07:08 - 2013-07-03 07:08 - 00000000 __HDC C:\Windows\$NtUninstallKB970430$
2013-07-03 07:08 - 2013-07-03 07:08 - 00000000 __HDC C:\Windows\$NtUninstallKB2345886$
2013-07-03 06:59 - 2013-07-03 07:08 - 00012768 ____A C:\Windows\KB2345886.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00028343 ____A C:\Windows\KB974318.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00028106 ____A C:\Windows\KB951978.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00027396 ____A C:\Windows\KB969059.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00026703 ____A C:\Windows\KB2443105.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB974318$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB969059$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB951978$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB2443105$
2013-06-30 09:47 - 2013-06-30 09:48 - 00027629 ____A C:\Windows\KB2481109.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00867240 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-06-30 09:47 - 2013-06-30 09:47 - 00263592 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00094632 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-30 09:47 - 2013-06-30 09:47 - 00027118 ____A C:\Windows\KB971657.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00027056 ____A C:\Windows\KB982132.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00026829 ____A C:\Windows\KB2440591.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB982132$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB971657$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB2481109$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB2440591$
2013-06-30 09:46 - 2013-06-30 09:47 - 00027423 ____A C:\Windows\KB978338.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00027137 ____A C:\Windows\KB2780091.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00027077 ____A C:\Windows\KB2507938.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB978338$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB974112$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB2507938$
2013-06-30 09:45 - 2013-06-30 09:46 - 00027196 ____A C:\Windows\KB974112.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00027722 ____A C:\Windows\KB2624667.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00027481 ____A C:\Windows\KB979687.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00026802 ____A C:\Windows\KB2483185.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00026382 ____A C:\Windows\KB2719985.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00025793 ____A C:\Windows\KB975025.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB979687$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB975025$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2719985$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2624667$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2483185$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2347290$
2013-06-30 09:44 - 2013-06-30 09:44 - 00026841 ____A C:\Windows\KB952004.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00025415 ____A C:\Windows\KB974571.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00025105 ____A C:\Windows\KB973507.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00024523 ____A C:\Windows\KB977816.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00023678 ____A C:\Windows\KB2839229.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB977816$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB975560$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB974571$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB973507$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB952004$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-06-30 09:43 - 2013-06-30 09:44 - 00024908 ____A C:\Windows\KB981322.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00025279 ____A C:\Windows\KB2419632.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00024542 ____A C:\Windows\KB2820917.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00023820 ____A C:\Windows\KB2757638.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00018613 ____A C:\Windows\KB2508429.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017979 ____A C:\Windows\KB2653956.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017634 ____A C:\Windows\KB974392.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017270 ____A C:\Windows\KB2749655.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB981322$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB974392$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2653956$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2508429$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2419632$
2013-06-30 09:42 - 2013-06-30 09:43 - 00016980 ____A C:\Windows\KB971029.log
2013-06-30 09:42 - 2013-06-30 09:42 - 00016695 ____A C:\Windows\KB2506212.log
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB977914$
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB971029$
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB2506212$
2013-06-30 09:41 - 2013-06-30 09:42 - 00017075 ____A C:\Windows\KB977914.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00016601 ____A C:\Windows\KB2705219-v2.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015833 ____A C:\Windows\KB2619339.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015097 ____A C:\Windows\KB2727528.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015023 ____A C:\Windows\KB978542.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB978542$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2705219-v2$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2619339$
2013-06-30 09:40 - 2013-07-03 07:08 - 00013067 ____A C:\Windows\updspapi.log
2013-06-30 09:40 - 2013-06-30 09:41 - 00015144 ____A C:\Windows\KB979482.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015991 ____A C:\Windows\KB2661254-v2.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015712 ____A C:\Windows\KB2813345.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015458 ____A C:\Windows\KB973815.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015408 ____A C:\Windows\KB956802.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015236 ____A C:\Windows\KB978706.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB979482$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB978706$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB973815$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB956802$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2509553$
2013-06-30 09:39 - 2013-07-06 08:44 - 00080879 ____A C:\Windows\setupapi.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00333867 ____A C:\Windows\FaxSetup.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00159624 ____A C:\Windows\ocgen.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00127388 ____A C:\Windows\tsoc.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00110969 ____A C:\Windows\comsetup.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00067158 ____A C:\Windows\ntdtcsetup.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00052777 ____A C:\Windows\iis6.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00018468 ____A C:\Windows\ocmsn.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00016686 ____A C:\Windows\msgsocm.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00001355 ____A C:\Windows\imsins.log
2013-06-30 09:39 - 2013-07-03 07:08 - 00001355 ____A C:\Windows\imsins.BAK
2013-06-30 09:39 - 2013-06-30 09:40 - 00016081 ____A C:\Windows\KB2509553.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00015645 ____A C:\Windows\KB2676562.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00012979 ____A C:\Windows\KB982665.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00011379 ____A C:\Windows\KB2829361.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB982665$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2676562$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2478960$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 ____A C:\Windows\setupact.log
2013-06-30 09:24 - 2010-11-02 17:17 - 00040960 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ndproxy.sys
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB959426$
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB952954$
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB951376-v2$
2013-06-30 02:31 - 2013-06-30 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2467659$
2013-06-30 02:31 - 2013-05-08 00:28 - 00522240 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\jsdbgui.dll
2013-06-30 02:31 - 2011-08-16 12:45 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\iecompat.dll
2013-06-30 02:30 - 2013-06-30 02:33 - 00065536 ____A C:\Windows\System32\config\Internet.evt
2013-06-30 02:30 - 2013-06-30 02:30 - 00000000 ____D C:\Windows\ie8updates
2013-06-30 02:30 - 2013-05-08 00:28 - 11112960 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ieframe.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 02005504 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\iertutil.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00743424 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\iedvtool.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00630272 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msfeeds.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00247808 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ieproxy.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00055296 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msfeedsbs.dll
2013-06-30 02:30 - 2013-05-08 00:28 - 00012800 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\xpshims.dll
2013-06-30 02:29 - 2013-06-30 02:30 - 00000000 __HDC C:\Windows\ie8
2013-06-30 02:24 - 2013-06-02 17:21 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB946648$
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB2712808$
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB2387149$
2013-06-30 02:21 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB960859$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2659262$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2564958$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2544893-v2$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2536276-v2$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2479943$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2478971$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB975558_WM8$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB923723$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2691442$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2631813$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2585542$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2296011$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2115168$
2013-06-30 02:19 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB955759$
2013-06-30 02:19 - 2013-06-30 02:19 - 00006332 ____A C:\Windows\System32\TZLog.log
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB975713$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB950974$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2655992$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2485663$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2378111_WM9$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2229593$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB972270$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB956844$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB956572$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB954155_WM9$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB2686509$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB2598479$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB973869$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB941569$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2592799$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2535512$
2013-06-30 02:16 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB950762$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB978695_WM9$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB973904$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB952287$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2603381$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2570947$
2013-06-30 02:15 - 2013-06-30 02:15 - 00000000 __HDC C:\Windows\$NtUninstallKB973540_WM9$
2013-06-30 02:15 - 2013-06-30 02:15 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB981997$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB979309$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB952069_WM9$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2723135-v2$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2698365$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2618451$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB923561$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2620712$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2393802$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB975467$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2661637$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2584146$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2566454$
2013-06-30 02:11 - 2013-06-30 02:11 - 00000000 __HDC C:\Windows\$NtUninstallKB968389$
2013-06-30 02:11 - 2013-06-30 02:11 - 00000000 __HDC C:\Windows\$NtUninstallKB2423089$
2013-06-30 02:10 - 2013-06-30 02:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2360937$
2013-06-30 02:01 - 2008-06-14 19:32 - 00273024 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\bthport.sys
2013-06-30 01:59 - 2011-02-08 15:33 - 00978944 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mfc42.dll
2013-06-30 01:59 - 2010-09-18 08:52 - 00953856 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mfc40u.dll
2013-06-30 01:58 - 2011-07-15 15:29 - 00456320 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mrxsmb.sys
2013-06-30 01:58 - 2010-08-23 18:11 - 00617472 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\comctl32.dll
2013-06-30 01:57 - 2009-11-21 17:54 - 00471552 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\aclayers.dll
2013-06-30 01:51 - 2010-06-14 16:31 - 00744448 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\helpsvc.exe
2013-06-30 01:50 - 2010-08-27 10:01 - 00119808 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\t2embed.dll
2013-06-30 01:50 - 2009-10-15 18:28 - 00081920 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\fontsub.dll
2013-06-30 01:49 - 2012-12-16 14:23 - 00290560 ____N (Adobe Systems Incorporated) C:\Windows\System32\dllcache\atmfd.dll
2013-06-30 01:49 - 2009-06-21 23:45 - 00153088 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\triedit.dll
2013-06-30 01:49 - 2009-03-06 16:19 - 00286720 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\pdh.dll
2013-06-30 01:49 - 2009-02-09 13:21 - 00111104 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\services.exe
2013-06-30 01:49 - 2009-02-09 12:51 - 00678400 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\advapi32.dll
2013-06-30 01:49 - 2009-02-09 12:51 - 00473600 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\fastprox.dll
2013-06-30 01:49 - 2009-02-09 12:51 - 00453120 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\wmiprvsd.dll
2013-06-30 01:49 - 2009-02-09 12:51 - 00401408 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\rpcss.dll
2013-06-30 01:49 - 2009-02-06 12:10 - 00227840 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\wmiprvse.exe
2013-06-30 01:48 - 2013-02-12 02:32 - 00012928 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\usb8023x.sys
2013-06-30 01:48 - 2013-02-12 02:32 - 00012928 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\usb8023.sys
2013-06-30 01:48 - 2011-08-17 15:49 - 00138496 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\afd.sys
2013-06-30 01:48 - 2011-04-21 15:37 - 00105472 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\mup.sys
2013-06-30 01:48 - 2009-07-28 00:24 - 00128512 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\dhtmled.ocx
2013-06-30 01:48 - 2008-05-08 16:02 - 00203136 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\rmcast.sys
2013-06-30 01:47 - 2013-06-30 01:58 - 00044240 ____A C:\Windows\System32\Drivers\fsbts.sys
2013-06-30 01:47 - 2008-05-01 16:34 - 00331776 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msadce.dll
2013-06-30 01:46 - 2013-06-30 01:46 - 00019406 ____A C:\Windows\prodsett_copy.ini
2013-06-30 01:45 - 2010-02-12 12:03 - 00293376 ____N (Microsoft Corporation) C:\Windows\System32\browserchoice.exe
2013-06-30 01:44 - 2012-05-28 20:16 - 00536576 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msado15.dll
2013-06-30 01:43 - 2012-07-04 16:05 - 00139784 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\rdpwd.sys
2013-06-30 01:43 - 2010-06-18 15:36 - 03558912 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\moviemk.exe
2013-06-30 01:40 - 2013-05-03 07:39 - 02195840 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntoskrnl.exe
2013-06-30 01:40 - 2013-05-03 07:39 - 02152448 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrnlmp.exe
2013-06-30 01:40 - 2013-05-03 07:39 - 02072448 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrnlpa.exe
2013-06-30 01:40 - 2013-05-03 07:39 - 02031104 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrpamp.exe
2013-06-30 01:40 - 2011-07-08 16:02 - 00010496 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ndistapi.sys
2013-06-30 01:40 - 2010-12-09 17:15 - 00743936 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\ntdll.dll
2013-06-30 01:40 - 2010-07-16 14:01 - 00220160 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\wordpad.exe
2013-06-30 01:40 - 2009-11-21 17:54 - 01206508 ____N C:\Windows\System32\dllcache\sysmain.sdb
2013-06-30 01:39 - 2012-01-11 21:06 - 00003072 ____N C:\Windows\System32\iacenc.dll
2013-06-30 01:39 - 2012-01-11 21:06 - 00003072 ____N C:\Windows\System32\dllcache\iacenc.dll
2013-06-30 01:39 - 2010-10-11 16:59 - 00045568 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\wab.exe
2013-06-30 01:39 - 2010-08-16 10:44 - 00590848 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\rpcrt4.dll
2013-06-30 01:25 - 2013-06-30 01:25 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-06-30 01:25 - 2004-08-04 14:00 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\wmpns.dll
2013-06-30 01:19 - 2013-06-30 09:16 - 00000000 ____D C:\Windows\System32\de-de
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\de
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\bits
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\l2schemas
2013-06-30 01:19 - 2012-11-10 02:39 - 00046080 ____N (Microsoft Corporation) C:\Windows\System32\tzchange.exe
2013-06-30 01:19 - 2012-11-06 04:01 - 01371648 ____N (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-06-30 01:19 - 2012-11-06 04:01 - 01371648 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msxml6.dll
2013-06-30 01:19 - 2009-01-07 18:21 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2013-06-30 01:19 - 2008-04-14 07:53 - 00032866 ____N (Smart Link) C:\Windows\slrundll.exe
2013-06-30 01:19 - 2008-04-14 07:53 - 00032768 ____N (Microsoft Corporation) C:\Windows\System32\setupn.exe
2013-06-30 01:19 - 2008-04-14 07:53 - 00028672 ____N (Microsoft Corporation) C:\Windows\System32\vidcap.ax
2013-06-30 01:19 - 2008-04-14 07:53 - 00028672 ____N (Microsoft Corporation) C:\Windows\System32\verclsid.exe
2013-06-30 01:19 - 2008-04-14 07:53 - 00023040 ____N (ATI Technologies Inc.) C:\Windows\System32\ativmvxx.ax
2013-06-30 01:19 - 2008-04-14 07:53 - 00009728 ____N (ATI Technologies Inc.) C:\Windows\System32\ativdaxx.ax
2013-06-30 01:19 - 2008-04-14 07:52 - 04274816 ____N (NVIDIA Corporation) C:\Windows\System32\nv4_disp.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 01737856 ____N (Matrox Graphics Inc.) C:\Windows\System32\mtxparhd.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00870784 ____N (ATI Technologies Inc. ) C:\Windows\System32\ati3d1ag.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00712704 ____N (Microsoft Corporation) C:\Windows\System32\windowscodecs.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00651264 ____N (Microsoft Corporation) C:\Windows\System32\dot3ui.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00412160 ____N (Microsoft Corporation) C:\Windows\System32\photometadatahandler.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00397312 ____N (Microsoft Corporation) C:\Windows\System32\mmcex.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00397056 ____N (S3 Graphics, Inc.) C:\Windows\System32\s3gnb.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00377984 ____N (ATI Technologies Inc.) C:\Windows\System32\ati2dvaa.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00346112 ____N (Microsoft Corporation) C:\Windows\System32\windowscodecsext.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00294400 ____N (Microsoft Corporation) C:\Windows\System32\qagentrt.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00290304 ____N (Microsoft Corporation) C:\Windows\System32\rhttpaa.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00276992 ____N (Microsoft Corporation) C:\Windows\System32\wmphoto.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00233472 ____N (Microsoft Corporation) C:\Windows\System32\azroles.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00198656 ____N (Microsoft Corporation) C:\Windows\System32\napmontr.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00184832 ____N (Microsoft Corporation) C:\Windows\System32\eapp3hst.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00184320 ____N (Microsoft Corporation) C:\Windows\System32\microsoft.managementconsole.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00182272 ____N (Microsoft Corporation) C:\Windows\System32\eapphost.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00177664 ____N (Microsoft Corporation) C:\Windows\System32\napstat.exe
2013-06-30 01:19 - 2008-04-14 07:52 - 00155136 ____N (Microsoft Corporation) C:\Windows\System32\mssha.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00151040 ____N (Microsoft Corporation) C:\Windows\System32\qagent.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00145408 ____N (Microsoft Corporation) C:\Windows\System32\onex.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00136192 ____N (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00133120 ____N (Microsoft Corporation) C:\Windows\System32\dot3svc.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00126976 ____N (Microsoft Corporation) C:\Windows\System32\eappcfg.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00106496 ____N (Microsoft Corporation) C:\Windows\System32\mmcfxcommon.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00095232 ____N (Microsoft Corporation) C:\Windows\System32\eappgnui.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00086016 ____N (Conexant) C:\Windows\System32\mdmxsdk.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00076800 ____N (Microsoft Corporation) C:\Windows\System32\qutil.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00069120 ____N (Microsoft Corporation) C:\Windows\System32\wlanapi.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00062976 ____N (Microsoft Corporation) C:\Windows\System32\dot3cfg.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00062464 ____N (Microsoft Corporation) C:\Windows\System32\qcliprov.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00061952 ____N (Microsoft Corporation) C:\Windows\System32\rasqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00061440 ____N (Microsoft Corporation) C:\Windows\System32\kmsvc.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00059392 ____N (Microsoft Corporation) C:\Windows\System32\eapqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00056832 ____N (Microsoft Corporation) C:\Windows\System32\dot3msm.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00053248 ____N (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00050688 ____N (Microsoft Corporation) C:\Windows\System32\tspkg.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00048640 ____N (Microsoft Corporation) C:\Windows\System32\dhcpqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00040960 ____N (Microsoft Corporation) C:\Windows\System32\eappprxy.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00039936 ____N (Microsoft Corporation) C:\Windows\System32\dot3gpclnt.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00039936 ____N (Microsoft Corporation) C:\Windows\System32\dimsroam.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00037376 ____N (Microsoft Corporation) C:\Windows\System32\l2gpstore.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00033792 ____N (Microsoft Corporation) C:\Windows\System32\mmcperf.exe
2013-06-30 01:19 - 2008-04-14 07:52 - 00033792 ____N (Microsoft Corporation) C:\Windows\System32\eapsvc.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00032768 ____N (ATI Technologies Inc.) C:\Windows\System32\ativtmxx.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00032285 ____N (Conexant Systems, Inc.) C:\Windows\System32\hsfcisp2.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00030720 ____N (Microsoft Corporation) C:\Windows\System32\eapolqec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00030208 ____N (Microsoft Corporation) C:\Windows\System32\napipsec.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00026112 ____N (Microsoft Corporation) C:\Windows\System32\dot3api.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00019456 ____N (Microsoft Corporation) C:\Windows\System32\dimsntfy.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00012800 ____N (Microsoft Corporation) C:\Windows\System32\credssp.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00009216 ____N (Microsoft Corporation) C:\Windows\System32\dot3dlg.dll
2013-06-30 01:19 - 2008-04-14 07:52 - 00007168 ____N (Microsoft Corporation) C:\Windows\System32\bitsprx4.dll
2013-06-30 01:19 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdpash.dll
2013-06-30 01:19 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdnepr.dll
2013-06-30 01:19 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdiultn.dll
2013-06-30 01:19 - 2008-04-14 07:50 - 00006144 ____N (Microsoft Corporation) C:\Windows\System32\kbdbhc.dll
2013-06-30 01:19 - 2008-04-14 07:27 - 00093184 ____N (Microsoft Corporation) C:\Windows\System32\msxml6r.dll
2013-06-30 01:19 - 2008-04-14 07:27 - 00093184 ____N (Microsoft Corporation) C:\Windows\System32\dllcache\msxml6r.dll
2013-06-30 01:19 - 2008-04-14 07:26 - 00081408 ____N (Microsoft Corporation) C:\Windows\System32\msshavmsg.dll
2013-06-30 01:16 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\ServicePackFiles
2013-06-30 01:14 - 2013-02-12 02:32 - 00012928 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023x.sys
2013-06-30 01:14 - 2008-06-14 19:32 - 00273024 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2013-06-30 01:14 - 2008-04-14 07:52 - 00025471 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv04nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00021183 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv01nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00017279 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv10nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00015423 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\ch7xxnt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00014143 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv06nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00011359 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\atv02nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00011325 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\vchnt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00004255 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv01nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003967 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv02nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003901 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\siint5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003775 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv11nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003711 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv09nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003647 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv07nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003615 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv05nt5.dll
2013-06-30 01:14 - 2008-04-14 07:52 - 00003135 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\adv08nt5.dll
2013-06-30 01:14 - 2008-04-14 07:24 - 00025856 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2013-06-30 01:14 - 2008-04-14 07:21 - 00327168 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2mtaa.sys
2013-06-30 01:14 - 2008-04-14 00:26 - 00030592 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\rndismpx.sys
2013-06-30 01:14 - 2008-04-14 00:21 - 00101120 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthpan.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00121984 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00059136 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00037888 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthmodem.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00036480 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthprint.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00018944 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthusb.sys
2013-06-30 01:14 - 2008-04-14 00:16 - 00017024 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2013-06-30 01:14 - 2008-04-14 00:15 - 00019200 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hidir.sys
2013-06-30 01:14 - 2008-04-14 00:13 - 00014208 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\wacompen.sys
2013-06-30 01:14 - 2008-04-14 00:13 - 00012672 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\mutohpen.sys
2013-06-30 01:14 - 2008-04-14 00:10 - 00010240 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\sffp_mmc.sys
2013-06-30 01:14 - 2008-04-14 00:06 - 00046464 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\gagp30kx.sys
2013-06-30 01:14 - 2008-04-14 00:06 - 00044672 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\uagp35.sys
2013-06-30 01:14 - 2008-04-14 00:06 - 00005888 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\smbali.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 01041536 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfdpsp2.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 00685056 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfcxts2.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 00220032 ____N (Conexant Systems, Inc.) C:\Windows\System32\Drivers\hsfbs2s2.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 00129535 ____N (Smart Link) C:\Windows\System32\Drivers\slnt7554.sys
2013-06-30 01:14 - 2008-04-13 23:53 - 00011868 ____N (Conexant) C:\Windows\System32\Drivers\mdmxsdk.sys
2013-06-30 01:14 - 2008-04-13 22:06 - 00144384 ____N (Windows (R) Server 2003 DDK provider) C:\Windows\System32\Drivers\hdaudbus.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 01897408 ____N (NVIDIA Corporation) C:\Windows\System32\Drivers\nv4_mini.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00452736 ____N (Matrox Graphics Inc.) C:\Windows\System32\Drivers\mtxparhm.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00166912 ____N (S3 Graphics, Inc.) C:\Windows\System32\Drivers\s3gnbm.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00104960 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinrvxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00073216 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atintuxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00063663 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1rvxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00063488 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxsxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00057856 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinbtxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00056623 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1btxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00052224 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinraxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00036463 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1tuxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00034735 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xsxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00031744 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinxbxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00030671 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1raxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00029455 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1xbxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00028672 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinsnxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00026367 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1snxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00025471 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\watv10nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00022271 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\watv06nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00021343 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1ttxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00014336 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinpdxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinttxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\atinmdxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00012047 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1pdxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011935 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv11nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011871 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv09nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011807 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv07nt.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011615 ____N (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati1mdxx.sys
2013-06-30 01:14 - 2008-04-13 22:04 - 00011295 ____N (Intel(R) Corporation) C:\Windows\System32\Drivers\wadv08nt.sys
2013-06-30 01:14 - 2007-04-02 21:36 - 00129045 ____N C:\Windows\System32\Drivers\cxthsfs2.cty
2013-06-30 01:14 - 2006-12-29 20:21 - 00064352 ____N C:\Windows\System32\Drivers\ativmc20.cod
2013-06-30 01:14 - 2006-12-29 20:02 - 00067866 ____N C:\Windows\System32\Drivers\netwlan5.img
2013-06-30 01:11 - 2006-12-29 00:31 - 00019569 ____A C:\Windows\002643_.tmp
2013-06-30 01:09 - 2013-06-30 01:11 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-06-29 19:09 - 2013-06-29 19:09 - 00000000 ___HD C:\Windows\PIF
==================== One Month Modified Files and Folders ========
2013-07-06 12:20 - 2005-10-25 14:25 - 00000000 ___RD C:\Programme
2013-07-06 11:49 - 2013-07-06 11:49 - 00000000 ____D C:\Windows\ERUNT
2013-07-06 11:49 - 2013-07-06 11:49 - 00000000 ____D C:\JRT
2013-07-06 11:46 - 2005-02-01 11:53 - 01861092 ____A C:\Windows\WindowsUpdate.log
2013-07-06 11:45 - 2006-07-08 09:46 - 00000660 ____A C:\Windows\ULEAD32.INI
2013-07-06 11:45 - 2005-02-01 11:50 - 00000159 ____A C:\Windows\wiadebug.log
2013-07-06 11:45 - 2005-02-01 11:50 - 00000050 ____A C:\Windows\wiaservc.log
2013-07-06 11:43 - 2013-07-06 11:42 - 00002452 ____A C:\AdwCleaner[S1].txt
2013-07-06 11:42 - 2013-07-06 11:42 - 00002269 ____A C:\AdwCleaner[R1].txt
2013-07-06 08:44 - 2013-06-30 09:39 - 00080879 ____A C:\Windows\setupapi.log
2013-07-06 08:44 - 2005-01-18 21:17 - 00000617 ____A C:\Windows\win.ini
2013-07-06 08:43 - 2007-07-08 10:56 - 00000004 ____A C:\Windows\msoffice.ini
2013-07-06 08:13 - 2013-07-06 08:13 - 00016934 ____A C:\ComboFix.txt
2013-07-06 08:13 - 2013-07-06 07:29 - 00000000 ____D C:\Qoobox
2013-07-06 08:11 - 2005-01-18 21:17 - 00000435 ____A C:\Windows\system.ini
2013-07-06 08:02 - 2013-07-06 08:02 - 00000000 RASHD C:\cmdcons
2013-07-06 08:02 - 2005-01-18 21:17 - 00000327 _RASH C:\boot.ini
2013-07-06 07:44 - 2013-07-06 07:29 - 00000000 ____D C:\Windows\erdnt
2013-07-06 07:34 - 2013-07-06 07:34 - 00000327 ____A C:\Boot.bak
2013-07-06 07:00 - 2013-07-06 07:00 - 00001086 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce7a05bfb8e034.job
2013-07-05 11:29 - 2013-07-05 11:29 - 00000000 ____D C:\FRST
2013-07-04 17:54 - 2006-05-26 16:27 - 00000116 ____A C:\Windows\NeroDigital.ini
2013-07-04 17:18 - 2012-04-14 17:01 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-07-04 17:18 - 2012-04-14 17:01 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-04 17:18 - 2011-08-21 09:33 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-07-04 17:09 - 2005-01-18 21:17 - 00012598 ____A C:\Windows\System32\wpa.dbl
2013-07-03 07:08 - 2013-07-03 07:08 - 00007301 ____A C:\Windows\KB2510531-IE8.log
2013-07-03 07:08 - 2013-07-03 07:08 - 00000000 __HDC C:\Windows\$NtUninstallKB970430$
2013-07-03 07:08 - 2013-07-03 07:08 - 00000000 __HDC C:\Windows\$NtUninstallKB2345886$
2013-07-03 07:08 - 2013-07-03 06:59 - 00012768 ____A C:\Windows\KB2345886.log
2013-07-03 07:08 - 2013-06-30 09:40 - 00013067 ____A C:\Windows\updspapi.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00333867 ____A C:\Windows\FaxSetup.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00159624 ____A C:\Windows\ocgen.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00127388 ____A C:\Windows\tsoc.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00110969 ____A C:\Windows\comsetup.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00067158 ____A C:\Windows\ntdtcsetup.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00052777 ____A C:\Windows\iis6.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00018468 ____A C:\Windows\ocmsn.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00016686 ____A C:\Windows\msgsocm.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00001355 ____A C:\Windows\imsins.log
2013-07-03 07:08 - 2013-06-30 09:39 - 00001355 ____A C:\Windows\imsins.BAK
2013-07-03 07:08 - 2005-10-25 14:25 - 00000000 ___HD C:\Windows\$hf_mig$
2013-06-30 10:07 - 2005-02-01 11:47 - 00196160 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-30 09:48 - 2013-06-30 09:48 - 00028343 ____A C:\Windows\KB974318.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00028106 ____A C:\Windows\KB951978.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00027396 ____A C:\Windows\KB969059.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00026703 ____A C:\Windows\KB2443105.log
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB974318$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB969059$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB951978$
2013-06-30 09:48 - 2013-06-30 09:48 - 00000000 __HDC C:\Windows\$NtUninstallKB2443105$
2013-06-30 09:48 - 2013-06-30 09:47 - 00027629 ____A C:\Windows\KB2481109.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00867240 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-06-30 09:47 - 2013-06-30 09:47 - 00263592 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00175016 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-06-30 09:47 - 2013-06-30 09:47 - 00094632 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2013-06-30 09:47 - 2013-06-30 09:47 - 00027118 ____A C:\Windows\KB971657.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00027056 ____A C:\Windows\KB982132.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00026829 ____A C:\Windows\KB2440591.log
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB982132$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB971657$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB2481109$
2013-06-30 09:47 - 2013-06-30 09:47 - 00000000 __HDC C:\Windows\$NtUninstallKB2440591$
2013-06-30 09:47 - 2013-06-30 09:46 - 00027423 ____A C:\Windows\KB978338.log
2013-06-30 09:47 - 2011-06-26 10:01 - 00789416 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-06-30 09:47 - 2011-06-26 10:01 - 00144896 ____A (Oracle Corporation) C:\Windows\System32\javacpl.cpl
2013-06-30 09:47 - 2005-02-01 11:48 - 00897778 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-30 09:46 - 2013-06-30 09:46 - 00027137 ____A C:\Windows\KB2780091.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00027077 ____A C:\Windows\KB2507938.log
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB978338$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB974112$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB2780091$
2013-06-30 09:46 - 2013-06-30 09:46 - 00000000 __HDC C:\Windows\$NtUninstallKB2507938$
2013-06-30 09:46 - 2013-06-30 09:45 - 00027196 ____A C:\Windows\KB974112.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00027722 ____A C:\Windows\KB2624667.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00027481 ____A C:\Windows\KB979687.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00026802 ____A C:\Windows\KB2483185.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00026382 ____A C:\Windows\KB2719985.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00025793 ____A C:\Windows\KB975025.log
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB979687$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB975025$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2719985$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2624667$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2483185$
2013-06-30 09:45 - 2013-06-30 09:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2347290$
2013-06-30 09:44 - 2013-06-30 09:44 - 00026841 ____A C:\Windows\KB952004.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00025415 ____A C:\Windows\KB974571.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00025105 ____A C:\Windows\KB973507.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00024523 ____A C:\Windows\KB977816.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00023678 ____A C:\Windows\KB2839229.log
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB977816$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB975560$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB974571$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB973507$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB952004$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB2839229$
2013-06-30 09:44 - 2013-06-30 09:44 - 00000000 __HDC C:\Windows\$NtUninstallKB2770660$
2013-06-30 09:44 - 2013-06-30 09:43 - 00024908 ____A C:\Windows\KB981322.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00025279 ____A C:\Windows\KB2419632.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00024542 ____A C:\Windows\KB2820917.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00023820 ____A C:\Windows\KB2757638.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00018613 ____A C:\Windows\KB2508429.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017979 ____A C:\Windows\KB2653956.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017634 ____A C:\Windows\KB974392.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00017270 ____A C:\Windows\KB2749655.log
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB981322$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB974392$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2757638$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2749655$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2653956$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2508429$
2013-06-30 09:43 - 2013-06-30 09:43 - 00000000 __HDC C:\Windows\$NtUninstallKB2419632$
2013-06-30 09:43 - 2013-06-30 09:42 - 00016980 ____A C:\Windows\KB971029.log
2013-06-30 09:42 - 2013-06-30 09:42 - 00016695 ____A C:\Windows\KB2506212.log
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB977914$
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB971029$
2013-06-30 09:42 - 2013-06-30 09:42 - 00000000 __HDC C:\Windows\$NtUninstallKB2506212$
2013-06-30 09:42 - 2013-06-30 09:41 - 00017075 ____A C:\Windows\KB977914.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00016601 ____A C:\Windows\KB2705219-v2.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015833 ____A C:\Windows\KB2619339.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015097 ____A C:\Windows\KB2727528.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00015023 ____A C:\Windows\KB978542.log
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB978542$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2727528$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2705219-v2$
2013-06-30 09:41 - 2013-06-30 09:41 - 00000000 __HDC C:\Windows\$NtUninstallKB2619339$
2013-06-30 09:41 - 2013-06-30 09:40 - 00015144 ____A C:\Windows\KB979482.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015991 ____A C:\Windows\KB2661254-v2.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015712 ____A C:\Windows\KB2813345.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015458 ____A C:\Windows\KB973815.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015408 ____A C:\Windows\KB956802.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00015236 ____A C:\Windows\KB978706.log
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB979482$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB978706$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB973815$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB956802$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2661254-v2$
2013-06-30 09:40 - 2013-06-30 09:40 - 00000000 __HDC C:\Windows\$NtUninstallKB2509553$
2013-06-30 09:40 - 2013-06-30 09:39 - 00016081 ____A C:\Windows\KB2509553.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00015645 ____A C:\Windows\KB2676562.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00012979 ____A C:\Windows\KB982665.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00011379 ____A C:\Windows\KB2829361.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB982665$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2829361$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2676562$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 __HDC C:\Windows\$NtUninstallKB2478960$
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 ____A C:\Windows\setuperr.log
2013-06-30 09:39 - 2013-06-30 09:39 - 00000000 ____A C:\Windows\setupact.log
2013-06-30 09:33 - 2012-01-10 15:05 - 00000000 ____D C:\Windows\Minidump
2013-06-30 09:16 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\de-de
2013-06-30 09:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\Help
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB959426$
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB952954$
2013-06-30 02:33 - 2013-06-30 02:33 - 00000000 __HDC C:\Windows\$NtUninstallKB951376-v2$
2013-06-30 02:33 - 2013-06-30 02:30 - 00065536 ____A C:\Windows\System32\config\Internet.evt
2013-06-30 02:31 - 2013-06-30 02:31 - 00000000 __HDC C:\Windows\$NtUninstallKB2467659$
2013-06-30 02:30 - 2013-06-30 02:30 - 00000000 ____D C:\Windows\ie8updates
2013-06-30 02:30 - 2013-06-30 02:29 - 00000000 __HDC C:\Windows\ie8
2013-06-30 02:30 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\Media
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB946648$
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB2712808$
2013-06-30 02:22 - 2013-06-30 02:22 - 00000000 __HDC C:\Windows\$NtUninstallKB2387149$
2013-06-30 02:22 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB960859$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2758857$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2659262$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2564958$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2544893-v2$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2536276-v2$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2479943$
2013-06-30 02:21 - 2013-06-30 02:21 - 00000000 __HDC C:\Windows\$NtUninstallKB2478971$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB975558_WM8$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB923723$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2691442$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2631813$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2585542$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2296011$
2013-06-30 02:20 - 2013-06-30 02:20 - 00000000 __HDC C:\Windows\$NtUninstallKB2115168$
2013-06-30 02:20 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB955759$
2013-06-30 02:19 - 2013-06-30 02:19 - 00006332 ____A C:\Windows\System32\TZLog.log
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB975713$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB950974$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2802968$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2779562$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2655992$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2485663$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2378111_WM9$
2013-06-30 02:19 - 2013-06-30 02:19 - 00000000 __HDC C:\Windows\$NtUninstallKB2229593$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB972270$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB956844$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB956572$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB954155_WM9$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB2686509$
2013-06-30 02:18 - 2013-06-30 02:18 - 00000000 __HDC C:\Windows\$NtUninstallKB2598479$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB973869$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB941569$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2753842-v2$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2592799$
2013-06-30 02:17 - 2013-06-30 02:17 - 00000000 __HDC C:\Windows\$NtUninstallKB2535512$
2013-06-30 02:17 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB950762$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB978695_WM9$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB973904$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB952287$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2807986$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2603381$
2013-06-30 02:16 - 2013-06-30 02:16 - 00000000 __HDC C:\Windows\$NtUninstallKB2570947$
2013-06-30 02:15 - 2013-06-30 02:15 - 00000000 __HDC C:\Windows\$NtUninstallKB973540_WM9$
2013-06-30 02:15 - 2013-06-30 02:15 - 00000000 __HDC C:\Windows\$NtUninstallKB2820197$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB981997$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB979309$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB952069_WM9$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2723135-v2$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2698365$
2013-06-30 02:14 - 2013-06-30 02:14 - 00000000 __HDC C:\Windows\$NtUninstallKB2618451$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB923561$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2620712$
2013-06-30 02:13 - 2013-06-30 02:13 - 00000000 __HDC C:\Windows\$NtUninstallKB2393802$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB975467$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2661637$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2584146$
2013-06-30 02:12 - 2013-06-30 02:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2566454$
2013-06-30 02:11 - 2013-06-30 02:11 - 00000000 __HDC C:\Windows\$NtUninstallKB968389$
2013-06-30 02:11 - 2013-06-30 02:11 - 00000000 __HDC C:\Windows\$NtUninstallKB2423089$
2013-06-30 02:10 - 2013-06-30 02:10 - 00000000 __HDC C:\Windows\$NtUninstallKB2360937$
2013-06-30 01:58 - 2013-06-30 01:47 - 00044240 ____A C:\Windows\System32\Drivers\fsbts.sys
2013-06-30 01:46 - 2013-06-30 01:46 - 00019406 ____A C:\Windows\prodsett_copy.ini
2013-06-30 01:25 - 2013-06-30 01:25 - 00000090 ____A C:\Windows\System32\spupdwxp.log
2013-06-30 01:25 - 2005-01-18 21:30 - 00316640 ____A C:\Windows\WMSysPr9.prx
2013-06-30 01:23 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\security
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\de
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\System32\bits
2013-06-30 01:19 - 2013-06-30 01:19 - 00000000 ____D C:\Windows\l2schemas
2013-06-30 01:19 - 2013-06-30 01:16 - 00000000 ____D C:\Windows\ServicePackFiles
2013-06-30 01:19 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\System32\usmt
2013-06-30 01:19 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\PeerNet
2013-06-30 01:19 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\ime
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\System32\Restore
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\System32\npp
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\System32\Com
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\system
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\srchasst
2013-06-30 01:16 - 2005-10-25 14:25 - 00000000 ____D C:\Windows\msagent
2013-06-30 01:13 - 2005-01-18 21:17 - 00251712 _RASH C:\ntldr
2013-06-30 01:11 - 2013-06-30 01:09 - 00000000 __HDC C:\Windows\$NtServicePackUninstall$
2013-06-30 01:11 - 2005-10-25 12:09 - 00000000 ____D C:\Windows\System32\ReinstallBackups
2013-06-29 19:09 - 2013-06-29 19:09 - 00000000 ___HD C:\Windows\PIF
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2005-01-18 21:17] - [2008-04-14 07:52] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2005-01-18 21:17] - [2008-04-14 07:53] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2005-01-18 21:17] - [2008-04-14 07:53] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2005-01-18 21:17] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc
C:\Windows\System32\User32.dll
[2005-01-18 21:17] - [2008-04-14 07:52] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2005-01-18 21:17] - [2008-04-14 07:53] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2005-01-18 21:17] - [2008-04-14 07:22] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
|
|
06.07.2013, 17:53
| #11 |
| /// the machine /// TB-Ausbilder | Wie bekomme ich "dirtydecrypt.exe" wieder los? Adobe und Firefox updaten. ESET Funde manuell löschen und Papierkorb leeren, ausser die sachen in System Volume Information. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.07.2013, 18:31
| #12 |
| | Wie bekomme ich "dirtydecrypt.exe" wieder los? Uppss.... wie mache ich das denn? Also den Adobe Reader kann ich manuell updaten , bei Firefox ist wohl die aktuellste Version drauf. Aber wie lösche ich die ESET-Funde manuell? |
|
07.07.2013, 06:15
| #13 |
| /// the machine /// TB-Ausbilder | Wie bekomme ich "dirtydecrypt.exe" wieder los? Ich hab schnell en Script gebastelt. Die von ESET angemeckerten alten Backups musste aber selbst löschen. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Dokumente und Einstellungen\Champ\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\12\21bc400c-2a4a0a5a.virus
C:\Dokumente und Einstellungen\Champ\Desktop\messer-v0992-setup.zip
C:\Dokumente und Einstellungen\Champ\Desktop\NXSetup_Vista(x86).zip
C:\Dokumente und Einstellungen\Champ\Eigene Dateien\Archos_USB_Drivers_05-2004.zip
C:\Dokumente und Einstellungen\Champ\Eigene Dateien\Inhaltsverzeichnis.zip
C:\Dokumente und Einstellungen\Champ\Lokale Einstellungen\Anwendungsdaten\Dirty
C:\Programme\Dirty
C:\Programme\Java\jre6\lib\deploy\ffjcext.zip
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Noch Probleme mit dem Rechner?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.07.2013, 18:59
| #14 |
| | Wie bekomme ich "dirtydecrypt.exe" wieder los? Hi schraubet, danke. Ich werde das in ca 4 Wochen probieren, da es sich nicht um meinen Rechner handelt und ich den Rechner erst in 4 Wochen "Wiedersehe". Aber ich hatte am Sonntag noch alle befallenen Dateien einzeln gelöscht - hat aber auch nix an der Sachlage geändert. Jede datei, die ich öffnen will, ist verschlüsselt mit diesem dirty trojanet. Mist. Is echt ein fieses Problem! Meld mich, wenn ich deine Tipps befolgt hab. Danke nochmal! |
|
09.07.2013, 19:48
| #15 |
| /// the machine /// TB-Ausbilder | Wie bekomme ich "dirtydecrypt.exe" wieder los? Die Verschlüsseliung ansich wird sich auch nicht ändern, die DAteien sind futsch.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Wie bekomme ich "dirtydecrypt.exe" wieder los? |
| adobe flash player, audiograbber, dirtydecrypt.exe, firefox, flash player, hijackthis, iexplore.exe, js/adware.searchpage.a, js/logo.a, ntdll.dll, nvidia, plug-in, realtek, start up, temp, vista, win32/filecoder.bh, win32/filecoder.bh.gen, win32/injector.agqg, windows internet |
Linear-Darstellung
