Ich habe auf Löschen geklickt und er hat einmal neugestartet und es hat sich diese Textdatei geöffnet: AdwCleaner Logfile: Code: # AdwCleaner v2.304 - Datei am 05/07/2013 um 14:34:34 erstellt Jetzt habe ich hier die Combofix.txt Combofix Logfile: Code: ComboFix 13-07-04.01 - Maximilians 05.07.2013 15:15:55.1.2 - x64 72B8CE41AF0DE751C946802B3ED844B4 |
Ja, das passt so. Weiter mit dem nächsten Schritt. :) |
Hier noch die OTL (die ist in zwei Teile weil die über 120000 Zeichen hat): OTL logfile created on: 7/5/2013 3:41:38 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Maximilians\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5.98 Gb Total Physical Memory | 4.70 Gb Available Physical Memory | 78.53% Memory free 11.96 Gb Paging File | 10.58 Gb Available in Paging File | 88.46% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 372.60 Gb Total Space | 301.07 Gb Free Space | 80.80% Space Free | Partition Type: NTFS Drive D: | 540.33 Gb Total Space | 469.51 Gb Free Space | 86.89% Space Free | Partition Type: NTFS Drive E: | 544.22 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive F: | 995.97 Mb Total Space | 995.95 Mb Free Space | 100.00% Space Free | Partition Type: FAT Computer Name: DITTRICH-PC | User Name: Maximilians | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/07/05 15:40:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maximilians\Desktop\OTL.exe PRC - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2013/02/05 17:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe PRC - [2013/01/18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011/12/15 19:08:54 | 000,018,432 | ---- | M] () -- C:\Users\Maximilians\AppData\LocalLow\pdfEngine\IE\pdfEngineUpdater.exe PRC - [2010/11/10 21:23:44 | 001,204,656 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe PRC - [2010/11/03 12:42:32 | 000,909,440 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.10\aaHMSvc.exe PRC - [2010/10/29 06:35:30 | 001,421,440 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe PRC - [2010/10/28 23:34:18 | 000,330,368 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe PRC - [2010/10/28 05:40:12 | 000,917,120 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.12\atkexComSvc.exe PRC - [2010/10/21 11:52:26 | 000,586,880 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.10\AsSysCtrlService.exe PRC - [2010/10/06 07:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010/10/06 07:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010/09/25 07:29:32 | 001,115,776 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe PRC - [2009/12/23 23:59:42 | 000,232,064 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe PRC - [2009/12/23 23:59:22 | 000,203,392 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysWOW64\AsHookDevice.exe PRC - [2009/07/23 16:16:54 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe ========== Modules (No Company Name) ========== MOD - [2010/10/20 23:45:30 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll MOD - [2010/10/16 03:40:30 | 001,031,680 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll MOD - [2010/10/15 03:07:56 | 001,240,064 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll MOD - [2010/10/07 06:56:50 | 001,246,720 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll MOD - [2010/09/28 06:51:16 | 001,607,168 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll MOD - [2010/09/28 06:51:12 | 000,881,664 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll MOD - [2010/09/28 03:34:10 | 001,030,144 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll MOD - [2010/08/23 04:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.10\aaHMLib.dll MOD - [2010/08/07 04:13:48 | 000,886,272 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll MOD - [2010/08/07 04:11:20 | 000,850,944 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll MOD - [2010/08/07 04:10:22 | 000,964,608 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll MOD - [2010/06/22 01:21:22 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll MOD - [2010/06/22 01:21:22 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll MOD - [2009/08/13 06:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll ========== Services (SafeList) ========== SRV:64bit: - [2012/06/02 16:30:55 | 000,354,304 | ---- | M] (Parental Solutions Inc.) [Auto | Running] -- C:\Windows\SysNative\pouafxzw3.dll -- (Dnscache) SRV:64bit: - [2011/04/27 18:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013/06/13 13:43:13 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/05/04 01:35:30 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2013/02/26 00:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013/02/07 14:10:08 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013/02/05 17:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService) SRV - [2013/01/18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012/10/11 03:04:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2011/12/24 21:37:59 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service) SRV - [2011/12/15 19:08:54 | 000,018,432 | ---- | M] () [Auto | Running] -- C:\Users\Maximilians\AppData\LocalLow\pdfEngine\IE\pdfEngineUpdater.exe -- (pdfEngineUpdater) SRV - [2010/11/03 12:42:32 | 000,909,440 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.10\aaHMSvc.exe -- (asHmComSvc) SRV - [2010/10/28 05:40:12 | 000,917,120 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.12\atkexComSvc.exe -- (asComSvc) SRV - [2010/10/21 11:52:26 | 000,586,880 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.10\AsSysCtrlService.exe -- (AsSysCtrlService) SRV - [2010/10/06 07:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010/10/06 07:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/12/23 23:59:22 | 000,203,392 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysWOW64\AsHookDevice.exe -- (Device Handle Service) SRV - [2009/07/23 16:16:54 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/08/23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012/07/03 17:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/21 19:46:18 | 000,396,776 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci) DRV:64bit: - [2012/02/21 19:46:18 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3) DRV:64bit: - [2011/12/30 17:31:48 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2011/12/30 17:31:47 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2011/11/03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2011/07/28 19:04:20 | 003,372,632 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\S6000KNT.sys -- (S6000KNT) DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011/05/18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) DRV:64bit: - [2011/04/27 16:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2011/04/14 05:47:55 | 000,031,216 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010/08/11 19:37:38 | 000,150,120 | ---- | M] (VMLite, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMLiteUSB.sys -- (VMLiteUSB) DRV:64bit: - [2010/01/14 14:27:46 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60) DRV:64bit: - [2010/01/14 14:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM) DRV:64bit: - [2010/01/14 14:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT) DRV:64bit: - [2010/01/14 14:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN) DRV:64bit: - [2010/01/14 14:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009/06/10 22:35:35 | 000,620,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/04/29 17:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{7a085852-6757-4e38-8874-40baece5c3ae}: "URL" = hxxp://www.searchbrowsing.com/search/?uid=f74eb03e1e3bfa1fde504406f389d699&o=1&pid=100&v=1&q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2480817896-7712123-1716404038-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-21-2480817896-7712123-1716404038-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google IE - HKU\S-1-5-21-2480817896-7712123-1716404038-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google IE - HKU\S-1-5-21-2480817896-7712123-1716404038-1005\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-2480817896-7712123-1716404038-1005\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2480817896-7712123-1716404038-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-2480817896-7712123-1716404038-1005\..\SearchScopes\{135C526E-BDFE-41D0-9A62-D1249E9B4219}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKU\S-1-5-21-2480817896-7712123-1716404038-1005\..\SearchScopes\{7a085852-6757-4e38-8874-40baece5c3ae}: "URL" = hxxp://www.searchbrowsing.com/search/?uid=f74eb03e1e3bfa1fde504406f389d699&o=1&pid=100&v=1&q={searchTerms} IE - HKU\S-1-5-21-2480817896-7712123-1716404038-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2480817896-7712123-1716404038-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: D:\ADOBE\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Java\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: D:\ADOBE\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: D:\Program Files (x86)\M F\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: D:\Program Files (x86)\M F\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: D:\Program Files (x86)\M F\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: D:\Program Files (x86)\M F\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins [2012/10/25 18:59:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maximilians\AppData\Roaming\mozilla\Extensions [2013/07/05 14:34:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maximilians\AppData\Roaming\mozilla\Firefox\Profiles\db9k2owu.default\extensions [2013/05/28 18:09:42 | 000,197,611 | ---- | M] () (No name found) -- C:\Users\Maximilians\AppData\Roaming\mozilla\firefox\profiles\db9k2owu.default\extensions\ftdownloader4@ftdownloader.com.xpi ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: Google CHR - Extension: No name found = C:\Users\Maximilians\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: No name found = C:\Users\Maximilians\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.18_0\ CHR - Extension: No name found = C:\Users\Maximilians\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbloffcplnaihnffcbhddagjmcdbpmmm\1.0.0\ CHR - Extension: No name found = C:\Users\Maximilians\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffkfifglkblfdjhokijnhaggggpjoai\2.19.7_0\ CHR - Extension: No name found = C:\Users\Maximilians\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013/07/05 15:20:20 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (pdfEngine) - {435405E9-1E2A-447F-9930-652D5700BD55} - C:\Users\Maximilians\AppData\LocalLow\pdfEngine\IE\pdfEngine.dll (Adobe Systems Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Java\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-2480817896-7712123-1716404038-1005\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found. O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe (ASUSTeK Computer Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2480817896-7712123-1716404038-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2480817896-7712123-1716404038-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2480817896-7712123-1716404038-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-2480817896-7712123-1716404038-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-2480817896-7712123-1716404038-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Maximilians\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Maximilians\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe File not found O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe File not found O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - D:\TS3\ICQ7M\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - D:\TS3\ICQ7M\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\UDDIqkgc8.dll (IMS, Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BAB0777-8563-4859-A8F0-A577168B29EA}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\cdo - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012/05/07 19:46:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2000/01/23 20:39:44 | 000,000,050 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/07/05 22:42:23 | 000,000,000 | ---D | C] -- C:\FRST [2013/07/05 15:40:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Maximilians\Desktop\OTL.exe [2013/07/05 15:25:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013/07/05 15:21:38 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013/07/05 14:51:39 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013/07/05 14:51:39 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013/07/05 14:51:39 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013/07/05 14:49:10 | 000,000,000 | ---D | C] -- C:\Qoobox [2013/07/05 14:49:00 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013/07/05 14:47:22 | 005,085,494 | R--- | C] (Swearware) -- C:\Users\Maximilians\Desktop\ComboFix.exe [2013/07/05 13:45:01 | 001,934,636 | ---- | C] (Farbar) -- C:\Users\Maximilians\Desktop\FRST64.exe [2013/07/04 18:45:20 | 000,000,000 | ---D | C] -- C:\Users\Maximilians\Desktop\Schwert_und_Speer_Ultimat [2013/07/04 07:59:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Byte [2013/07/02 17:54:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins [2013/07/02 17:54:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions [2013/06/25 18:36:48 | 000,000,000 | ---D | C] -- C:\Users\Maximilians\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com [2013/06/23 21:40:23 | 000,000,000 | ---D | C] -- C:\Users\Maximilians\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Schwert und Speer Ultimat [2013/06/16 19:33:48 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013/06/16 19:33:48 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013/06/13 15:24:00 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013/06/13 15:24:00 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013/06/13 15:24:00 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013/06/13 15:24:00 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013/06/13 15:24:00 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013/06/13 15:24:00 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013/06/13 15:23:59 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013/06/13 15:23:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013/06/13 15:23:59 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013/06/13 15:23:58 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013/06/13 15:23:58 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013/06/13 15:23:58 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013/06/13 15:23:58 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013/06/13 13:07:42 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013/06/13 13:07:42 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013/06/13 13:07:36 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll [2013/06/13 13:07:36 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll [2013/06/13 13:07:32 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013/06/13 13:07:07 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe [2013/06/13 13:07:07 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe [2013/06/13 13:07:06 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2013/06/13 13:07:06 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2013/06/13 13:07:05 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll [2013/06/13 13:07:05 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll [2013/06/13 13:06:49 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013/06/13 13:06:49 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll ========== Files - Modified Within 30 Days ========== [2013/07/05 15:42:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/07/05 15:40:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maximilians\Desktop\OTL.exe [2013/07/05 15:38:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/07/05 15:38:53 | 522,113,023 | -HS- | M] () -- C:\hiberfil.sys [2013/07/05 15:26:05 | 001,505,270 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/07/05 15:26:05 | 000,656,250 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013/07/05 15:26:05 | 000,618,132 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/07/05 15:26:05 | 000,131,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013/07/05 15:26:05 | 000,107,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/07/05 15:20:20 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013/07/05 15:16:18 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/07/05 15:16:18 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/07/05 14:47:53 | 005,085,494 | R--- | M] (Swearware) -- C:\Users\Maximilians\Desktop\ComboFix.exe [2013/07/05 14:35:05 | 000,000,098 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat [2013/07/05 14:34:08 | 000,650,027 | ---- | M] () -- C:\Users\Maximilians\Desktop\adwcleaner_2.3.0.4.exe [2013/07/05 12:25:58 | 001,934,636 | ---- | M] (Farbar) -- C:\Users\Maximilians\Desktop\FRST64.exe [2013/07/04 19:07:16 | 000,001,725 | ---- | M] () -- C:\Users\Maximilians\Desktop\Schwert_und_Speer_Ultimat.bat - Verknüpfung.lnk [2013/07/01 14:14:19 | 004,974,944 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/06/18 06:27:09 | 000,013,388 | ---- | M] () -- C:\Users\Maximilians\AppData\Roaming\wklnhst.dat [2013/06/13 13:43:13 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/06/13 13:43:13 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/06/08 16:06:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013/06/08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll ========== Files Created - No Company Name ========== [2013/07/05 15:08:16 | 000,002,050 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013/07/05 14:51:39 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013/07/05 14:51:39 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013/07/05 14:51:39 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013/07/05 14:51:39 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013/07/05 14:51:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013/07/05 14:34:51 | 000,000,098 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat [2013/07/05 14:33:57 | 000,650,027 | ---- | C] () -- C:\Users\Maximilians\Desktop\adwcleaner_2.3.0.4.exe [2013/07/04 19:07:18 | 000,001,725 | ---- | C] () -- C:\Users\Maximilians\Desktop\Schwert_und_Speer_Ultimat.bat - Verknüpfung.lnk [2013/07/01 14:14:06 | 004,974,944 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/04/20 14:47:58 | 000,001,244 | ---- | C] () -- C:\Users\Maximilians\AppData\Local\recently-used.xbel [2012/12/06 19:32:36 | 000,015,190 | ---- | C] () -- C:\Windows\S6000Twn.ini [2012/12/06 19:32:36 | 000,000,099 | ---- | C] () -- C:\Windows\StillMnt.ini [2012/09/20 21:43:09 | 001,163,008 | ---- | C] () -- C:\Windows\PE_Rom.dll [2012/09/17 15:04:44 | 000,007,615 | ---- | C] () -- C:\Users\Maximilians\AppData\Local\Resmon.ResmonCfg [2012/08/15 08:21:47 | 000,001,119 | ---- | C] () -- C:\Users\Maximilians\Bilder.lnk [2012/05/07 17:08:02 | 000,000,692 | ---- | C] () -- C:\Users\Maximilians\AppData\Local\FASTWiz.html [2012/04/29 20:54:03 | 000,840,264 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2012/03/12 16:49:36 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll [2012/02/27 17:41:04 | 000,013,388 | ---- | C] () -- C:\Users\Maximilians\AppData\Roaming\wklnhst.dat [2012/02/27 17:32:55 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2012/02/24 16:15:16 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll [2012/01/14 18:07:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2012/01/08 14:34:15 | 000,007,680 | ---- | C] () -- C:\Users\Maximilians\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/01/08 08:58:24 | 000,000,680 | RHS- | C] () -- C:\Users\Maximilians\ntuser.pol [2011/12/24 22:33:34 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys [2011/12/24 22:33:25 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\drivers\ServiceHelp.dll [2011/12/24 22:33:25 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys [2011/12/24 22:28:45 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2011/12/24 22:28:02 | 000,021,821 | ---- | C] () -- C:\Windows\Ascd_log.ini [2011/12/24 22:27:44 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2011/12/24 22:27:42 | 000,016,277 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2011/12/24 15:54:31 | 003,961,134 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI ========== ZeroAccess Check ========== [2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Custom Scans ========== < HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers > "ProviderID0" = 1 "ProviderID1" = 2 "ProviderID2" = 3 "ProviderID3" = 4 "NextProviderID" = 5 "ProviderFileName0" = unimdm.tsp -- [2010/11/20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) "ProviderFileName1" = kmddsp.tsp -- [2009/07/14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) "ProviderFileName2" = ndptsp.tsp -- [2009/07/14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) "ProviderFileName3" = hidphone.tsp -- [2009/07/14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) "NumProviders" = 4 < HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\Windows\CurrentVersion\Telephony\Providers > "ProviderID0" = 1 "ProviderID1" = 2 "ProviderID2" = 3 "ProviderID3" = 4 "NextProviderID" = 5 "ProviderFileName0" = unimdm.tsp -- [2010/11/20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) "ProviderFileName1" = kmddsp.tsp -- [2009/07/14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) "ProviderFileName2" = ndptsp.tsp -- [2009/07/14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) "ProviderFileName3" = hidphone.tsp -- [2009/07/14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) "NumProviders" = 4 < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation /S > "DisplayName" = @%systemroot%\system32\wkssvc.dll,-100 "Group" = NetworkProvider "ImagePath" = %SystemRoot%\System32\svchost.exe -k NetworkService -- [2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) "Description" = @%systemroot%\system32\wkssvc.dll,-101 "ObjectName" = NT AUTHORITY\NetworkService "ErrorControl" = 1 "Start" = 2 "Type" = 32 "DependOnService" = BowserMRxSmb10MRxSmb20NSI [binary data] "ServiceSidType" = 1 "RequiredPrivileges" = SeChangeNotifyPrivilegeSeImperson [Binary data over 200 bytes] "FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 C0 D4 01 00 00 00 00 00 00 00 00 00 [binary data] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Linkage] "Bind" = \Device\Smb_Tcpip_{3BAB0777-8563-4 [Binary data over 200 bytes] "Route" = "Smb" "Tcpip" "{3BAB0777-8563-4859 [Binary data over 200 bytes] "Export" = \Device\LanmanWorkstation_Smb_Tcpi [Binary data over 200 bytes] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\NetworkProvider] "DeviceName" = \Device\LanmanRedirector "Name" = Microsoft Windows Network "DisplayName" = @%systemroot%\system32\wkssvc.dll,-102 "ProviderPath" = %SystemRoot%\System32\ntlanman.dll -- [2010/11/20 14:20:46 | 000,069,120 | ---- | M] (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters] "ServiceDll" = %SystemRoot%\System32\wkssvc.dll "ServiceDllUnloadOnStop" = 1 "EnablePlainTextPassword" = 0 "EnableSecuritySignature" = 1 "RequireSecuritySignature" = 0 "OtherDomains" = [binary data] < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache /S > "DisplayName" = @%SystemRoot%\System32\dnsapi.dll,-101 "Group" = TDI "ImagePath" = %SystemRoot%\system32\svchost.exe -k NetworkService -- [2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) "Description" = @%SystemRoot%\System32\dnsapi.dll,-102 "ObjectName" = NT AUTHORITY\NetworkService "ErrorControl" = 1 "Start" = 2 "Type" = 32 "DependOnService" = Tdxnsi [binary data] "ServiceSidType" = 1 "RequiredPrivileges" = SeChangeNotifyPrivilegeSeCreateGlobalPrivilege [binary data] "FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 C0 D4 01 00 01 00 00 00 E0 93 04 00 00 00 00 00 00 00 00 00 [binary data] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters] "ServiceDll" = %SystemRoot%\System32\pouafxzw3.dll "ServiceDllUnloadOnStop" = 1 "extension" = %SystemRoot%\System32\dnsext.dll "ServiceMain" = SetAccessPolicy [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters\DnsCache] "ShutdownOnIdle" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Security] "Security" = 01 00 14 80 F8 00 00 00 04 01 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 C8 00 08 00 00 00 00 02 18 00 9D 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 21 02 00 00 00 02 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 02 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 04 00 00 00 00 02 14 00 8D 00 02 00 01 01 00 00 00 00 00 05 14 00 00 00 00 02 14 00 8D 00 02 00 01 01 00 00 00 00 00 05 13 00 00 00 00 02 18 00 CD 00 02 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 02 28 00 CD 01 02 00 01 06 00 00 00 00 00 05 50 00 00 00 04 C9 44 AF 94 D9 D3 E5 2B E1 B7 1C 17 84 87 13 6E 1A FA 65 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00 [Binary data over 200 bytes] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\TriggerInfo] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\TriggerInfo\0] "Type" = 4 "Action" = 1 "GUID" = 07 9E 56 B7 21 84 E0 4E AD 10 86 91 5A FD AD 09 [binary data] "Data0" = 5355UDP [binary data] "DataType0" = 2 < HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost > "netsvcs" = AeLookupSvcCertPropSvcSCPolicySv [Binary data over 200 bytes] "LocalService" = RemoteRegistryWinHttpAutoProxySvc [Binary data over 200 bytes] "LocalSystemNetworkRestricted" = NetmanAudioEndpointBuilderdot3sv [Binary data over 200 bytes] "LocalServiceNoNetwork" = PLA [binary data] -- [2010/11/20 14:20:54 | 001,508,864 | ---- | M] (Microsoft Corporation) "rpcss" = RpcSs [binary data] "LocalServiceNetworkRestricted" = AudioSrvBthHFSrvLmHostswscsvcWPCSvc [binary data] "LocalServiceAndNoImpersonation" = SSDPSRVupnphostSCardSvrTBSQWAVEwcncsvc [binary data] "DcomLaunch" = PowerPlugPlayDcomLaunch [binary data] "NetworkService" = CryptSvcDHCPTermServiceDNSCache [Binary data over 200 bytes] "imgsvc" = StiSvc [binary data] "wcssvc" = WcsPlugInService [binary data] -- [2009/07/14 03:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) "Update-Service-Installer-Service" = Update-Service-Installer-Service [binary data] "Update-Service" = Update-Service [binary data] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalService] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNoNetwork] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\netsvcs] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkService] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopHyperVAgent] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopPublishing] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wcssvc] < HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost > "netsvcs" = AeLookupSvcCertPropSvcSCPolicySv [Binary data over 200 bytes] "LocalService" = RemoteRegistryWinHttpAutoProxySvc [Binary data over 200 bytes] "LocalSystemNetworkRestricted" = NetmanAudioEndpointBuilderdot3sv [Binary data over 200 bytes] "LocalServiceNoNetwork" = PLA [binary data] -- [2010/11/20 14:20:54 | 001,508,864 | ---- | M] (Microsoft Corporation) "rpcss" = RpcSs [binary data] "LocalServiceNetworkRestricted" = AudioSrvBthHFSrvLmHostswscsvcWPCSvc [binary data] "LocalServiceAndNoImpersonation" = SSDPSRVupnphostSCardSvrTBSQWAVEwcncsvc [binary data] "DcomLaunch" = PowerPlugPlayDcomLaunch [binary data] "NetworkService" = CryptSvcDHCPTermServiceDNSCache [Binary data over 200 bytes] "imgsvc" = StiSvc [binary data] "wcssvc" = WcsPlugInService [binary data] -- [2009/07/14 03:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) "Update-Service-Installer-Service" = Update-Service-Installer-Service [binary data] "Update-Service" = Update-Service [binary data] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalService] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalServiceNoNetwork] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\netsvcs] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\NetworkService] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopHyperVAgent] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopPublishing] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\termsvcs] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\wcssvc] < HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com > < %SystemRoot%\system32\*.tsp > [2009/07/14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp [2009/07/14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp [2009/07/14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp [2009/07/14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp [2010/11/20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp < %SystemRoot%\system32\*.tsp /64 > [2009/07/14 03:38:54 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hidphone.tsp [2009/07/14 03:38:54 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kmddsp.tsp [2012/01/12 19:37:47 | 001,420,800 | ---- | M] (MetaInterCom) -- C:\Windows\SysNative\MICBo1rus.tsp [2009/07/14 03:38:54 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ndptsp.tsp [2009/07/14 03:38:54 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\remotesp.tsp [2010/11/20 15:24:24 | 000,321,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp < C:\Windows\system32\*.dll /600 > [2012/08/23 13:15:57 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\aaclient.dll [2012/11/30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll [2012/11/30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll [2012/11/30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll [2012/11/30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll [2012/11/30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll [2012/11/30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll [2012/11/30 06:45:14 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll [2012/11/30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll [2012/11/30 06:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll [2012/11/30 06:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll [2012/11/30 06:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll [2012/11/30 06:45:15 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll [2012/11/30 06:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll [2012/11/30 06:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll [2012/11/30 04:38:59 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll [2012/11/30 04:38:59 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll [2012/11/30 04:38:59 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll [2013/01/13 23:16:42 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/01/13 23:12:46 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/01/13 23:17:02 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/01/13 23:11:08 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/01/13 23:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/01/13 23:17:03 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/01/13 23:11:07 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/01/13 23:11:21 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll [2013/01/13 23:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll [2012/11/30 04:38:59 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll [2013/03/19 06:47:50 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\apisetschema.dll [2012/11/06 01:20:50 | 000,168,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\atl110.dll [2012/12/16 16:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\atmfd.dll [2012/12/16 16:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\system32\atmlib.dll [2013/02/27 06:49:24 | 001,796,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\authui.dll [2012/07/04 23:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\browcli.dll [2012/06/06 07:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cdosys.dll [2013/05/13 05:08:06 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\certenc.dll [2013/05/13 06:45:55 | 001,160,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\crypt32.dll [2013/05/10 05:20:54 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptdlg.dll [2013/05/13 06:45:55 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptnet.dll [2013/05/13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptsvc.dll [2013/01/13 21:37:57 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d2d1.dll [2013/01/13 21:46:25 | 001,080,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10.dll [2013/01/13 22:08:43 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10core.dll [2013/01/13 21:54:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10level9.dll [2013/01/13 22:22:22 | 001,988,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10warp.dll [2013/01/13 21:48:47 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10_1.dll [2013/01/13 22:09:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10_1core.dll [2013/04/26 01:30:32 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d11.dll [2012/05/01 16:54:18 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\system32\deployJava1.dll [2012/10/09 19:40:31 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dhcpcore6.dll [2012/10/09 19:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dhcpcsvc6.dll [2012/11/02 07:11:31 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpnet.dll [2013/01/13 22:31:00 | 001,247,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DWrite.dll [2013/01/13 22:20:31 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxgi.dll [2013/03/30 02:52:24 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll [2013/03/30 02:52:24 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll [2013/03/30 02:52:25 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\elshyph.dll [2012/12/07 14:20:43 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gameux.dll [2013/03/30 02:52:23 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll [2013/03/30 02:52:24 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll [2013/03/30 02:52:24 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll [2013/03/30 02:52:24 | 000,242,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll [2013/06/08 13:40:01 | 013,760,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll [2013/03/30 02:52:24 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll [2013/05/17 03:25:26 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll [2013/06/08 13:40:02 | 002,046,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll [2013/05/17 03:25:26 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll [2013/05/17 03:25:26 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll [2013/06/08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll [2012/03/01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imagehlp.dll [2013/03/30 02:52:24 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll [2013/03/30 02:52:24 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll [2013/05/17 03:25:27 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll [2013/05/17 03:25:27 | 002,877,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll [2013/05/17 03:25:27 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll [2012/08/11 01:56:14 | 000,542,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kerberos.dll [2012/11/30 06:53:59 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kernel32.dll [2012/11/30 06:53:59 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KernelBase.dll [2013/03/30 02:52:23 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll [2012/11/06 01:20:52 | 004,421,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc110.dll [2012/11/06 01:20:52 | 000,046,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc110chs.dll [2012/11/06 01:20:52 | 000,046,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc110cht.dll [2012/11/06 01:20:52 | 000,074,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc110deu.dll [2012/11/06 01:20:52 | 000,064,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc110enu.dll [2012/11/06 01:20:52 | 000,073,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc110esn.dll [2012/11/06 01:20:52 | 000,074,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc110fra.dll [2012/11/06 01:20:52 | 000,072,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc110ita.dll [2012/11/06 01:20:52 | 000,053,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc110jpn.dll [2012/11/06 01:20:52 | 000,053,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc110kor.dll [2012/11/06 01:20:52 | 000,070,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc110rus.dll [2012/11/06 01:20:52 | 004,456,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc110u.dll [2012/11/06 01:20:52 | 000,092,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfcm110.dll [2012/11/06 01:20:52 | 000,092,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfcm110u.dll [2011/12/28 09:22:58 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msclmd.dll [2013/05/17 03:25:33 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll [2013/03/30 02:52:24 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll [2013/06/08 13:40:35 | 014,327,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll [2013/03/30 02:52:24 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll [2013/03/30 02:52:24 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll [2013/03/30 02:52:24 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmlmedia.dll [2012/04/07 13:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msi.dll [2012/03/12 20:56:40 | 000,947,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msjava.dll [2013/03/30 02:52:25 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll [2013/01/04 08:11:21 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msmpeg2vdec.dll [2013/03/30 02:52:24 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll [2012/08/23 15:47:20 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MsRdpWebAccess.dll [2012/08/23 10:19:01 | 004,916,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mstscax.dll [2012/11/06 01:20:52 | 000,535,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcp110.dll [2012/11/06 01:20:52 | 000,875,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcr110.dll [2011/12/16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcrt.dll [2012/11/01 06:47:54 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml3.dll [2012/11/01 06:47:54 | 001,389,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml6.dll [2012/11/20 06:51:09 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncrypt.dll [2012/10/03 18:42:23 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncsi.dll [2012/07/04 23:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netapi32.dll [2012/10/03 18:42:24 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netcorehc.dll [2012/10/03 18:42:24 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netevent.dll [2012/07/12 17:13:40 | 000,405,144 | ---- | M] (Newtonsoft) -- C:\Windows\system32\Newtonsoft.Json.Net20.dll [2012/01/13 09:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nlaapi.dll [2012/01/12 19:37:47 | 000,290,816 | ---- | M] (Zeroconf) -- C:\Windows\system32\nsplf3g3.dll [2011/11/17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntdll.dll [2012/01/04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntshrui.dll [2013/01/04 04:47:33 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntvdm64.dll [2013/02/26 00:32:44 | 002,505,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvapi.dll [2013/02/26 00:32:24 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcompiler.dll [2013/02/26 00:32:34 | 007,932,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcuda.dll [2013/02/26 00:32:08 | 001,985,824 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcuvenc.dll [2013/02/26 00:32:36 | 002,720,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvcuvid.dll [2013/02/26 00:32:42 | 015,129,960 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvd3dum.dll [2012/02/09 22:43:00 | 000,301,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvdecodemft.dll [2013/02/26 00:32:04 | 000,201,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvinit.dll [2013/02/26 00:32:26 | 020,449,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvoglv32.dll [2013/02/26 00:32:40 | 006,262,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvopencl.dll [2013/02/26 00:32:36 | 000,958,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvumdshim.dll [2013/02/26 00:32:08 | 012,641,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\nvwgf2um.dll [2013/03/30 02:52:24 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll [2012/02/09 22:43:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\system32\OpenCL.dll [2011/11/19 16:01:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\packager.dll [2013/03/30 02:52:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll [2012/05/04 11:59:54 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qdvd.dll [2012/02/17 07:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpcore.dll [2012/08/23 13:12:17 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpendp_winip.dll [2012/08/24 18:57:40 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\schannel.dll [2012/08/24 18:57:40 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secur32.dll [2013/02/27 06:55:04 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shdocvw.dll [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shell32.dll [2012/05/05 09:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srclient.dll [2012/08/24 18:53:35 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sspicli.dll [2012/09/26 00:47:43 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\synceng.dll [2012/08/23 15:18:14 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tsgqec.dll [2012/11/09 06:42:49 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tzres.dll [2012/01/12 19:37:47 | 000,294,912 | ---- | M] (IMS, Inc.) -- C:\Windows\system32\UDDIqkgc8.dll [2013/01/13 21:53:14 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\UIAnimation.dll [2012/01/14 18:07:54 | 000,053,248 | ---- | M] () -- C:\Windows\system32\unrar.dll [2011/12/24 21:37:59 | 000,114,000 | ---- | M] (Joosoft.com GmbH) -- C:\Windows\system32\UpdSvc.dll [2013/03/30 02:52:24 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll [2013/06/08 13:42:19 | 001,141,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll [2012/11/22 06:45:03 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\usp10.dll [2012/04/01 18:41:17 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\uxtheme.dll [2013/03/30 02:52:24 | 000,523,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll [2012/11/06 01:20:52 | 000,320,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vcamp110.dll [2012/11/06 01:20:52 | 000,252,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vccorlib110.dll [2012/11/06 01:20:52 | 000,125,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vcomp110.dll [2013/03/30 02:52:24 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll [2011/11/17 07:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webio.dll [2013/04/26 06:55:21 | 000,492,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32spl.dll [2013/04/17 09:02:06 | 001,230,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WindowsCodecs.dll [2013/01/13 21:53:58 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WindowsCodecsExt.dll [2013/05/17 03:25:57 | 001,767,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll [2012/08/24 18:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wintrust.dll [2012/08/23 15:46:20 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wksprtPS.dll [2012/03/01 07:29:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmi.dll [2013/01/13 21:02:06 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMPhoto.dll [2013/01/04 06:51:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wow32.dll [2012/12/07 14:26:17 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Wpc.dll [2013/01/13 20:34:58 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XpsGdiConverter.dll [2013/01/13 19:26:42 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XpsPrint.dll < C:\Windows\SysNative\*.dll /600 > [2012/08/23 12:54:24 | 000,322,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2012/11/30 07:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2012/11/30 07:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2012/11/30 07:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2012/11/30 07:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2012/11/30 07:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2012/11/30 07:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2012/11/30 07:38:44 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2012/11/30 07:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2012/11/30 07:38:44 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2012/11/30 07:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2012/11/30 07:38:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2012/11/30 07:38:44 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2012/11/30 07:38:44 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2012/11/30 07:38:44 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2012/11/30 07:38:44 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2012/11/30 07:38:45 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2012/11/30 07:38:45 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2012/11/30 07:38:45 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2012/11/30 07:38:45 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2012/11/30 07:38:45 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2012/11/30 07:38:45 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2012/11/30 07:38:45 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2012/11/30 07:38:45 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2012/11/30 07:38:45 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2012/11/30 07:38:45 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2012/11/30 07:38:45 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2012/11/30 07:38:45 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013/01/13 22:35:18 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/01/13 22:32:07 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/01/13 22:35:31 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/01/13 22:31:41 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/01/13 22:31:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/01/13 22:35:31 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/01/13 22:31:40 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/01/13 22:31:48 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013/01/13 22:31:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2012/11/30 07:38:45 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013/02/27 07:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appinfo.dll [2012/11/05 22:26:22 | 000,200,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\atl110.dll [2012/12/16 16:45:03 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2012/12/16 19:11:22 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2013/02/27 07:48:00 | 001,930,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2012/07/05 00:13:27 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012/07/05 00:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browser.dll [2012/06/06 08:02:54 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2013/05/13 07:50:40 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll [2012/05/28 07:09:04 | 002,168,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\coin91.dll [2012/09/28 23:32:08 | 002,177,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\coin92.dll [2013/05/13 07:51:00 | 001,464,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2013/05/10 07:49:27 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll [2013/05/13 07:51:00 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2013/05/13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsvc.dll [2013/03/19 07:46:56 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2013/01/13 21:10:36 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013/01/13 21:20:04 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013/01/13 21:38:21 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013/01/13 21:24:33 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013/01/13 21:51:30 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013/01/13 21:20:42 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013/01/13 21:38:39 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013/04/01 00:52:16 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2012/05/26 15:53:27 | 000,839,112 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2012/10/09 20:17:13 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2012/10/09 20:17:13 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2012/11/02 07:59:11 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll [2013/01/13 21:59:04 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013/01/13 21:49:17 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013/03/30 02:52:23 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013/03/30 02:52:23 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013/03/30 02:52:25 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013/01/13 21:58:28 | 001,175,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FntCache.dll [2012/12/07 15:15:31 | 002,746,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2013/03/30 02:52:23 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013/03/30 02:52:22 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013/03/30 02:52:23 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013/03/30 02:52:23 | 000,270,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll [2013/06/08 16:06:57 | 015,404,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll [2013/03/30 02:52:22 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013/05/17 02:58:08 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013/06/08 16:06:58 | 002,648,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll [2013/05/17 02:58:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013/05/17 02:58:08 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013/06/08 16:06:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012/03/01 08:33:50 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2013/03/30 02:52:22 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013/03/30 02:52:23 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2012/10/03 19:42:16 | 000,569,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iphlpsvc.dll [2013/05/17 02:58:10 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013/05/17 02:58:10 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013/05/17 02:58:10 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll [2012/08/11 02:56:03 | 000,715,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kerberos.dll [2012/11/30 07:41:07 | 001,161,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2012/11/30 07:41:07 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013/03/30 02:52:23 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012/05/14 07:26:34 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2012/08/24 20:03:09 | 001,448,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012/11/05 22:26:22 | 005,592,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc110.dll [2012/11/05 22:26:22 | 000,046,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc110chs.dll [2012/11/05 22:26:22 | 000,046,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc110cht.dll [2012/11/05 22:26:22 | 000,074,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc110deu.dll [2012/11/05 22:26:22 | 000,064,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc110enu.dll [2012/11/05 22:26:22 | 000,073,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc110esn.dll [2012/11/05 22:26:22 | 000,074,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc110fra.dll [2012/11/05 22:26:22 | 000,072,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc110ita.dll [2012/11/05 22:26:22 | 000,053,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc110jpn.dll [2012/11/05 22:26:22 | 000,053,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc110kor.dll [2012/11/05 22:26:22 | 000,070,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc110rus.dll [2012/11/05 22:26:22 | 005,620,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfc110u.dll [2012/11/05 22:26:22 | 000,104,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfcm110.dll [2012/11/05 22:26:22 | 000,104,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfcm110u.dll [2011/12/28 09:22:58 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll [2013/05/17 02:58:20 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013/03/30 02:52:22 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll [2013/06/08 16:07:17 | 019,233,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll [2013/03/30 02:52:23 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/03/30 02:52:22 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013/03/30 02:52:23 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2012/04/07 14:31:40 | 003,216,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2013/03/30 02:52:23 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013/01/04 08:11:13 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013/03/30 02:52:23 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2012/08/23 15:20:40 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll [2012/08/23 10:13:07 | 005,773,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2012/11/05 22:26:22 | 000,661,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp110.dll [2012/11/05 22:26:22 | 000,849,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr110.dll [2011/12/16 10:46:06 | 000,634,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2012/11/01 07:43:42 | 001,882,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3.dll [2012/11/01 07:43:42 | 002,002,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6.dll [2012/11/20 07:48:49 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012/10/03 19:44:16 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2012/07/05 00:16:43 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2012/10/03 19:44:17 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll [2012/10/03 19:44:17 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll [2012/10/03 19:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nlaapi.dll [2012/10/03 19:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nlasvc.dll [2012/05/26 15:53:27 | 000,955,848 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll [2011/11/17 08:41:18 | 001,731,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012/01/04 12:44:20 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll [2012/11/30 07:43:12 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2013/02/26 00:32:40 | 002,826,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2013/02/26 00:32:44 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2013/01/18 17:00:28 | 006,390,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2013/02/26 00:32:06 | 009,390,760 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2013/02/26 00:32:34 | 002,346,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2013/02/26 00:32:28 | 002,904,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2013/02/26 00:32:38 | 018,055,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2012/02/09 22:43:00 | 000,364,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll [2013/02/26 00:32:38 | 001,814,304 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll [2013/02/26 00:32:32 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll [2012/02/09 22:43:00 | 001,466,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll [2012/07/03 09:37:57 | 001,472,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll [2012/07/03 17:25:21 | 000,031,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll [2013/02/26 00:32:32 | 000,245,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2013/01/18 17:00:11 | 000,118,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2013/02/26 00:32:36 | 026,929,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2013/02/26 00:32:08 | 007,564,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2013/01/18 17:00:11 | 000,063,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2013/01/18 17:00:28 | 003,460,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2013/01/18 17:00:11 | 002,558,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2013/02/26 00:32:38 | 001,107,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll [2013/02/26 00:32:26 | 015,053,264 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2013/03/30 02:52:23 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2012/02/09 22:43:00 | 000,068,928 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011/11/19 16:58:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2013/03/30 02:52:23 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2012/06/02 16:30:55 | 000,354,304 | ---- | M] (Parental Solutions Inc.) -- C:\Windows\SysNative\pouafxzw3.dll [2012/05/01 07:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\profsvc.dll [2012/05/04 13:00:43 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012/02/17 08:38:26 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2012/04/26 07:41:55 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012/08/23 11:51:57 | 003,174,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2012/08/23 12:51:14 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll [2012/08/23 15:24:57 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll [2012/08/23 16:13:11 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2012/04/26 07:41:56 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012/08/24 20:05:03 | 000,340,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\schannel.dll [2011/11/17 08:35:25 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2013/02/27 07:52:55 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\shell32.dll [2012/05/05 10:36:55 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2011/11/17 08:35:26 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2011/11/17 08:35:26 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012/09/26 00:46:17 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [2012/04/01 17:42:43 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\themeservice.dll [2012/04/01 17:42:45 | 002,851,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll [2012/08/23 14:52:53 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2012/08/23 15:06:58 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2012/08/23 15:40:56 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2012/11/09 07:45:09 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tzres.dll [2013/01/13 21:24:30 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013/03/30 02:52:23 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/06/08 16:08:10 | 001,365,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll [2012/11/22 07:44:23 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2012/04/01 17:42:47 | 000,332,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll [2013/03/30 02:52:23 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012/11/05 22:26:22 | 000,385,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vcamp110.dll [2012/11/05 22:26:22 | 000,354,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vccorlib110.dll [2012/11/05 22:26:22 | 000,138,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vcomp110.dll [2012/07/26 04:36:08 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2013/03/30 02:52:23 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webcheck.dll [2011/11/17 08:35:28 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2013/04/26 07:51:36 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013/04/17 08:24:46 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013/01/13 21:25:04 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013/05/17 02:59:03 | 002,241,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll [2013/01/04 07:46:09 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2012/08/24 20:05:07 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012/08/23 15:17:54 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll [2012/03/01 08:28:47 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmi.dll [2013/01/13 20:32:43 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2012/11/30 07:45:35 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2012/11/30 07:45:35 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2012/11/30 07:45:35 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012/12/07 15:20:16 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2012/06/03 00:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012/06/03 00:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuaueng.dll [2012/06/03 00:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012/07/26 05:08:14 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2012/07/26 05:08:14 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2012/07/26 05:08:14 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFSvc.dll [2012/07/26 05:08:14 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2012/06/03 00:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012/06/03 00:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012/06/03 00:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012/06/02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2013/03/19 07:53:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2013/03/19 07:53:58 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwansvc.dll [2013/03/21 06:10:16 | 000,028,544 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll |
Teil 2 der OTL: [2013/01/13 20:09:52 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013/01/13 19:05:09 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll < C:\Windows\SysWOW64\*.dll /600 > [2012/08/23 13:15:57 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\aaclient.dll [2012/11/30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll [2012/11/30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll [2012/11/30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll [2012/11/30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll [2012/11/30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll [2012/11/30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll [2012/11/30 06:45:14 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll [2012/11/30 06:45:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll [2012/11/30 06:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll [2012/11/30 06:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll [2012/11/30 06:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll [2012/11/30 06:45:15 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012/11/30 06:45:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll [2012/11/30 06:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll [2012/11/30 06:45:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll [2012/11/30 04:38:59 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll [2012/11/30 04:38:59 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll [2012/11/30 04:38:59 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll [2013/01/13 23:16:42 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/01/13 23:12:46 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/01/13 23:17:02 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/01/13 23:11:08 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/01/13 23:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/01/13 23:17:03 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/01/13 23:11:07 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/01/13 23:11:21 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll [2013/01/13 23:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll [2012/11/30 04:38:59 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll [2013/03/19 06:47:50 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apisetschema.dll [2012/11/06 01:20:50 | 000,168,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl110.dll [2012/12/16 16:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\atmfd.dll [2012/12/16 16:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWOW64\atmlib.dll [2013/02/27 06:49:24 | 001,796,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authui.dll [2012/07/04 23:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\browcli.dll [2012/06/06 07:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cdosys.dll [2013/05/13 05:08:06 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\certenc.dll [2013/05/13 06:45:55 | 001,160,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll [2013/05/10 05:20:54 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptdlg.dll [2013/05/13 06:45:55 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll [2013/05/13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsvc.dll [2013/01/13 21:37:57 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll [2013/01/13 21:46:25 | 001,080,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll [2013/01/13 22:08:43 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll [2013/01/13 21:54:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10level9.dll [2013/01/13 22:22:22 | 001,988,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll [2013/01/13 21:48:47 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll [2013/01/13 22:09:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll [2013/04/26 01:30:32 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d11.dll [2012/05/01 16:54:18 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWOW64\deployJava1.dll [2012/10/09 19:40:31 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcore6.dll [2012/10/09 19:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll [2012/11/02 07:11:31 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dpnet.dll [2013/01/13 22:31:00 | 001,247,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll [2013/01/13 22:20:31 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll [2013/03/30 02:52:24 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll [2013/03/30 02:52:24 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll [2013/03/30 02:52:25 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\elshyph.dll [2012/12/07 14:20:43 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gameux.dll [2013/03/30 02:52:23 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icardie.dll [2013/03/30 02:52:24 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IEAdvpack.dll [2013/03/30 02:52:24 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieapfltr.dll [2013/03/30 02:52:24 | 000,242,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iedkcs32.dll [2013/06/08 13:40:01 | 013,760,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll [2013/03/30 02:52:24 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iepeers.dll [2013/05/17 03:25:26 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iernonce.dll [2013/06/08 13:40:02 | 002,046,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll [2013/05/17 03:25:26 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iesetup.dll [2013/05/17 03:25:26 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iesysprep.dll [2013/06/08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll [2012/03/01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll [2013/03/30 02:52:24 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imgutil.dll [2013/03/30 02:52:24 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\inseng.dll [2013/05/17 03:25:27 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll [2013/05/17 03:25:27 | 002,877,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll [2013/05/17 03:25:27 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll [2012/08/11 01:56:14 | 000,542,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kerberos.dll [2012/11/30 06:53:59 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll [2012/11/30 06:53:59 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll [2013/03/30 02:52:23 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\licmgr10.dll [2012/11/06 01:20:52 | 004,421,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc110.dll [2012/11/06 01:20:52 | 000,046,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc110chs.dll [2012/11/06 01:20:52 | 000,046,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc110cht.dll [2012/11/06 01:20:52 | 000,074,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc110deu.dll [2012/11/06 01:20:52 | 000,064,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc110enu.dll [2012/11/06 01:20:52 | 000,073,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc110esn.dll [2012/11/06 01:20:52 | 000,074,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc110fra.dll [2012/11/06 01:20:52 | 000,072,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc110ita.dll [2012/11/06 01:20:52 | 000,053,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc110jpn.dll [2012/11/06 01:20:52 | 000,053,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc110kor.dll [2012/11/06 01:20:52 | 000,070,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc110rus.dll [2012/11/06 01:20:52 | 004,456,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc110u.dll [2012/11/06 01:20:52 | 000,092,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfcm110.dll [2012/11/06 01:20:52 | 000,092,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfcm110u.dll [2011/12/28 09:22:58 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msclmd.dll [2013/05/17 03:25:33 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msfeeds.dll [2013/03/30 02:52:24 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msfeedsbs.dll [2013/06/08 13:40:35 | 014,327,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll [2013/03/30 02:52:24 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtmled.dll [2013/03/30 02:52:24 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtmler.dll [2013/03/30 02:52:24 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtmlmedia.dll [2012/04/07 13:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll [2012/03/12 20:56:40 | 000,947,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msjava.dll [2013/03/30 02:52:25 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll [2013/01/04 08:11:21 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll [2013/03/30 02:52:24 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msrating.dll [2012/08/23 15:47:20 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MsRdpWebAccess.dll [2012/08/23 10:19:01 | 004,916,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mstscax.dll [2012/11/06 01:20:52 | 000,535,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp110.dll [2012/11/06 01:20:52 | 000,875,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr110.dll [2011/12/16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll [2012/11/01 06:47:54 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll [2012/11/01 06:47:54 | 001,389,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll [2012/11/20 06:51:09 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll [2012/10/03 18:42:23 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncsi.dll [2012/07/04 23:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll [2012/10/03 18:42:24 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netcorehc.dll [2012/10/03 18:42:24 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netevent.dll [2012/07/12 17:13:40 | 000,405,144 | ---- | M] (Newtonsoft) -- C:\Windows\SysWOW64\Newtonsoft.Json.Net20.dll [2012/01/13 09:12:03 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nlaapi.dll [2012/01/12 19:37:47 | 000,290,816 | ---- | M] (Zeroconf) -- C:\Windows\SysWOW64\nsplf3g3.dll [2011/11/17 07:38:39 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll [2012/01/04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll [2013/01/04 04:47:33 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntvdm64.dll [2013/02/26 00:32:44 | 002,505,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvapi.dll [2013/02/26 00:32:24 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvcompiler.dll [2013/02/26 00:32:34 | 007,932,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvcuda.dll [2013/02/26 00:32:08 | 001,985,824 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvcuvenc.dll [2013/02/26 00:32:36 | 002,720,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvcuvid.dll [2013/02/26 00:32:42 | 015,129,960 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll [2012/02/09 22:43:00 | 000,301,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvdecodemft.dll [2013/02/26 00:32:04 | 000,201,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvinit.dll [2013/02/26 00:32:26 | 020,449,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvoglv32.dll [2013/02/26 00:32:40 | 006,262,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvopencl.dll [2013/02/26 00:32:36 | 000,958,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvumdshim.dll [2013/02/26 00:32:08 | 012,641,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvwgf2um.dll [2013/03/30 02:52:24 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\occache.dll [2012/02/09 22:43:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\SysWOW64\OpenCL.dll [2011/11/19 16:01:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\packager.dll [2013/03/30 02:52:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pngfilt.dll [2012/05/04 11:59:54 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\qdvd.dll [2012/02/17 07:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rdpcore.dll [2012/08/23 13:12:17 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rdpendp_winip.dll [2012/08/24 18:57:40 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll [2012/08/24 18:57:40 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll [2013/02/27 06:55:04 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll [2012/05/05 09:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll [2012/08/24 18:53:35 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll [2012/09/26 00:47:43 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\synceng.dll [2012/08/23 15:18:14 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\tsgqec.dll [2012/11/09 06:42:49 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\tzres.dll [2012/01/12 19:37:47 | 000,294,912 | ---- | M] (IMS, Inc.) -- C:\Windows\SysWOW64\UDDIqkgc8.dll [2013/01/13 21:53:14 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\UIAnimation.dll [2012/01/14 18:07:54 | 000,053,248 | ---- | M] () -- C:\Windows\SysWOW64\unrar.dll [2011/12/24 21:37:59 | 000,114,000 | ---- | M] (Joosoft.com GmbH) -- C:\Windows\SysWOW64\UpdSvc.dll [2013/03/30 02:52:24 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\url.dll [2013/06/08 13:42:19 | 001,141,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll [2012/11/22 06:45:03 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll [2012/04/01 18:41:17 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll [2013/03/30 02:52:24 | 000,523,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vbscript.dll [2012/11/06 01:20:52 | 000,320,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vcamp110.dll [2012/11/06 01:20:52 | 000,252,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vccorlib110.dll [2012/11/06 01:20:52 | 000,125,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vcomp110.dll [2013/03/30 02:52:24 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webcheck.dll [2011/11/17 07:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll [2013/04/26 06:55:21 | 000,492,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\win32spl.dll [2013/04/17 09:02:06 | 001,230,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll [2013/01/13 21:53:58 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll [2013/05/17 03:25:57 | 001,767,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll [2012/08/24 18:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll [2012/08/23 15:46:20 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wksprtPS.dll [2012/03/01 07:29:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmi.dll [2013/01/13 21:02:06 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WMPhoto.dll [2013/01/04 06:51:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wow32.dll [2012/12/07 14:26:17 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll [2013/01/13 20:34:58 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\XpsGdiConverter.dll [2013/01/13 19:26:42 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\XpsPrint.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 1123 bytes -> C:\Users\Maximilians\AppData\Local\Temp:eQPmLp37YNWUkY8EgnoN3sFK < End of report > Und zum Schluß noch die Extras.txt: OTL EXTRAS Logfile: Code: OTL Extras logfile created on: 7/5/2013 3:41:38 PM - Run 1 Und zum Schluß noch die Extras.txt: OTL EXTRAS Logfile: Code: OTL Extras logfile created on: 7/5/2013 3:41:38 PM - Run 1 |
Und zum Schluß noch die Extras.txt: OTL EXTRAS Logfile: Code: OTL Extras logfile created on: 7/5/2013 3:41:38 PM - Run 1 Tut mir Leid das die letzte Nachricht 3x kam, mein Erstzrechner ist kurz festgefroren und ich habe deswegen dreimal auf "Antworten" geklickt. |
Hi, dann mach bitte so weiter: Schritt 1 Fixen mit OTL
Code: :OTL
Schritt 2 Bitte downloade dir LSPFix und speichere es auf den Desktop.
Schritt 3
Code: HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers
Bitte poste in deiner nächsten Antwort:
|
Hier die OTL: All processes killed ========== OTL ========== Service Update-Service stopped successfully! Service Update-Service deleted successfully! C:\Windows\SysWOW64\UpdSvc.dll moved successfully. File C:\Windows\SysWOW64\UpdSvc.dll not found. C:\Windows\SysWOW64\nsplf3g3.dll moved successfully. C:\Windows\SysNative\pouafxzw3.dll moved successfully. File C:\Windows\system32\UpdSvc.dll not found. File C:\Windows\system32\nsplf3g3.dll not found. C:\Windows\SysNative\MICBo1rus.tsp moved successfully. C:\Windows\SysWOW64\UDDIqkgc8.dll moved successfully. File C:\Windows\SysWOW64\UDDIqkgc8.dll not found. C:\Windows\SysWow64\searchplugins folder moved successfully. C:\Windows\SysWow64\Extensions folder moved successfully. ADS C:\Users\Maximilians\AppData\Local\Temp:eQPmLp37YNWUkY8EgnoN3sFK deleted successfully. ========== REGISTRY ========== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters\\"ServiceDll"|hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f ,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,6e,00,73,00,72,00,73,00,6c,00,76,00,72,00,2e,00,64,00,6c,00,6c,00,00 ,00 /E : value set successfully! Registry value HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\\Update-Service-Installer-Service deleted successfully. Registry value HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\\Update-Service deleted successfully. Registry value HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\\Update-Service-Installer-Service not found. Registry value HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\\Update-Service not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 56475 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Gast ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 14957075 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 692 bytes User: Maximilians ->Temp folder emptied: 702 bytes ->Temporary Internet Files folder emptied: 136164736 bytes ->Java cache emptied: 8425160 bytes ->FireFox cache emptied: 186207553 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 57328 bytes User: Public ->Temp folder emptied: 0 bytes User: TEMP ->Temp folder emptied: 0 bytes User: TEMP.Dittrich-PC ->Temp folder emptied: 0 bytes User: TEMP.Dittrich-PC.000 ->Temp folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: TEMP.Dittrich-PC.001 ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 56475 bytes User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 3516 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 95672 bytes %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 760 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 330.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 07052013_171143 Files\Folders moved on Reboot... C:\Users\Maximilians\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Maximilians\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... So und hier die OTL nach dem LSP Fix:OTL Logfile: Code: OTL logfile created on: 7/5/2013 5:22:52 PM - Run 2 Bei der LSP kam irgentwie keine LOG. |
Ok, das passt so. Noch eine Kontrolle. Wie läuft der Rechner? Warnung: Infostealer Aus deinen Logs ist ersichtlich, dass du Malware eingefangen hast, die es speziell auf deine sensitiven Daten (Benutzernamen, Passwörter, Onlinebankingzugangsdaten, etc.) abgesehen hat. Man kann nicht genau wissen, was alles mitgeloggt wurde, aber sicherheitshalber würd ich alle auf diesem Rechner eingegebenen Daten und Passwörter als bekannt voraussetzen. Ich würde dir daher raten, zum Schluss oder von einem sauberen Rechner aus sämtliche Zugangsdaten, welche an diesem Rechner verwendet wurden, zu ändern. Schritt 1
Schritt 2 ESET Online Scanner
Schritt 3 Starte noch einmal FRST.
Bitte poste in deiner nächsten Antwort:
|
Hi, Leo. Der Rechner funktioniert ganz normal außer eben das ich das Sicherheitscenter irgentwie immer noch nicht aktivieren kann. Hier sind die Logs: Log von MBAM Malwarebytes Anti-Malware 1.75.0.1300 Malwarebytes : Free anti-malware download Datenbank Version: v2013.07.06.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16618 Maximilians :: DITTRICH-PC [Administrator] 06.07.2013 10:29:03 mbam-log-2013-07-06 (10-29-03).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 341469 Laufzeit: 1 Minute(n), 42 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Log von ESET ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=f77a3561a2ee79429e0e1e6713b1c38f # engine=14286 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-07-06 09:58:38 # local_time=2013-07-06 11:58:38 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5893 16776574 100 94 14040925 124734568 0 0 # scanned=265243 # found=11 # cleaned=0 # scan_time=4662 sh=B1EDBAF82FD5973223A50ADB7F4C90E8D9119C0E ft=1 fh=a90676d57e05b8a8 vn="a variant of Win32/Kryptik.AWRQ trojan" ac=I fn="C:\FRST\Quarantine\8741605.dll" sh=3004D6C2A24A288850BBB502FA44539E0D9AE6A4 ft=1 fh=4011954f87d7e7fd vn="a variant of Win32/Kryptik.BFBG trojan" ac=I fn="C:\FRST\Quarantine\xsqawayyojjtoedatuy.bfg" sh=ABBFF23524B34068CB310E4F2D3F89A92C2C3000 ft=1 fh=0006d877503a70fb vn="Win32/Spy.Zbot.AAO trojan" ac=I fn="C:\FRST\Quarantine\Uzbo\biobu.exe" sh=194216C1DCB9400BB74E8CA9AEEB7F8CEC79739A ft=0 fh=0000000000000000 vn="JS/Agent.NID trojan" ac=I fn="C:\Qoobox\Quarantine\C\ProgramData\5061478.js.vir" sh=1F06B19D7E7A658A8F80B9D04CD3F74D44F651A8 ft=1 fh=7292f4615b841f44 vn="Win32/Adware.Bundlore application" ac=I fn="C:\Users\Maximilians\AppData\Local\Google\Chrome\User Data\Default\old_Cache_000\f_0006a0" sh=3514BFF607CD06CCFCB3B1E5F2BF019DC8B12225 ft=1 fh=50f7d2ccdaaa9bb3 vn="Win32/Adware.1ClickDownload.W application" ac=I fn="C:\Users\Maximilians\Desktop\Download\Archive\Cliffhanger_-_Nur_die_Starken_überleben.exe" sh=3514BFF607CD06CCFCB3B1E5F2BF019DC8B12225 ft=1 fh=50f7d2ccdaaa9bb3 vn="Win32/Adware.1ClickDownload.W application" ac=I fn="C:\Users\Maximilians\Desktop\Download\Setups\Cliffhanger_-_Nur_die_Starken_überleben.exe" sh=56E148A741AB8BCA5D1AF89256BFECC5486FA052 ft=1 fh=e9a6ca3646fd2424 vn="Win32/Adware.1ClickDownload.G application" ac=I fn="C:\Users\Maximilians\Desktop\Download\Setups\Kastelruther Spatzen.exe" sh=0D792E43E088F48F769FE4A61DA8CE0C41907FEE ft=1 fh=26774a8c04190c5a vn="a variant of Win64/Mediyes.B trojan" ac=I fn="C:\_OTL\MovedFiles\07052013_171143\C_Windows\SysNative\pouafxzw3.dll" sh=65F25B06EA1ADC69CFCA7696B8A67702CF389088 ft=1 fh=c71c0011949e9615 vn="a variant of Win32/Mediyes.Q trojan" ac=I fn="C:\_OTL\MovedFiles\07052013_171143\C_Windows\SysWOW64\nsplf3g3.dll" sh=EF19772ADF15EBEF051E0D2F77BABF0D7818A539 ft=1 fh=c71c0011117d11d2 vn="a variant of Win32/Mediyes.Q trojan" ac=I fn="C:\_OTL\MovedFiles\07052013_171143\C_Windows\SysWOW64\UDDIqkgc8.dll" Log von FRST FRST Logfile: Code: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013 |
Hallo, Zitat:
Die restlichen Funde sind bereits in den verschiedenen Quarantänen. Schauen wir noch, was da mit dem Sicherheitscenter los ist: Downloade dir bitte Farbar Service Scanner
Poste bitte den Inhalt hier. |
OK hier ist die TXT. Datei von dem FSS-Tool: Farbar Service Scanner Version: 06-07-2013 Ran by Maximilians (administrator) on 06-07-2013 at 12:46:52 Running from "C:\Users\Maximilians\Desktop" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Dnscache Service is not running. Checking service configuration: The start type of Dnscache service is OK. The ImagePath of Dnscache service is OK. The ServiceDll of Dnscache service is OK. Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is set to Demand. The default start type is Auto. The ImagePath of WinDefend service is OK. The ServiceDll of WinDefend service is OK. Windows Defender Disabled Policy: ========================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=DWORD:1 Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\ipnathlp.dll => MD5 is legit C:\Windows\System32\iphlpsvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log **** Die 3 ".exe" Datein die du mir zitiert hast, habe ich übrigens gelöscht. |
Schritt 1
Code: sc query wscsvc /c
Schritt 2 Downloade dir bitte Farbar Service Scanner
Poste bitte den Inhalt hier. Bitte poste in deiner nächsten Antwort:
|
Nach dem None habe ich auf Scan geklickt und ein schwarzes Fenster öffnete sich und diese Fehlermeldung kam: RegSvr32 Fehler beim Laden des Moduls "WSCSVC". Stellen Sie sicher, dass die Binärdatei am angegebenen Pfad gespeichert ist, oder debuggen Sie die Datei, um Probleme mit der binären Datei oder abhängigen DLL-Dateien auszuschließen. Das angegebene Modul wurde nicht gefunden. Dann habe ich auf OK geklickt und es öffnete sich diese TXT. - Datei:OTL Logfile: Code: OTL logfile created on: 7/6/2013 1:08:46 PM - Run 3 Soll ich nun trotzdem die FSS.exe ausführen? |
Zitat:
|
Hier die FSS: [B]Farbar Service Scanner Version: 06-07-2013 Ran by Maximilians (administrator) on 06-07-2013 at 13:25:12 Running from "C:\Users\Maximilians\Desktop" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Dnscache Service is not running. Checking service configuration: The start type of Dnscache service is OK. The ImagePath of Dnscache service is OK. The ServiceDll of Dnscache service is OK. Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is set to Demand. The default start type is Auto. The ImagePath of WinDefend service is OK. The ServiceDll of WinDefend service is OK. Windows Defender Disabled Policy: ========================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=DWORD:1 Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\ipnathlp.dll => MD5 is legit C:\Windows\System32\iphlpsvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log **** |
Alle Zeitangaben in WEZ +1. Es ist jetzt 02:57 Uhr. |
Copyright ©2000-2024, Trojaner-Board