| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Avira findet dauernd TR/ATRAPS.Gen und TR/ATRAPS.Gen2, was muss ich machen damit es verschwindet ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.06.2012, 10:14
| #1 |
 |  Avira findet dauernd TR/ATRAPS.Gen und TR/ATRAPS.Gen2, was muss ich machen damit es verschwindet ? Hallo, seit kurzer Zeit findet Avira dauernd AT/ATRAPS.Gen, AT/ATRAPS.Gen2 und einmal TR/Small.FI. Ich kenne mich überhaupt nicht mit so etwas aus und habe mich informiert. Leider kamen nur Themen in denen gesagt wurde wichtige Daten sichern und dann Formatieren. Ich möchte das aber vermeiden, wenn es geht. Ich bin auf ein ähnliches Problem gestoßen auf Trojaner-Board aber es wurde geschrieben, dass man ein nicht blind den Anweisungen folgen sollte sondern ein eigenes Thema erstellen soll. Ich habe mir die Regeln durchgelesen und habe auch den ersten Schritt befolgt mit defogger. Bei dem zweiten Schritt habe ich eine Frage und zwar: Was ist mit Programmen gemeint einfach nur solche Sachen wie Skype und Avira oder wenn man den Taskmanager öffnet die Prozesse ? defogger : defogger_disable Log : defogger_disable by jpshortstuff (23.02.10.1) Log created at 10:42 on 10/06/2012 (Jan) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- Da das mein erstes Forum ist hoffe ich, dass ich alles richtig gemacht habe und danke schon mal im vorraus auf alle Antworten Jan |
|
11.06.2012, 07:59
| #2 | |
| /// Malwareteam    | Avira findet dauernd TR/ATRAPS.Gen und TR/ATRAPS.Gen2, was muss ich machen damit es verschwindet ?Zitat:
 Poste die logdateien, dann sehen wir weiter!
__________________ |
|
11.06.2012, 20:20
| #3 |
| | Avira findet dauernd TR/ATRAPS.Gen und TR/ATRAPS.Gen2, was muss ich machen damit es verschwindet ? Danke für die schnelle Beantwortung meiner Frage hier sind die Logdateien :
__________________OTL:OTL Logfile: Code:
ATTFilter OTL logfile created on: 11.06.2012 21:07:45 - Run 3 OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Jan\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,98 Gb Total Physical Memory | 5,85 Gb Available Physical Memory | 73,34% Memory free 15,96 Gb Paging File | 13,38 Gb Available in Paging File | 83,82% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 455,99 Gb Total Space | 279,51 Gb Free Space | 61,30% Space Free | Partition Type: NTFS Drive D: | 164,22 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: JAN-PC | User Name: Jan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Jan\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe () PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe () PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Iminent\Iminent.exe (Iminent) PRC - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (Iminent) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) PRC - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE () PRC - C:\Program Files (x86)\AlienRespawn\sftservice.EXE (SoftThinks SAS) PRC - C:\Program Files (x86)\AlienRespawn\TOASTER.EXE (SoftThinks - Dell) PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Programme\Alienware\Command Center\AWCCApplicationWatcher32.exe (Alienware) PRC - C:\Programme\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation) PRC - C:\Programme\Alienware\Command Center\AlienFusionController.exe () PRC - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll () MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll () MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll () MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe () MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\ede3b9144bc31da0eaaf86c7b6a9eaaa\WindowsFormsIntegration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\cfece6f67593b4d8bb58d23b7fdcc470\System.ServiceModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\bd28f26b18b8ffeee1a0fbaa98f5810e\System.IdentityModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\977c7c2badf6a9059ba8371a0f645fc8\System.Configuration.Install.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\dbe597aa9c12df5d08fb2f3f9872b834\System.Web.Services.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\43476ffc51367fb771ac37209c7f0280\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\94b346f2ab12d38efb1331ded5783396\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.Wrapper.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\79ac99fe5274fb82ffcff2c15f71854c\System.Runtime.DurableInstancing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\8a9fac9cb825b5d2db0bdb867fff940e\System.Runtime.Serialization.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\bb97517e4ca64e02282fca24612ce8ad\SMDiagnostics.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\439862b007b2dd84127ff35af476f5ad\System.WorkflowServices.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ed560b26f2f86b3f07b7f6d384f92275\System.ServiceModel.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\64de6810023adccdc56ddae13bdd6b03\System.Xml.Linq.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\2ce8210219c7123610072357358df470\System.IdentityModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9e7bf69d97febe4ed1a288c787e5d9ca\SMDiagnostics.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\107779ca2708d2b31b2e1560e47f6d15\System.ServiceModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\6c30b231f838269283ee449bbc98b202\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\1a690902e9a6293de228c16fab21e2f7\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07f019692c382d588d3c6cb2da2a9ec5\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\90555968565afd59bce4b0974e9903bd\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\69f6e582cb79f107c61308b468c1a215\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2d1fd350e9bc62ce659e5cbcfd555796\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\041b1bcf6ae9ab58925791d8198c37e2\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a1de74c8d0dfd15e3246e5dd394013bf\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\4b7adff986a085bb562222d0c5fdf5aa\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\9ee9841d9e33fe5dceba4cd7d90f2ae0\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\03b5233f1511f5fdb39eb681b04e5506\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () MOD - C:\Programme\Alienware\Command Center\AlienFusionController.exe () MOD - c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_de_b77a5c561934e089\System.Runtime.Serialization.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () ========== Win32 Services (SafeList) ========== SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (vToolbarUpdater11.1.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe () SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (SftService) -- C:\Program Files (x86)\AlienRespawn\sftservice.EXE (SoftThinks SAS) SRV - (AlienFusionService) -- C:\Programme\Alienware\Command Center\AlienFusionService.exe (Alienware) SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions) SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions) SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (wlidsvc) -- c:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (acedrv09) -- C:\Windows\SysNative\drivers\acedrv09.sys () DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (REN2CAP_DRIVER) -- C:\Windows\SysNative\drivers\ren2cap.sys () DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (LADF_SBVM) -- C:\Windows\SysNative\drivers\ladfSBVMamd64.sys (Logitech) DRV:64bit: - (LADF_DHP2) -- C:\Windows\SysNative\drivers\ladfDHP2amd64.sys (Logitech) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.) DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.2) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation) DRV:64bit: - (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.2) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation) DRV:64bit: - (RtNdPt60) -- C:\Windows\SysNative\drivers\RtNdPt60.sys (Realtek ) DRV:64bit: - (VLAN) Realtek Virtual Miniport Driver for VLAN (NDIS 6.2) -- C:\Windows\SysNative\drivers\RtVlan60.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.2) -- C:\Windows\SysNative\drivers\RtVlan60.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (xnacc) -- C:\Windows\SysNative\drivers\xnacc.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.) DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={89B351E1-A730-11E1-A30B-F04DA2DE2529} IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = hxxp://search.iminent.com/?appId=&ref=toolbox&q={searchTerms} IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={89B351E1-A730-11E1-A30B-F04DA2DE2529} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.de/alienware IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.avg.com/?cid={A76DCA3B-EEEF-46FE-A69C-525F15656C8E}&mid=35a99a1396e147d0bca52104e43accda-b9b8d9fa4e648cf9caba6f3668e5d45d9c3118d4&lang=de&ds=cv011&pr=sa&d=2012-05-18 14:14:06&v=11.1.0.7&sap=hp IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=109986&babsrc=SP_ss&mntrId=566fb474000000000000e2d53d94cced IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={A76DCA3B-EEEF-46FE-A69C-525F15656C8E}&mid=35a99a1396e147d0bca52104e43accda-b9b8d9fa4e648cf9caba6f3668e5d45d9c3118d4&lang=de&ds=cv011&pr=sa&d=2012-05-18 14:14:06&v=11.1.0.7&sap=dsp&q={searchTerms} IE - HKCU\..\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}: "URL" = hxxp://search.iminent.com/?appId=&ref=toolbox&q={searchTerms} IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&crg=3.1010000.10011&st=1&barid={89B351E1-A730-11E1-A30B-F04DA2DE2529}&q={searchTerms}&barid={89B351E1-A730-11E1-A30B-F04DA2DE2529} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "SearchTheWeb" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search" FF - prefs.js..browser.startup.homepage: "hxxp://search.iminent.com/?appId=694f2c06-9d73-4bfe-bbce-657abafd8dd5&lcid=1031&ref=homepage" FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7Be1532237-9126-492d-826e-8e11e95c7ea2%7D&mid=35a99a1396e147d0bca52104e43accda-b9b8d9fa4e648cf9caba6f3668e5d45d9c3118d4&ds=cv011&v=11.1.0.7&lang=de&pr=sa&d=2012-05-18%2014%3A14%3A06&sap=ku&q=" FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - prefs.js..network.proxy.type: 0 FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "SearchTheWeb" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "AVG Secure Search" FF - prefs.js..browser.startup.homepage: "hxxp://isearch.avg.com?cid=%7Be1532237-9126-492d-826e-8e11e95c7ea2%7D&mid=35a99a1396e147d0bca52104e43accda-b9b8d9fa4e648cf9caba6f3668e5d45d9c3118d4&ds=cv011&v=11.1.0.7&lang=de&pr=sa&d=2012-05-18%2014%3A14%3A06&sap=hp" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q=" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.110.0: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jan\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jan\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.18 20:26:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com [2012.05.18 14:04:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012.05.18 14:14:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.11 19:56:20 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.13 12:47:00 | 000,000,000 | ---D | M] [2012.02.11 19:56:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\mozilla\Extensions [2012.05.31 18:16:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\pam6zqu0.default\extensions [2012.04.06 19:04:30 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\pam6zqu0.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2012.03.24 13:49:23 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\pam6zqu0.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516} [2012.05.31 18:16:43 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\pam6zqu0.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.05.18 14:05:10 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\pam6zqu0.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444} [2012.05.26 14:42:56 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\pam6zqu0.default\extensions\plugin@yontoo.com [2012.05.30 16:51:44 | 000,002,270 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\pam6zqu0.default\searchplugins\SearchTheWeb.xml [2012.05.29 21:15:13 | 000,004,113 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\pam6zqu0.default\searchplugins\sweetim.xml [2012.04.07 12:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.02.12 13:29:36 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.04.07 12:55:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012.05.18 14:04:02 | 000,000,000 | ---D | M] ("Iminent Minibar") -- C:\PROGRAM FILES (X86)\IMINENT\WEBBOOSTER@IMINENT.COM [2012.05.18 14:14:08 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\11.1.0.7 [2012.04.06 19:19:58 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\JAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PAM6ZQU0.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012.05.26 14:44:36 | 000,172,310 | ---- | M] () (No name found) -- C:\USERS\JAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PAM6ZQU0.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI [2012.05.26 14:42:42 | 000,086,818 | ---- | M] () (No name found) -- C:\USERS\JAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PAM6ZQU0.DEFAULT\EXTENSIONS\ONECLICKDOWNLOADER@ONECLICKDOWNLOADER.COM.XPI [2012.02.08 22:31:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.04.07 12:55:30 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012.02.08 19:36:16 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.05.18 14:14:05 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012.03.24 13:49:14 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2012.02.08 19:21:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.02.08 19:36:16 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.02.08 19:36:16 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.04.27 13:34:14 | 000,002,157 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml [2012.02.08 19:36:16 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.02.08 19:36:16 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Google Update (Enabled) = C:\Users\Jan\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - Extension: Angry Birds = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\ CHR - Extension: YouTube = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Battlefield 3 Theme 1920 x 1080 = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\deioopoenadckcbdonfggahnhjdbmcib\1_0\ CHR - Extension: Complitly plugin for chrome = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_0\ CHR - Extension: AdBlock = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.34_0\ CHR - Extension: Skype Click to Call = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\ CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ CHR - Extension: Google Mail = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ CHR - Extension: Angry Birds = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\ CHR - Extension: YouTube = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Battlefield 3 Theme 1920 x 1080 = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\deioopoenadckcbdonfggahnhjdbmcib\1_0\ CHR - Extension: Complitly plugin for chrome = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_0\ CHR - Extension: AdBlock = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.34_0\ CHR - Extension: Skype Click to Call = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\ CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ CHR - Extension: Google Mail = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Jan\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Jan\AppData\Roaming\Complitly\Complitly.dll (SimplyGen) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll () O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found. O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll () O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC) O3:64bit: - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\pam6zqu0.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin64-0.97.dll (getfireshot.com) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (FireShot) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\pam6zqu0.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.97.dll (getfireshot.com) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll () O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll () O3 - HKCU\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4:64bit: - HKLM..\Run: [] File not found O4:64bit: - HKLM..\Run: [Command Center Controllers] C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe (Microsoft) O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Launch Keyboard CI] c:\Program Files\Alienware\Alienware TactX Keyboard CI\txkbci.exe (Alienware) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RunDLLEntry_EptMon] C:\Windows\SysNative\EptMon64.DLL (Creative Technology Ltd.) O4:64bit: - HKLM..\Run: [RunDLLEntry_THXCfg] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe (Iminent) O4 - HKLM..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (Iminent) O4 - HKLM..\Run: [Logitech G35] C:\Program Files (x86)\Logitech\G35\G35.exe (Logitech(c)) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions) O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe (Creative Technology Ltd) O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.) O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) O4 - HKCU..\Run: [LicenseValidator] C:\Users\Jan\AppData\Roaming\Mozilla\{55BA6F2F-4A5E-46D3-A5A8-3CC80754E6F9}\LicenseValidator.exe File not found O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O4 - Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Web-Suche - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html () O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Free YouTube Download - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Web-Suche - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html () O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - c:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - c:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2E83AF56-9F1E-4379-B0B4-EDC65DAA2942}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll () O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.04.21 22:26:34 | 000,000,062 | R--- | M] () - D:\Autorun.inf -- [ CDFS ] O33 - MountPoints2\{02e00400-1b2c-11e1-aa98-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{02e00400-1b2c-11e1-aa98-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Install.exe -- [2010.10.05 18:35:47 | 002,348,376 | R--- | M] (Logitech(c)) O33 - MountPoints2\{4f459771-6b5e-11e1-98f9-f04da2de2529}\Shell - "" = AutoRun O33 - MountPoints2\{4f459771-6b5e-11e1-98f9-f04da2de2529}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.06.10 10:40:18 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe [2012.06.05 17:14:20 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Leadertech [2012.06.05 17:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [2012.06.05 17:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech [2012.06.05 17:14:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech [2012.06.05 17:12:57 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd [2012.06.05 09:02:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012.06.05 09:02:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2012.06.05 09:02:20 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012.06.05 08:59:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012.06.05 08:59:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2012.06.05 08:59:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2012.06.05 08:59:19 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012.06.05 08:55:49 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\Microsoft Help [2012.06.05 08:55:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2012.05.31 19:37:38 | 000,000,000 | ---D | C] -- C:\Users\Jan\Desktop\Videos [2012.05.31 18:16:42 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers [2012.05.31 18:16:39 | 002,557,952 | ---- | C] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\Windows\SysWow64\QtCore4.dll [2012.05.31 18:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2012.05.31 18:16:38 | 000,405,176 | ---- | C] (Newtonsoft) -- C:\Windows\SysWow64\Newtonsoft.Json.Net20.dll [2012.05.31 18:16:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft [2012.05.31 18:16:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft [2012.05.31 18:15:58 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\DVDVideoSoft [2012.05.30 20:35:52 | 000,000,000 | ---D | C] -- C:\Users\Jan\Desktop\minecraft [2012.05.26 22:53:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ace of Spades [2012.05.26 22:53:19 | 000,000,000 | ---D | C] -- C:\Ace of Spades [2012.05.26 14:44:30 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM [2012.05.26 14:44:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM [2012.05.26 14:42:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo [2012.05.26 14:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2012.05.26 14:41:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\1ClickDownload [2012.05.19 13:54:03 | 000,000,000 | ---D | C] -- C:\Users\Jan\Documents\Diablo III [2012.05.19 13:24:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III [2012.05.19 13:24:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo III [2012.05.19 13:21:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net [2012.05.19 11:25:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [2012.05.19 11:24:59 | 000,108,032 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMEJE.DLL [2012.05.19 11:24:59 | 000,081,408 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBEJE.DLL [2012.05.19 11:24:58 | 000,010,752 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL [2012.05.19 11:22:42 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON [2012.05.19 11:12:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics [2012.05.19 11:12:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics [2012.05.19 11:12:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2012.05.18 19:26:25 | 000,000,000 | ---D | C] -- C:\ts3overlay [2012.05.18 19:25:54 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\Origin [2012.05.18 19:17:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [2012.05.18 19:17:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin [2012.05.18 14:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee [2012.05.18 14:23:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Screaming Bee [2012.05.18 14:14:10 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\AVG Secure Search [2012.05.18 14:14:05 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search [2012.05.18 14:14:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search [2012.05.18 14:14:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search [2012.05.18 14:13:26 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012.05.18 14:12:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fake Voice [2012.05.18 14:05:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IMinent Toolbar [2012.05.18 14:04:56 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Screaming Bee [2012.05.18 14:04:09 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Iminent [2012.05.18 14:04:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent [2012.05.18 14:04:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent [2012.05.18 14:04:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Iminent [2012.05.18 14:03:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Screaming Bee [2012.05.13 20:45:02 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\LolClient [2012.05.13 19:49:51 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2012.05.13 19:49:51 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2012.05.13 19:49:51 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2012.05.13 19:46:07 | 000,000,000 | ---D | C] -- C:\Riot Games [2012.05.13 19:46:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2012.05.13 13:34:36 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\RotMG.Production [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.11 21:09:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2532466536-4214561068-2911664243-1000UA.job [2012.06.11 20:35:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.06.11 20:08:25 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job [2012.06.11 19:50:36 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.06.11 19:50:36 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.11 19:41:51 | 000,000,536 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job [2012.06.11 19:41:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.06.11 19:41:43 | 2133,037,055 | -HS- | M] () -- C:\hiberfil.sys [2012.06.10 18:15:50 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.06.10 18:15:50 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.06.10 18:15:26 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.06.10 18:09:00 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2532466536-4214561068-2911664243-1000Core.job [2012.06.10 10:42:03 | 000,000,000 | ---- | M] () -- C:\Users\Jan\defogger_reenable [2012.06.10 10:40:11 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe [2012.06.10 10:37:15 | 000,050,477 | ---- | M] () -- C:\Users\Jan\Desktop\Defogger.exe [2012.06.08 20:34:57 | 816,656,854 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.06.07 19:17:56 | 000,000,000 | ---- | M] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-06-07 19_17_56.096348.dmp [2012.06.06 14:20:15 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.06.06 14:20:15 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.06.06 14:20:15 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.06.06 14:20:15 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.06 14:20:15 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.06.06 09:08:22 | 000,003,095 | ---- | M] () -- C:\Users\Jan\Desktop\Microsoft PowerPoint 2010.lnk [2012.06.06 09:08:22 | 000,003,047 | ---- | M] () -- C:\Users\Jan\Desktop\Microsoft Excel 2010.lnk [2012.06.06 09:08:22 | 000,003,029 | ---- | M] () -- C:\Users\Jan\Desktop\Microsoft Word 2010.lnk [2012.06.05 19:11:36 | 000,007,596 | ---- | M] () -- C:\Users\Jan\AppData\Local\Resmon.ResmonCfg [2012.06.05 17:18:07 | 000,001,960 | ---- | M] () -- C:\Users\Jan\Desktop\G35 konfigurieren.lnk [2012.06.05 17:05:07 | 000,487,248 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.06.01 20:10:44 | 000,000,000 | ---- | M] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-06-01 20_10_44.093315.dmp [2012.06.01 19:13:12 | 000,000,000 | ---- | M] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-06-01 19_13_12.963934.dmp [2012.06.01 17:56:33 | 000,038,017 | ---- | M] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-06-01 17_56_33.771882.dmp [2012.06.01 17:56:27 | 000,038,017 | ---- | M] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-06-01 17_56_27.680534.dmp [2012.06.01 17:55:49 | 000,178,649 | ---- | M] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-06-01 17_55_48.842323.dmp [2012.05.31 18:16:57 | 000,001,404 | ---- | M] () -- C:\Users\Jan\Desktop\Free YouTube to MP3 Converter.lnk [2012.05.31 18:16:39 | 000,001,308 | ---- | M] () -- C:\Users\Jan\Desktop\Free YouTube Download.lnk [2012.05.31 14:59:36 | 000,055,212 | ---- | M] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-05-31 14_59_35.176996.dmp [2012.05.26 22:53:19 | 000,000,138 | ---- | M] () -- C:\Users\Public\Desktop\Play Ace of Spades.url [2012.05.26 20:40:54 | 000,000,336 | ---- | M] () -- C:\Windows\game.ini [2012.05.24 15:11:09 | 000,002,393 | ---- | M] () -- C:\Users\Jan\Desktop\Google Chrome.lnk [2012.05.19 13:49:21 | 000,001,213 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk [2012.05.18 19:17:18 | 000,001,003 | ---- | M] () -- C:\Users\Jan\Desktop\Origin.lnk [2012.05.18 14:23:34 | 000,002,112 | ---- | M] () -- C:\Users\Public\Desktop\MorphVOX Pro.lnk [2012.05.18 14:04:06 | 000,000,635 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog [2012.05.17 17:39:55 | 004,099,936 | ---- | M] () -- C:\Users\Jan\Documents\Temple of Elements.rar [2012.05.13 19:49:53 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2012.05.13 13:32:19 | 000,000,222 | ---- | M] () -- C:\Users\Jan\Desktop\Realm of the Mad God.url [2012.05.13 00:47:33 | 000,000,000 | ---- | M] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-05-13 00_47_33.016893.dmp [2012.05.12 22:56:18 | 000,000,000 | ---- | M] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-05-12 22_56_18.942609.dmp [2012.05.12 22:55:54 | 000,000,000 | ---- | M] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-05-12 22_55_54.677245.dmp [2012.05.12 22:55:46 | 000,000,000 | ---- | M] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-05-12 22_55_46.201760.dmp [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.06.11 20:17:42 | 000,022,016 | ---- | C] () -- C:\Windows\Installer\{9cf40b3a-87ab-7192-8eae-de1194e8f075}\U\800000cb.@ [2012.06.11 20:17:42 | 000,016,896 | ---- | C] () -- C:\Windows\Installer\{9cf40b3a-87ab-7192-8eae-de1194e8f075}\U\80000000.@ [2012.06.10 10:42:03 | 000,000,000 | ---- | C] () -- C:\Users\Jan\defogger_reenable [2012.06.10 10:39:33 | 000,050,477 | ---- | C] () -- C:\Users\Jan\Desktop\Defogger.exe [2012.06.09 16:38:20 | 000,001,648 | ---- | C] () -- C:\Windows\Installer\{9cf40b3a-87ab-7192-8eae-de1194e8f075}\U\00000001.@ [2012.06.07 19:17:56 | 000,000,000 | ---- | C] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-06-07 19_17_56.096348.dmp [2012.06.05 17:18:07 | 000,001,960 | ---- | C] () -- C:\Users\Jan\Desktop\G35 konfigurieren.lnk [2012.06.05 09:02:56 | 000,003,095 | ---- | C] () -- C:\Users\Jan\Desktop\Microsoft PowerPoint 2010.lnk [2012.06.05 09:02:56 | 000,003,047 | ---- | C] () -- C:\Users\Jan\Desktop\Microsoft Excel 2010.lnk [2012.06.05 09:02:56 | 000,003,029 | ---- | C] () -- C:\Users\Jan\Desktop\Microsoft Word 2010.lnk [2012.06.01 20:10:44 | 000,000,000 | ---- | C] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-06-01 20_10_44.093315.dmp [2012.06.01 19:13:12 | 000,000,000 | ---- | C] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-06-01 19_13_12.963934.dmp [2012.06.01 17:56:33 | 000,038,017 | ---- | C] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-06-01 17_56_33.771882.dmp [2012.06.01 17:56:27 | 000,038,017 | ---- | C] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-06-01 17_56_27.680534.dmp [2012.06.01 17:55:48 | 000,178,649 | ---- | C] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-06-01 17_55_48.842323.dmp [2012.05.31 18:16:57 | 000,001,404 | ---- | C] () -- C:\Users\Jan\Desktop\Free YouTube to MP3 Converter.lnk [2012.05.31 18:16:39 | 000,001,308 | ---- | C] () -- C:\Users\Jan\Desktop\Free YouTube Download.lnk [2012.05.31 14:59:35 | 000,055,212 | ---- | C] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-05-31 14_59_35.176996.dmp [2012.05.30 19:46:41 | 000,046,728 | ---- | C] () -- C:\Windows\SysNative\drivers\ren2cap.sys [2012.05.26 22:53:19 | 000,000,138 | ---- | C] () -- C:\Users\Public\Desktop\Play Ace of Spades.url [2012.05.26 20:40:53 | 000,000,336 | ---- | C] () -- C:\Windows\game.ini [2012.05.19 13:24:51 | 000,001,213 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk [2012.05.18 19:17:18 | 000,001,003 | ---- | C] () -- C:\Users\Jan\Desktop\Origin.lnk [2012.05.18 14:23:34 | 000,002,112 | ---- | C] () -- C:\Users\Public\Desktop\MorphVOX Pro.lnk [2012.05.18 14:04:06 | 000,000,635 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog [2012.05.17 17:38:15 | 004,099,936 | ---- | C] () -- C:\Users\Jan\Documents\Temple of Elements.rar [2012.05.13 19:49:53 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2012.05.13 13:32:19 | 000,000,222 | ---- | C] () -- C:\Users\Jan\Desktop\Realm of the Mad God.url [2012.05.13 00:47:33 | 000,000,000 | ---- | C] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-05-13 00_47_33.016893.dmp [2012.05.12 22:56:18 | 000,000,000 | ---- | C] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-05-12 22_56_18.942609.dmp [2012.05.12 22:55:54 | 000,000,000 | ---- | C] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-05-12 22_55_54.677245.dmp [2012.05.12 22:55:46 | 000,000,000 | ---- | C] () -- C:\Users\Jan\Documents\ts3_clientui-win32-1334913258-2012-05-12 22_55_46.201760.dmp [2012.04.19 21:21:09 | 000,089,312 | ---- | C] () -- C:\Windows\SysWow64\acedrv09.dll [2012.04.19 21:20:30 | 000,016,098 | ---- | C] () -- C:\Windows\German2.ini [2012.02.29 14:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2012.01.26 16:36:47 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.01.26 16:36:46 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.01.11 18:42:30 | 000,002,048 | -HS- | C] () -- C:\Windows\Installer\{9cf40b3a-87ab-7192-8eae-de1194e8f075}\@ [2012.01.11 18:42:30 | 000,002,048 | -HS- | C] () -- C:\Users\Jan\AppData\Local\{9cf40b3a-87ab-7192-8eae-de1194e8f075}\@ [2011.12.21 17:01:36 | 000,007,596 | ---- | C] () -- C:\Users\Jan\AppData\Local\Resmon.ResmonCfg [2011.12.15 17:23:45 | 000,006,144 | ---- | C] () -- C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.11.30 11:57:06 | 000,001,264 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini [2011.11.30 11:57:06 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini [2011.11.30 11:57:06 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini [2011.11.30 11:57:05 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2011.11.30 11:57:05 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.05.02 14:28:06 | 000,098,232 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll [2011.02.11 12:22:50 | 001,589,442 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI < End of report > Extras:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 11.06.2012 21:07:46 - Run 3
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Jan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 5,85 Gb Available Physical Memory | 73,34% Memory free
15,96 Gb Paging File | 13,38 Gb Available in Paging File | 83,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,99 Gb Total Space | 279,51 Gb Free Space | 61,30% Space Free | Partition Type: NTFS
Drive D: | 164,22 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: JAN-PC | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = AlienAutopsy
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{13A3A271-B2AA-486C-9AD5-F272079BB9B5}" = Alienware TactX Keyboard CI 1.00.130
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit)
"{27607A94-33AC-4AA7-AACE-95AF6ACA3E30}" = Logitech G35
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{3807E4A2-1E4A-4FD2-B69E-054934C53EE4}" = Command Center
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{B0D59FDC-FEAB-49A2-9B5A-E5E0A8F9D7E0}" = Alienware TactX(TM) Mouse CI 1.00
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 296.10
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CA8128ED-01A5-4447-9BBB-7684DB57F1AB}" = Aurora-R3 Manual
"{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"AlienAutopsy" = AlienAutopsy
"CCleaner" = CCleaner
"EPSON BX300F Series" = EPSON BX300F Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"UDK-a5b0b20b-6810-4368-8d0b-acd510e746a6" = My Game Long Name
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{010A785B-F920-4350-821B-6309909C20BB}" = THX TruStudio PC
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}" = SweetIM for Messenger 3.6
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = AlienRespawn
"{147894EE-5ED4-11E1-A8FF-F04DA23A5C58}" = MSVCRT Redists
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2032DA39-C844-43AE-B638-6A4F7496686E}" = Furry Voices for Second Life
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}" = Tribes Ascend
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4183178B-4D4E-48A7-9257-454BA90A760E}" = SweetPacks Toolbar for Internet Explorer 4.6
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{57520FA0-A73E-4165-BCA2-D71000038301}" = Batman: Arkham City™
"{57520FA0-AC56-469B-9983-FF1000008300}" = Batman: Arkham City™
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5F4C3E1F-87FC-41BD-B219-E4156BBD8AE5}" = Fantasy Voice Pack
"{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}" = Ace of Spades
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{67CEC218-B250-4B4C-B23F-A597EC8DB153}" = Deep Space Voices
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{891D8FC9-726D-46F2-ADC0-E060A6EB1DC3}" = Galactic Voices
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}" = IMinent Toolbar
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = AlienRespawn - Support Software
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{D1E01FCE-5C90-402B-BB4E-B73EC6F85328}" = MorphVOX Pro
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{E1845F1C-068C-F8F4-D31D-D3540D47C453}" = Adobe Download Assistant
"{E2494AD8-314D-44F8-B39C-4358A60DC184}" = LogMeIn Hamachi
"{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}" = FIFA 12
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F7CF0E9A-D48B-4942-9537-259ED0568DF4}" = Iminent
"{FB697452-8CA4-46B4-98B1-165C922A2EF3}" = Update Manager for SweetPacks 1.0
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"1ClickDownloader" = 1ClickDownloader
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"AVG Secure Search" = AVG Security Toolbar
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Diablo III" = Diablo III
"DivX Setup" = DivX-Setup
"ESN Sonar-0.70.4" = ESN Sonar
"Fraps" = Fraps (remove only)
"Free YouTube Download_is1" = Free YouTube Download version 3.1.27.508
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.22.508
"GFWL_{57520FA0-AC56-469B-9983-FF1000008300}" = Batman: Arkham City™
"IMBoosterARP" = Iminent
"InstallShield_{3807E4A2-1E4A-4FD2-B69E-054934C53EE4}" = Command Center
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{CA8128ED-01A5-4447-9BBB-7684DB57F1AB}" = Aurora-R3 Manual
"LogMeIn Hamachi" = LogMeIn Hamachi
"McAfee Security Scan" = McAfee Security Scan Plus
"Minecraft Texturepack Editor" = Minecraft Texturepack Editor
"Mozilla Firefox 10.0.1 (x86 de)" = Mozilla Firefox 10.0.1 (x86 de)
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Professional 2010
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Steam App 105600" = Terraria
"Steam App 17390" = Spore
"Steam App 200210" = Realm of the Mad God
"Steam App 204610" = Q.U.B.E. Demo
"Steam App 400" = Portal
"Steam App 40800" = Super Meat Boy
"Steam App 42680" = Call of Duty: Modern Warfare 3
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 55230" = Saints Row: The Third
"Steam App 72850" = The Elder Scrolls V: Skyrim
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 05.06.2012 01:27:03 | Computer Name = Jan-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.06.2012 02:58:11 | Computer Name = Jan-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Jan\Downloads\SoftonicDownloader_fuer_hear.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 05.06.2012 02:58:11 | Computer Name = Jan-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Jan\Downloads\SoftonicDownloader_fuer_call-of-duty-4.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 05.06.2012 02:58:11 | Computer Name = Jan-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Jan\Downloads\SoftonicDownloader_fuer_morphvox.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 05.06.2012 02:58:11 | Computer Name = Jan-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Jan\Downloads\SoftonicDownloader_fuer_fake-voice.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 05.06.2012 02:58:11 | Computer Name = Jan-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Jan\Downloads\SoftonicDownloader_fuer_photoscape.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 05.06.2012 03:01:55 | Computer Name = Jan-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.06.2012 03:03:20 | Computer Name = Jan-PC | Source = Office Software Protection Platform Service | ID = 8200
Description = License acquisition failure details. hr=0x80072F8F
Error - 05.06.2012 03:03:20 | Computer Name = Jan-PC | Source = Office Software Protection Platform Service | ID = 1008
Description = Acquisition of Secure Processor Certificate failed. hr=0x80072F8F
Error - 05.06.2012 11:05:25 | Computer Name = Jan-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 26.04.2012 08:39:31 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 26.04.2012 08:39:31 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
Error - 26.04.2012 12:30:44 | Computer Name = Jan-PC | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.178.27 registriert werden. Der Computer mit IP-Adresse 192.168.178.1
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 27.04.2012 01:35:00 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147467243.
Error - 27.04.2012 01:35:01 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Server" wurde mit folgendem Fehler beendet: %%1062
Error - 27.04.2012 02:30:44 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst SftService erreicht.
Error - 27.04.2012 02:31:14 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst SftService erreicht.
Error - 27.04.2012 02:32:08 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 27.04.2012 02:32:08 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
Error - 27.04.2012 02:36:02 | Computer Name = Jan-PC | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.178.27 registriert werden. Der Computer mit IP-Adresse 192.168.178.1
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
< End of report >
Jan |
|
12.06.2012, 07:18
| #4 |
| /// Malwareteam | Avira findet dauernd TR/ATRAPS.Gen und TR/ATRAPS.Gen2, was muss ich machen damit es verschwindet ? Schritt 1: aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Schritt 2: Scan mit TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Kein Asylrecht für Trojaner!  Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
12.06.2012, 14:39
| #5 |
| | Avira findet dauernd TR/ATRAPS.Gen und TR/ATRAPS.Gen2, was muss ich machen damit es verschwindet ? aswMBR funktioniert nicht es bleibt stehen bei : Scanning: c:\Microsoft\assambly\Gac_MSIL\Microsoft.visualstudio.Tools.Application.. weiter konnte ich nicht lesen da das Fenster zu klein war. hier ist der Log von TDSS-Killer : 15:31:58.0433 6500 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16 15:31:58.0633 6500 ============================================================ 15:31:58.0633 6500 Current date / time: 2012/06/12 15:31:58.0633 15:31:58.0633 6500 SystemInfo: 15:31:58.0633 6500 15:31:58.0633 6500 OS Version: 6.1.7601 ServicePack: 1.0 15:31:58.0633 6500 Product type: Workstation 15:31:58.0633 6500 ComputerName: JAN-PC 15:31:58.0633 6500 UserName: Jan 15:31:58.0633 6500 Windows directory: C:\Windows 15:31:58.0633 6500 System windows directory: C:\Windows 15:31:58.0633 6500 Running under WOW64 15:31:58.0634 6500 Processor architecture: Intel x64 15:31:58.0634 6500 Number of processors: 8 15:31:58.0634 6500 Page size: 0x1000 15:31:58.0634 6500 Boot type: Normal boot 15:31:58.0634 6500 ============================================================ 15:31:58.0894 6500 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 15:31:58.0897 6500 ============================================================ 15:31:58.0897 6500 \Device\Harddisk0\DR0: 15:31:58.0897 6500 MBR partitions: 15:31:58.0897 6500 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1377000 15:31:58.0897 6500 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x138B000, BlocksNum 0x38FFA800 15:31:58.0897 6500 ============================================================ 15:31:58.0925 6500 C: <-> \Device\Harddisk0\DR0\Partition1 15:31:58.0925 6500 ============================================================ 15:31:58.0925 6500 Initialize success 15:31:58.0925 6500 ============================================================ 15:32:36.0783 2232 ============================================================ 15:32:36.0783 2232 Scan started 15:32:36.0783 2232 Mode: Manual; TDLFS; 15:32:36.0783 2232 ============================================================ 15:32:37.0072 2232 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys 15:32:37.0074 2232 1394ohci - ok 15:32:37.0129 2232 acedrv09 (eae3d29874f8d26e3ec9886fe6d8fbf5) C:\Windows\system32\drivers\acedrv09.sys 15:32:37.0131 2232 acedrv09 - ok 15:32:37.0175 2232 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 15:32:37.0180 2232 ACPI - ok 15:32:37.0197 2232 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 15:32:37.0198 2232 AcpiPmi - ok 15:32:37.0312 2232 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 15:32:37.0312 2232 AdobeARMservice - ok 15:32:37.0439 2232 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 15:32:37.0441 2232 AdobeFlashPlayerUpdateSvc - ok 15:32:37.0501 2232 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 15:32:37.0505 2232 adp94xx - ok 15:32:37.0553 2232 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 15:32:37.0557 2232 adpahci - ok 15:32:37.0583 2232 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 15:32:37.0584 2232 adpu320 - ok 15:32:37.0612 2232 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 15:32:37.0613 2232 AeLookupSvc - ok 15:32:37.0662 2232 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 15:32:37.0666 2232 AFD - ok 15:32:37.0692 2232 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 15:32:37.0693 2232 agp440 - ok 15:32:37.0708 2232 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 15:32:37.0708 2232 ALG - ok 15:32:37.0814 2232 AlienFusionService (976d409a347340c907cd854fb9a9b252) C:\Program Files\Alienware\Command Center\AlienFusionService.exe 15:32:37.0814 2232 AlienFusionService - ok 15:32:37.0841 2232 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 15:32:37.0841 2232 aliide - ok 15:32:37.0852 2232 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 15:32:37.0853 2232 amdide - ok 15:32:37.0870 2232 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 15:32:37.0871 2232 AmdK8 - ok 15:32:37.0882 2232 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 15:32:37.0883 2232 AmdPPM - ok 15:32:37.0911 2232 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 15:32:37.0912 2232 amdsata - ok 15:32:37.0942 2232 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 15:32:37.0944 2232 amdsbs - ok 15:32:37.0975 2232 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 15:32:37.0976 2232 amdxata - ok 15:32:38.0058 2232 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 15:32:38.0059 2232 AntiVirSchedulerService - ok 15:32:38.0089 2232 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 15:32:38.0090 2232 AntiVirService - ok 15:32:38.0122 2232 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 15:32:38.0122 2232 AppID - ok 15:32:38.0145 2232 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 15:32:38.0146 2232 AppIDSvc - ok 15:32:38.0160 2232 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 15:32:38.0161 2232 Appinfo - ok 15:32:38.0242 2232 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 15:32:38.0243 2232 Apple Mobile Device - ok 15:32:38.0267 2232 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 15:32:38.0267 2232 arc - ok 15:32:38.0293 2232 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 15:32:38.0293 2232 arcsas - ok 15:32:38.0367 2232 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 15:32:38.0368 2232 aspnet_state - ok 15:32:38.0393 2232 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 15:32:38.0394 2232 AsyncMac - ok 15:32:38.0433 2232 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 15:32:38.0433 2232 atapi - ok 15:32:38.0536 2232 athr (195786ed7a26e1913a4f9799fdbc2c71) C:\Windows\system32\DRIVERS\athrx.sys 15:32:38.0560 2232 athr - ok 15:32:38.0710 2232 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 15:32:38.0717 2232 AudioEndpointBuilder - ok 15:32:38.0724 2232 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 15:32:38.0729 2232 AudioSrv - ok 15:32:38.0783 2232 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys 15:32:38.0784 2232 avgntflt - ok 15:32:38.0818 2232 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys 15:32:38.0819 2232 avipbb - ok 15:32:38.0832 2232 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys 15:32:38.0833 2232 avkmgr - ok 15:32:38.0878 2232 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 15:32:38.0879 2232 AxInstSV - ok 15:32:38.0933 2232 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 15:32:38.0938 2232 b06bdrv - ok 15:32:38.0982 2232 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 15:32:38.0984 2232 b57nd60a - ok 15:32:39.0021 2232 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 15:32:39.0022 2232 BDESVC - ok 15:32:39.0030 2232 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 15:32:39.0030 2232 Beep - ok 15:32:39.0096 2232 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 15:32:39.0102 2232 BFE - ok 15:32:39.0164 2232 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 15:32:39.0174 2232 BITS - ok 15:32:39.0220 2232 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 15:32:39.0220 2232 blbdrive - ok 15:32:39.0324 2232 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 15:32:39.0328 2232 Bonjour Service - ok 15:32:39.0371 2232 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 15:32:39.0372 2232 bowser - ok 15:32:39.0404 2232 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 15:32:39.0404 2232 BrFiltLo - ok 15:32:39.0407 2232 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 15:32:39.0408 2232 BrFiltUp - ok 15:32:39.0436 2232 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 15:32:39.0437 2232 Browser - ok 15:32:39.0460 2232 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 15:32:39.0463 2232 Brserid - ok 15:32:39.0485 2232 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 15:32:39.0485 2232 BrSerWdm - ok 15:32:39.0489 2232 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 15:32:39.0489 2232 BrUsbMdm - ok 15:32:39.0493 2232 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 15:32:39.0493 2232 BrUsbSer - ok 15:32:39.0512 2232 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 15:32:39.0512 2232 BTHMODEM - ok 15:32:39.0531 2232 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 15:32:39.0532 2232 bthserv - ok 15:32:39.0556 2232 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 15:32:39.0557 2232 cdfs - ok 15:32:39.0587 2232 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 15:32:39.0588 2232 cdrom - ok 15:32:39.0615 2232 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 15:32:39.0616 2232 CertPropSvc - ok 15:32:39.0635 2232 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 15:32:39.0636 2232 circlass - ok 15:32:39.0671 2232 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 15:32:39.0675 2232 CLFS - ok 15:32:39.0770 2232 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:32:39.0771 2232 clr_optimization_v2.0.50727_32 - ok 15:32:39.0815 2232 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 15:32:39.0817 2232 clr_optimization_v2.0.50727_64 - ok 15:32:39.0884 2232 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:32:39.0885 2232 clr_optimization_v4.0.30319_32 - ok 15:32:39.0910 2232 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 15:32:39.0912 2232 clr_optimization_v4.0.30319_64 - ok 15:32:39.0931 2232 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 15:32:39.0932 2232 CmBatt - ok 15:32:39.0935 2232 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 15:32:39.0935 2232 cmdide - ok 15:32:40.0003 2232 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 15:32:40.0019 2232 CNG - ok 15:32:40.0045 2232 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 15:32:40.0045 2232 Compbatt - ok 15:32:40.0070 2232 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys 15:32:40.0071 2232 CompositeBus - ok 15:32:40.0079 2232 COMSysApp - ok 15:32:40.0097 2232 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 15:32:40.0098 2232 crcdisk - ok 15:32:40.0125 2232 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 15:32:40.0128 2232 CryptSvc - ok 15:32:40.0169 2232 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 15:32:40.0173 2232 DcomLaunch - ok 15:32:40.0229 2232 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 15:32:40.0231 2232 defragsvc - ok 15:32:40.0252 2232 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 15:32:40.0253 2232 DfsC - ok 15:32:40.0293 2232 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 15:32:40.0294 2232 Dhcp - ok 15:32:40.0311 2232 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 15:32:40.0312 2232 discache - ok 15:32:40.0342 2232 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 15:32:40.0343 2232 Disk - ok 15:32:40.0375 2232 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 15:32:40.0376 2232 Dnscache - ok 15:32:40.0395 2232 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 15:32:40.0396 2232 dot3svc - ok 15:32:40.0411 2232 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 15:32:40.0412 2232 DPS - ok 15:32:40.0435 2232 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 15:32:40.0436 2232 drmkaud - ok 15:32:40.0487 2232 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 15:32:40.0491 2232 DXGKrnl - ok 15:32:40.0517 2232 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 15:32:40.0518 2232 EapHost - ok 15:32:40.0646 2232 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 15:32:40.0684 2232 ebdrv - ok 15:32:40.0806 2232 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 15:32:40.0807 2232 EFS - ok 15:32:40.0867 2232 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 15:32:40.0880 2232 ehRecvr - ok 15:32:40.0897 2232 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 15:32:40.0898 2232 ehSched - ok 15:32:40.0967 2232 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 15:32:40.0973 2232 elxstor - ok 15:32:40.0984 2232 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 15:32:40.0984 2232 ErrDev - ok 15:32:41.0033 2232 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 15:32:41.0038 2232 EventSystem - ok 15:32:41.0075 2232 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 15:32:41.0077 2232 exfat - ok 15:32:41.0105 2232 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 15:32:41.0107 2232 fastfat - ok 15:32:41.0162 2232 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 15:32:41.0169 2232 Fax - ok 15:32:41.0194 2232 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 15:32:41.0194 2232 fdc - ok 15:32:41.0210 2232 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 15:32:41.0211 2232 fdPHost - ok 15:32:41.0219 2232 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 15:32:41.0220 2232 FDResPub - ok 15:32:41.0233 2232 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 15:32:41.0234 2232 FileInfo - ok 15:32:41.0244 2232 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 15:32:41.0244 2232 Filetrace - ok 15:32:41.0345 2232 FLEXnet Licensing Service (8669be94f63944e4f899c3950b520241) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 15:32:41.0355 2232 FLEXnet Licensing Service - ok 15:32:41.0359 2232 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 15:32:41.0360 2232 flpydisk - ok 15:32:41.0411 2232 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 15:32:41.0414 2232 FltMgr - ok 15:32:41.0521 2232 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 15:32:41.0532 2232 FontCache - ok 15:32:41.0605 2232 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 15:32:41.0605 2232 FontCache3.0.0.0 - ok 15:32:41.0625 2232 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 15:32:41.0625 2232 FsDepends - ok 15:32:41.0664 2232 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 15:32:41.0664 2232 Fs_Rec - ok 15:32:41.0692 2232 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 15:32:41.0694 2232 fvevol - ok 15:32:41.0710 2232 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 15:32:41.0711 2232 gagp30kx - ok 15:32:41.0740 2232 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 15:32:41.0740 2232 GEARAspiWDM - ok 15:32:41.0789 2232 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 15:32:41.0797 2232 gpsvc - ok 15:32:41.0841 2232 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys 15:32:41.0842 2232 hamachi - ok 15:32:42.0005 2232 Hamachi2Svc (d483dbaef409e8ab7477c28615fcd853) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe 15:32:42.0042 2232 Hamachi2Svc - ok 15:32:42.0180 2232 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 15:32:42.0180 2232 hcw85cir - ok 15:32:42.0206 2232 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys 15:32:42.0208 2232 HDAudBus - ok 15:32:42.0228 2232 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 15:32:42.0228 2232 HidBatt - ok 15:32:42.0251 2232 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 15:32:42.0252 2232 HidBth - ok 15:32:42.0283 2232 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 15:32:42.0283 2232 HidIr - ok 15:32:42.0309 2232 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 15:32:42.0310 2232 hidserv - ok 15:32:42.0343 2232 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 15:32:42.0344 2232 HidUsb - ok 15:32:42.0444 2232 HiPatchService (5a457c3d00c1c701230a12aa1580114d) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe 15:32:42.0445 2232 HiPatchService - ok 15:32:42.0456 2232 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 15:32:42.0458 2232 hkmsvc - ok 15:32:42.0483 2232 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 15:32:42.0486 2232 HomeGroupListener - ok 15:32:42.0534 2232 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 15:32:42.0537 2232 HomeGroupProvider - ok 15:32:42.0560 2232 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 15:32:42.0561 2232 HpSAMD - ok 15:32:42.0609 2232 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 15:32:42.0616 2232 HTTP - ok 15:32:42.0639 2232 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 15:32:42.0639 2232 hwpolicy - ok 15:32:42.0664 2232 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 15:32:42.0665 2232 i8042prt - ok 15:32:42.0713 2232 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\drivers\iaStor.sys 15:32:42.0716 2232 iaStor - ok 15:32:42.0777 2232 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 15:32:42.0778 2232 IAStorDataMgrSvc - ok 15:32:42.0812 2232 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 15:32:42.0816 2232 iaStorV - ok 15:32:42.0917 2232 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 15:32:42.0925 2232 idsvc - ok 15:32:42.0941 2232 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 15:32:42.0941 2232 iirsp - ok 15:32:42.0998 2232 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 15:32:43.0014 2232 IKEEXT - ok 15:32:43.0137 2232 IntcAzAudAddService (b4563fdbcae3d96d1aff474a84965a63) C:\Windows\system32\drivers\RTKVHD64.sys 15:32:43.0149 2232 IntcAzAudAddService - ok 15:32:43.0262 2232 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 15:32:43.0263 2232 intelide - ok 15:32:43.0300 2232 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 15:32:43.0300 2232 intelppm - ok 15:32:43.0339 2232 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 15:32:43.0340 2232 IPBusEnum - ok 15:32:43.0355 2232 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:32:43.0356 2232 IpFilterDriver - ok 15:32:43.0362 2232 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 15:32:43.0363 2232 IPMIDRV - ok 15:32:43.0371 2232 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 15:32:43.0372 2232 IPNAT - ok 15:32:43.0499 2232 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe 15:32:43.0507 2232 iPod Service - ok 15:32:43.0525 2232 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 15:32:43.0526 2232 IRENUM - ok 15:32:43.0537 2232 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 15:32:43.0538 2232 isapnp - ok 15:32:43.0567 2232 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 15:32:43.0570 2232 iScsiPrt - ok 15:32:43.0593 2232 JRAID (a577f5db30f70eca9708c07c2eacbd9d) C:\Windows\system32\drivers\jraid.sys 15:32:43.0594 2232 JRAID - ok 15:32:43.0621 2232 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 15:32:43.0621 2232 kbdclass - ok 15:32:43.0647 2232 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 15:32:43.0647 2232 kbdhid - ok 15:32:43.0690 2232 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:32:43.0691 2232 KeyIso - ok 15:32:43.0699 2232 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 15:32:43.0700 2232 KSecDD - ok 15:32:43.0714 2232 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 15:32:43.0715 2232 KSecPkg - ok 15:32:43.0729 2232 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 15:32:43.0730 2232 ksthunk - ok 15:32:43.0764 2232 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 15:32:43.0769 2232 KtmRm - ok 15:32:43.0796 2232 LADF_DHP2 (86dcbf8a41c78561a1da07ab5e7b1ccc) C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys 15:32:43.0797 2232 LADF_DHP2 - ok 15:32:43.0835 2232 LADF_SBVM (175c04c7813ce64616b5cb046e5e1383) C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys 15:32:43.0838 2232 LADF_SBVM - ok 15:32:43.0874 2232 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 15:32:43.0878 2232 LanmanServer - ok 15:32:43.0909 2232 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 15:32:43.0911 2232 LanmanWorkstation - ok 15:32:43.0932 2232 LHidFilt (1b669af5811ae2f69024f34203bad2a2) C:\Windows\system32\DRIVERS\LHidFilt.Sys 15:32:43.0932 2232 LHidFilt - ok 15:32:43.0967 2232 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 15:32:43.0968 2232 lltdio - ok 15:32:44.0007 2232 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 15:32:44.0010 2232 lltdsvc - ok 15:32:44.0032 2232 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 15:32:44.0033 2232 lmhosts - ok 15:32:44.0049 2232 LMouFilt (79f3696e25b289a6b2b7ea931c7bec00) C:\Windows\system32\DRIVERS\LMouFilt.Sys 15:32:44.0050 2232 LMouFilt - ok 15:32:44.0080 2232 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 15:32:44.0081 2232 LSI_FC - ok 15:32:44.0114 2232 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 15:32:44.0115 2232 LSI_SAS - ok 15:32:44.0124 2232 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 15:32:44.0125 2232 LSI_SAS2 - ok 15:32:44.0135 2232 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 15:32:44.0136 2232 LSI_SCSI - ok 15:32:44.0168 2232 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 15:32:44.0170 2232 luafv - ok 15:32:44.0251 2232 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe 15:32:44.0253 2232 McComponentHostService - ok 15:32:44.0283 2232 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 15:32:44.0285 2232 Mcx2Svc - ok 15:32:44.0294 2232 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 15:32:44.0295 2232 megasas - ok 15:32:44.0340 2232 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 15:32:44.0342 2232 MegaSR - ok 15:32:44.0386 2232 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys 15:32:44.0387 2232 MEIx64 - ok 15:32:44.0436 2232 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 15:32:44.0437 2232 MMCSS - ok 15:32:44.0456 2232 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 15:32:44.0457 2232 Modem - ok 15:32:44.0492 2232 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 15:32:44.0492 2232 monitor - ok 15:32:44.0525 2232 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 15:32:44.0525 2232 mouclass - ok 15:32:44.0532 2232 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 15:32:44.0533 2232 mouhid - ok 15:32:44.0571 2232 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 15:32:44.0572 2232 mountmgr - ok 15:32:44.0596 2232 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 15:32:44.0598 2232 mpio - ok 15:32:44.0618 2232 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 15:32:44.0618 2232 mpsdrv - ok 15:32:44.0637 2232 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 15:32:44.0638 2232 MRxDAV - ok 15:32:44.0676 2232 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:32:44.0678 2232 mrxsmb - ok 15:32:44.0706 2232 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:32:44.0709 2232 mrxsmb10 - ok 15:32:44.0724 2232 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:32:44.0725 2232 mrxsmb20 - ok 15:32:44.0745 2232 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 15:32:44.0746 2232 msahci - ok 15:32:44.0755 2232 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 15:32:44.0757 2232 msdsm - ok 15:32:44.0787 2232 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 15:32:44.0789 2232 MSDTC - ok 15:32:44.0811 2232 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 15:32:44.0812 2232 Msfs - ok 15:32:44.0844 2232 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 15:32:44.0845 2232 mshidkmdf - ok 15:32:44.0857 2232 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 15:32:44.0857 2232 msisadrv - ok 15:32:44.0887 2232 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 15:32:44.0889 2232 MSiSCSI - ok 15:32:44.0892 2232 msiserver - ok 15:32:44.0939 2232 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 15:32:44.0940 2232 MSKSSRV - ok 15:32:44.0960 2232 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 15:32:44.0960 2232 MSPCLOCK - ok 15:32:44.0963 2232 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 15:32:44.0964 2232 MSPQM - ok 15:32:44.0995 2232 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 15:32:44.0998 2232 MsRPC - ok 15:32:45.0013 2232 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 15:32:45.0014 2232 mssmbios - ok 15:32:45.0017 2232 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 15:32:45.0017 2232 MSTEE - ok 15:32:45.0022 2232 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 15:32:45.0022 2232 MTConfig - ok 15:32:45.0037 2232 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 15:32:45.0038 2232 Mup - ok 15:32:45.0080 2232 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 15:32:45.0085 2232 napagent - ok 15:32:45.0124 2232 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 15:32:45.0128 2232 NativeWifiP - ok 15:32:45.0218 2232 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys 15:32:45.0227 2232 NDIS - ok 15:32:45.0239 2232 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 15:32:45.0240 2232 NdisCap - ok 15:32:45.0257 2232 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 15:32:45.0258 2232 NdisTapi - ok 15:32:45.0267 2232 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 15:32:45.0268 2232 Ndisuio - ok 15:32:45.0287 2232 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 15:32:45.0289 2232 NdisWan - ok 15:32:45.0305 2232 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 15:32:45.0305 2232 NDProxy - ok 15:32:45.0310 2232 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 15:32:45.0311 2232 NetBIOS - ok 15:32:45.0335 2232 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 15:32:45.0338 2232 NetBT - ok 15:32:45.0381 2232 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:32:45.0382 2232 Netlogon - ok 15:32:45.0431 2232 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 15:32:45.0436 2232 Netman - ok 15:32:45.0522 2232 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:32:45.0524 2232 NetMsmqActivator - ok 15:32:45.0528 2232 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:32:45.0529 2232 NetPipeActivator - ok 15:32:45.0569 2232 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 15:32:45.0574 2232 netprofm - ok 15:32:45.0577 2232 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:32:45.0579 2232 NetTcpActivator - ok 15:32:45.0582 2232 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:32:45.0583 2232 NetTcpPortSharing - ok 15:32:45.0622 2232 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 15:32:45.0623 2232 nfrd960 - ok 15:32:45.0653 2232 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 15:32:45.0656 2232 NlaSvc - ok 15:32:45.0664 2232 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 15:32:45.0664 2232 Npfs - ok 15:32:45.0677 2232 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 15:32:45.0679 2232 nsi - ok 15:32:45.0685 2232 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 15:32:45.0685 2232 nsiproxy - ok 15:32:45.0787 2232 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 15:32:45.0815 2232 Ntfs - ok 15:32:45.0912 2232 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 15:32:45.0912 2232 Null - ok 15:32:45.0962 2232 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys 15:32:45.0963 2232 nusb3hub - ok 15:32:46.0013 2232 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys 15:32:46.0014 2232 nusb3xhc - ok 15:32:46.0055 2232 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys 15:32:46.0057 2232 NVHDA - ok 15:32:46.0540 2232 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys 15:32:46.0584 2232 nvlddmkm - ok 15:32:46.0692 2232 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 15:32:46.0694 2232 nvraid - ok 15:32:46.0728 2232 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 15:32:46.0730 2232 nvstor - ok 15:32:46.0806 2232 NVSvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe 15:32:46.0814 2232 NVSvc - ok 15:32:46.0998 2232 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 15:32:47.0038 2232 nvUpdatusService - ok 15:32:47.0141 2232 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 15:32:47.0142 2232 nv_agp - ok 15:32:47.0152 2232 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 15:32:47.0153 2232 ohci1394 - ok 15:32:47.0243 2232 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 15:32:47.0244 2232 ose - ok 15:32:47.0496 2232 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 15:32:47.0571 2232 osppsvc - ok 15:32:47.0675 2232 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 15:32:47.0679 2232 p2pimsvc - ok 15:32:47.0708 2232 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 15:32:47.0713 2232 p2psvc - ok 15:32:47.0752 2232 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 15:32:47.0753 2232 Parport - ok 15:32:47.0781 2232 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 15:32:47.0782 2232 partmgr - ok 15:32:47.0805 2232 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 15:32:47.0808 2232 PcaSvc - ok 15:32:47.0843 2232 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 15:32:47.0845 2232 pci - ok 15:32:47.0867 2232 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 15:32:47.0867 2232 pciide - ok 15:32:47.0895 2232 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 15:32:47.0897 2232 pcmcia - ok 15:32:47.0911 2232 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 15:32:47.0911 2232 pcw - ok 15:32:47.0953 2232 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 15:32:47.0958 2232 PEAUTH - ok 15:32:48.0036 2232 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 15:32:48.0037 2232 PerfHost - ok 15:32:48.0125 2232 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 15:32:48.0138 2232 pla - ok 15:32:48.0198 2232 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 15:32:48.0203 2232 PlugPlay - ok 15:32:48.0226 2232 PnkBstrA - ok 15:32:48.0238 2232 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 15:32:48.0240 2232 PNRPAutoReg - ok 15:32:48.0269 2232 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 15:32:48.0272 2232 PNRPsvc - ok 15:32:48.0312 2232 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 15:32:48.0317 2232 PolicyAgent - ok 15:32:48.0355 2232 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 15:32:48.0358 2232 Power - ok 15:32:48.0416 2232 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 15:32:48.0417 2232 PptpMiniport - ok 15:32:48.0430 2232 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 15:32:48.0431 2232 Processor - ok 15:32:48.0456 2232 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 15:32:48.0458 2232 ProfSvc - ok 15:32:48.0490 2232 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:32:48.0491 2232 ProtectedStorage - ok 15:32:48.0520 2232 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 15:32:48.0521 2232 Psched - ok 15:32:48.0552 2232 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys 15:32:48.0553 2232 PxHlpa64 - ok 15:32:48.0648 2232 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 15:32:48.0672 2232 ql2300 - ok 15:32:48.0787 2232 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 15:32:48.0789 2232 ql40xx - ok 15:32:48.0817 2232 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 15:32:48.0821 2232 QWAVE - ok 15:32:48.0833 2232 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 15:32:48.0833 2232 QWAVEdrv - ok 15:32:48.0842 2232 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 15:32:48.0843 2232 RasAcd - ok 15:32:48.0872 2232 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 15:32:48.0873 2232 RasAgileVpn - ok 15:32:48.0889 2232 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 15:32:48.0891 2232 RasAuto - ok 15:32:48.0910 2232 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:32:48.0911 2232 Rasl2tp - ok 15:32:48.0938 2232 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 15:32:48.0943 2232 RasMan - ok 15:32:48.0954 2232 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 15:32:48.0955 2232 RasPppoe - ok 15:32:48.0972 2232 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 15:32:48.0973 2232 RasSstp - ok 15:32:49.0004 2232 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 15:32:49.0007 2232 rdbss - ok 15:32:49.0024 2232 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 15:32:49.0025 2232 rdpbus - ok 15:32:49.0046 2232 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:32:49.0047 2232 RDPCDD - ok 15:32:49.0060 2232 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 15:32:49.0060 2232 RDPENCDD - ok 15:32:49.0073 2232 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 15:32:49.0073 2232 RDPREFMP - ok 15:32:49.0109 2232 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 15:32:49.0111 2232 RDPWD - ok 15:32:49.0137 2232 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 15:32:49.0139 2232 rdyboost - ok 15:32:49.0166 2232 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 15:32:49.0168 2232 RemoteAccess - ok 15:32:49.0194 2232 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 15:32:49.0195 2232 RemoteRegistry - ok 15:32:49.0230 2232 REN2CAP_DRIVER (5c6a5b94b477435e9374a1cb841d6bb3) C:\Windows\system32\drivers\ren2cap.sys 15:32:49.0230 2232 REN2CAP_DRIVER - ok 15:32:49.0371 2232 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe 15:32:49.0389 2232 RoxMediaDB12OEM - ok 15:32:49.0419 2232 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe 15:32:49.0421 2232 RoxWatch12 - ok 15:32:49.0504 2232 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 15:32:49.0506 2232 RpcEptMapper - ok 15:32:49.0527 2232 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 15:32:49.0528 2232 RpcLocator - ok 15:32:49.0564 2232 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 15:32:49.0570 2232 RpcSs - ok 15:32:49.0629 2232 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 15:32:49.0630 2232 rspndr - ok 15:32:49.0678 2232 RTL8167 (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys 15:32:49.0681 2232 RTL8167 - ok 15:32:49.0706 2232 RtNdPt60 (e16b7c030a05ef649b18fab0a93d871f) C:\Windows\system32\DRIVERS\RtNdPt60.sys 15:32:49.0707 2232 RtNdPt60 - ok 15:32:49.0728 2232 RTTEAMPT (1de78f5008120cd79b34c12394dcd493) C:\Windows\system32\DRIVERS\RtTeam60.sys 15:32:49.0729 2232 RTTEAMPT - ok 15:32:49.0737 2232 RTVLANPT (b1018aa1b5735f5fa89fd4dadf4bea7a) C:\Windows\system32\DRIVERS\RtVlan60.sys 15:32:49.0737 2232 RTVLANPT - ok 15:32:49.0773 2232 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:32:49.0774 2232 SamSs - ok 15:32:49.0795 2232 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 15:32:49.0796 2232 sbp2port - ok 15:32:49.0934 2232 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 15:32:49.0944 2232 SBSDWSCService - ok 15:32:49.0980 2232 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 15:32:49.0983 2232 SCardSvr - ok 15:32:50.0033 2232 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 15:32:50.0034 2232 scfilter - ok 15:32:50.0093 2232 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 15:32:50.0104 2232 Schedule - ok 15:32:50.0130 2232 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 15:32:50.0131 2232 SCPolicySvc - ok 15:32:50.0184 2232 ScreamBAudioSvc (8b56bdce6a303dde63d63440d1cf9ad1) C:\Windows\system32\drivers\ScreamingBAudio64.sys 15:32:50.0184 2232 ScreamBAudioSvc - ok 15:32:50.0206 2232 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 15:32:50.0209 2232 SDRSVC - ok 15:32:50.0239 2232 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 15:32:50.0240 2232 secdrv - ok 15:32:50.0250 2232 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 15:32:50.0252 2232 seclogon - ok 15:32:50.0265 2232 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 15:32:50.0267 2232 SENS - ok 15:32:50.0289 2232 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 15:32:50.0290 2232 SensrSvc - ok 15:32:50.0324 2232 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 15:32:50.0325 2232 Serenum - ok 15:32:50.0340 2232 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 15:32:50.0341 2232 Serial - ok 15:32:50.0353 2232 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 15:32:50.0354 2232 sermouse - ok 15:32:50.0376 2232 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 15:32:50.0378 2232 SessionEnv - ok 15:32:50.0387 2232 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 15:32:50.0388 2232 sffdisk - ok 15:32:50.0391 2232 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 15:32:50.0392 2232 sffp_mmc - ok 15:32:50.0403 2232 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 15:32:50.0403 2232 sffp_sd - ok 15:32:50.0407 2232 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 15:32:50.0407 2232 sfloppy - ok 15:32:50.0557 2232 SftService (29ddea72c5bdf61d62f4d438dc0e497c) C:\Program Files (x86)\AlienRespawn\sftservice.EXE 15:32:50.0581 2232 SftService - ok 15:32:50.0697 2232 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 15:32:50.0701 2232 ShellHWDetection - ok 15:32:50.0769 2232 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 15:32:50.0770 2232 SiSRaid2 - ok 15:32:50.0787 2232 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 15:32:50.0788 2232 SiSRaid4 - ok 15:32:50.0852 2232 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe 15:32:50.0854 2232 SkypeUpdate - ok 15:32:50.0883 2232 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 15:32:50.0884 2232 Smb - ok 15:32:50.0917 2232 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 15:32:50.0919 2232 SNMPTRAP - ok 15:32:50.0931 2232 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 15:32:50.0931 2232 spldr - ok 15:32:50.0965 2232 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 15:32:50.0971 2232 Spooler - ok 15:32:51.0133 2232 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 15:32:51.0177 2232 sppsvc - ok 15:32:51.0258 2232 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 15:32:51.0260 2232 sppuinotify - ok 15:32:51.0314 2232 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 15:32:51.0319 2232 srv - ok 15:32:51.0347 2232 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 15:32:51.0351 2232 srv2 - ok 15:32:51.0368 2232 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 15:32:51.0370 2232 srvnet - ok 15:32:51.0401 2232 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 15:32:51.0404 2232 SSDPSRV - ok 15:32:51.0422 2232 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 15:32:51.0425 2232 SstpSvc - ok 15:32:51.0472 2232 Steam Client Service - ok 15:32:51.0592 2232 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 15:32:51.0595 2232 Stereo Service - ok 15:32:51.0619 2232 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 15:32:51.0620 2232 stexstor - ok 15:32:51.0676 2232 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 15:32:51.0683 2232 stisvc - ok 15:32:51.0725 2232 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe 15:32:51.0726 2232 stllssvr - ok 15:32:51.0737 2232 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 15:32:51.0738 2232 swenum - ok 15:32:51.0773 2232 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 15:32:51.0779 2232 swprv - ok 15:32:51.0872 2232 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 15:32:51.0898 2232 SysMain - ok 15:32:51.0983 2232 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 15:32:51.0985 2232 TabletInputService - ok 15:32:52.0012 2232 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 15:32:52.0017 2232 TapiSrv - ok 15:32:52.0030 2232 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 15:32:52.0032 2232 TBS - ok 15:32:52.0179 2232 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 15:32:52.0211 2232 Tcpip - ok 15:32:52.0369 2232 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 15:32:52.0383 2232 TCPIP6 - ok 15:32:52.0424 2232 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 15:32:52.0424 2232 tcpipreg - ok 15:32:52.0440 2232 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 15:32:52.0440 2232 TDPIPE - ok 15:32:52.0472 2232 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 15:32:52.0472 2232 TDTCP - ok 15:32:52.0497 2232 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 15:32:52.0498 2232 tdx - ok 15:32:52.0536 2232 TEAM (1de78f5008120cd79b34c12394dcd493) C:\Windows\system32\DRIVERS\RtTeam60.sys 15:32:52.0537 2232 TEAM - ok 15:32:52.0552 2232 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys 15:32:52.0553 2232 TermDD - ok 15:32:52.0605 2232 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 15:32:52.0612 2232 TermService - ok 15:32:52.0618 2232 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 15:32:52.0620 2232 Themes - ok 15:32:52.0651 2232 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 15:32:52.0653 2232 THREADORDER - ok 15:32:52.0669 2232 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 15:32:52.0672 2232 TrkWks - ok 15:32:52.0719 2232 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 15:32:52.0720 2232 TrustedInstaller - ok 15:32:52.0735 2232 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:32:52.0736 2232 tssecsrv - ok 15:32:52.0771 2232 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 15:32:52.0772 2232 TsUsbFlt - ok 15:32:52.0795 2232 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 15:32:52.0795 2232 TsUsbGD - ok 15:32:52.0826 2232 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 15:32:52.0827 2232 tunnel - ok 15:32:52.0845 2232 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 15:32:52.0846 2232 uagp35 - ok 15:32:52.0883 2232 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 15:32:52.0886 2232 udfs - ok 15:32:52.0911 2232 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 15:32:52.0913 2232 UI0Detect - ok 15:32:52.0943 2232 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 15:32:52.0944 2232 uliagpkx - ok 15:32:52.0968 2232 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 15:32:52.0969 2232 umbus - ok 15:32:52.0995 2232 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 15:32:52.0995 2232 UmPass - ok 15:32:53.0030 2232 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 15:32:53.0034 2232 upnphost - ok 15:32:53.0074 2232 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 15:32:53.0074 2232 USBAAPL64 - ok 15:32:53.0116 2232 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 15:32:53.0117 2232 usbaudio - ok 15:32:53.0150 2232 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys 15:32:53.0151 2232 usbccgp - ok 15:32:53.0168 2232 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 15:32:53.0169 2232 usbcir - ok 15:32:53.0183 2232 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 15:32:53.0183 2232 usbehci - ok 15:32:53.0227 2232 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 15:32:53.0229 2232 usbhub - ok 15:32:53.0244 2232 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 15:32:53.0245 2232 usbohci - ok 15:32:53.0264 2232 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 15:32:53.0265 2232 usbprint - ok 15:32:53.0307 2232 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 15:32:53.0307 2232 usbscan - ok 15:32:53.0327 2232 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:32:53.0328 2232 USBSTOR - ok 15:32:53.0344 2232 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 15:32:53.0345 2232 usbuhci - ok 15:32:53.0383 2232 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 15:32:53.0385 2232 UxSms - ok 15:32:53.0431 2232 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:32:53.0433 2232 VaultSvc - ok 15:32:53.0451 2232 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 15:32:53.0452 2232 vdrvroot - ok 15:32:53.0489 2232 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 15:32:53.0496 2232 vds - ok 15:32:53.0500 2232 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 15:32:53.0501 2232 vga - ok 15:32:53.0516 2232 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 15:32:53.0516 2232 VgaSave - ok 15:32:53.0541 2232 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 15:32:53.0543 2232 vhdmp - ok 15:32:53.0547 2232 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 15:32:53.0547 2232 viaide - ok 15:32:53.0569 2232 VLAN (b1018aa1b5735f5fa89fd4dadf4bea7a) C:\Windows\system32\DRIVERS\RtVLAN60.sys 15:32:53.0570 2232 VLAN - ok 15:32:53.0596 2232 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 15:32:53.0597 2232 volmgr - ok 15:32:53.0625 2232 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 15:32:53.0628 2232 volmgrx - ok 15:32:53.0653 2232 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 15:32:53.0656 2232 volsnap - ok 15:32:53.0679 2232 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 15:32:53.0681 2232 vsmraid - ok 15:32:53.0773 2232 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 15:32:53.0799 2232 VSS - ok 15:32:53.0908 2232 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe 15:32:53.0916 2232 vToolbarUpdater11.1.0 - ok 15:32:54.0015 2232 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 15:32:54.0016 2232 vwifibus - ok 15:32:54.0037 2232 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 15:32:54.0038 2232 vwififlt - ok 15:32:54.0050 2232 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 15:32:54.0051 2232 vwifimp - ok 15:32:54.0095 2232 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 15:32:54.0100 2232 W32Time - ok 15:32:54.0113 2232 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 15:32:54.0114 2232 WacomPen - ok 15:32:54.0147 2232 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:32:54.0148 2232 WANARP - ok 15:32:54.0159 2232 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:32:54.0160 2232 Wanarpv6 - ok 15:32:54.0257 2232 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 15:32:54.0289 2232 wbengine - ok 15:32:54.0381 2232 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 15:32:54.0384 2232 WbioSrvc - ok 15:32:54.0412 2232 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 15:32:54.0417 2232 wcncsvc - ok 15:32:54.0429 2232 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 15:32:54.0432 2232 WcsPlugInService - ok 15:32:54.0459 2232 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 15:32:54.0459 2232 Wd - ok 15:32:54.0503 2232 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 15:32:54.0510 2232 Wdf01000 - ok 15:32:54.0526 2232 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 15:32:54.0528 2232 WdiServiceHost - ok 15:32:54.0531 2232 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 15:32:54.0533 2232 WdiSystemHost - ok 15:32:54.0560 2232 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 15:32:54.0564 2232 WebClient - ok 15:32:54.0589 2232 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 15:32:54.0593 2232 Wecsvc - ok 15:32:54.0606 2232 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 15:32:54.0609 2232 wercplsupport - ok 15:32:54.0630 2232 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 15:32:54.0632 2232 WerSvc - ok 15:32:54.0679 2232 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 15:32:54.0679 2232 WfpLwf - ok 15:32:54.0717 2232 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys 15:32:54.0718 2232 WimFltr - ok 15:32:54.0735 2232 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 15:32:54.0735 2232 WIMMount - ok 15:32:54.0741 2232 WinHttpAutoProxySvc - ok 15:32:54.0791 2232 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 15:32:54.0793 2232 Winmgmt - ok 15:32:54.0907 2232 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 15:32:54.0946 2232 WinRM - ok 15:32:55.0082 2232 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 15:32:55.0083 2232 WinUsb - ok 15:32:55.0145 2232 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 15:32:55.0154 2232 Wlansvc - ok 15:32:55.0309 2232 wlidsvc (98f138897ef4246381d197cb81846d62) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 15:32:55.0348 2232 wlidsvc - ok 15:32:55.0449 2232 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 15:32:55.0450 2232 WmiAcpi - ok 15:32:55.0515 2232 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 15:32:55.0517 2232 wmiApSrv - ok 15:32:55.0555 2232 WMPNetworkSvc - ok 15:32:55.0586 2232 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 15:32:55.0588 2232 WPCSvc - ok 15:32:55.0602 2232 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 15:32:55.0605 2232 WPDBusEnum - ok 15:32:55.0627 2232 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 15:32:55.0628 2232 ws2ifsl - ok 15:32:55.0631 2232 WSearch - ok 15:32:55.0750 2232 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 15:32:55.0784 2232 wuauserv - ok 15:32:55.0882 2232 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 15:32:55.0884 2232 WudfPf - ok 15:32:55.0927 2232 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 15:32:55.0929 2232 WUDFRd - ok 15:32:55.0949 2232 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 15:32:55.0951 2232 wudfsvc - ok 15:32:55.0970 2232 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 15:32:55.0974 2232 WwanSvc - ok 15:32:56.0034 2232 xnacc (4a5ce13408945e525503b5f73d29b9c5) C:\Windows\system32\DRIVERS\xnacc.sys 15:32:56.0041 2232 xnacc - ok 15:32:56.0071 2232 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys 15:32:56.0072 2232 xusb21 - ok 15:32:56.0093 2232 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 15:32:56.0380 2232 \Device\Harddisk0\DR0 - ok 15:32:56.0382 2232 Boot (0x1200) (098a341f7b467a7bfb0b05057af764af) \Device\Harddisk0\DR0\Partition0 15:32:56.0384 2232 \Device\Harddisk0\DR0\Partition0 - ok 15:32:56.0413 2232 Boot (0x1200) (98867cbf88bbfa1840e7d2f5591d41f0) \Device\Harddisk0\DR0\Partition1 15:32:56.0414 2232 \Device\Harddisk0\DR0\Partition1 - ok 15:32:56.0414 2232 ============================================================ 15:32:56.0414 2232 Scan finished 15:32:56.0414 2232 ============================================================ 15:32:56.0424 6364 Detected object count: 0 15:32:56.0424 6364 Actual detected object count: 0 15:34:13.0071 4676 ============================================================ 15:34:13.0071 4676 Scan started 15:34:13.0071 4676 Mode: Manual; TDLFS; 15:34:13.0071 4676 ============================================================ 15:34:13.0225 4676 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys 15:34:13.0230 4676 1394ohci - ok 15:34:13.0267 4676 acedrv09 (eae3d29874f8d26e3ec9886fe6d8fbf5) C:\Windows\system32\drivers\acedrv09.sys 15:34:13.0273 4676 acedrv09 - ok 15:34:13.0308 4676 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 15:34:13.0317 4676 ACPI - ok 15:34:13.0336 4676 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 15:34:13.0339 4676 AcpiPmi - ok 15:34:13.0437 4676 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 15:34:13.0443 4676 AdobeARMservice - ok 15:34:13.0544 4676 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 15:34:13.0555 4676 AdobeFlashPlayerUpdateSvc - ok 15:34:13.0615 4676 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 15:34:13.0625 4676 adp94xx - ok 15:34:13.0669 4676 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 15:34:13.0677 4676 adpahci - ok 15:34:13.0714 4676 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 15:34:13.0721 4676 adpu320 - ok 15:34:13.0759 4676 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 15:34:13.0765 4676 AeLookupSvc - ok 15:34:13.0808 4676 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 15:34:13.0820 4676 AFD - ok 15:34:13.0839 4676 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 15:34:13.0844 4676 agp440 - ok 15:34:13.0863 4676 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 15:34:13.0868 4676 ALG - ok 15:34:13.0944 4676 AlienFusionService (976d409a347340c907cd854fb9a9b252) C:\Program Files\Alienware\Command Center\AlienFusionService.exe 15:34:13.0948 4676 AlienFusionService - ok 15:34:13.0962 4676 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 15:34:13.0966 4676 aliide - ok 15:34:13.0970 4676 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 15:34:13.0973 4676 amdide - ok 15:34:13.0984 4676 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 15:34:13.0989 4676 AmdK8 - ok 15:34:14.0004 4676 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 15:34:14.0009 4676 AmdPPM - ok 15:34:14.0026 4676 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 15:34:14.0031 4676 amdsata - ok 15:34:14.0054 4676 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 15:34:14.0060 4676 amdsbs - ok 15:34:14.0081 4676 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 15:34:14.0085 4676 amdxata - ok 15:34:14.0163 4676 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 15:34:14.0170 4676 AntiVirSchedulerService - ok 15:34:14.0194 4676 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 15:34:14.0202 4676 AntiVirService - ok 15:34:14.0219 4676 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 15:34:14.0223 4676 AppID - ok 15:34:14.0250 4676 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 15:34:14.0254 4676 AppIDSvc - ok 15:34:14.0265 4676 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 15:34:14.0271 4676 Appinfo - ok 15:34:14.0323 4676 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 15:34:14.0329 4676 Apple Mobile Device - ok 15:34:14.0348 4676 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 15:34:14.0354 4676 arc - ok 15:34:14.0365 4676 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 15:34:14.0370 4676 arcsas - ok 15:34:14.0439 4676 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 15:34:14.0444 4676 aspnet_state - ok 15:34:14.0457 4676 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 15:34:14.0460 4676 AsyncMac - ok 15:34:14.0480 4676 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 15:34:14.0484 4676 atapi - ok 15:34:14.0575 4676 athr (195786ed7a26e1913a4f9799fdbc2c71) C:\Windows\system32\DRIVERS\athrx.sys 15:34:14.0592 4676 athr - ok 15:34:14.0715 4676 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 15:34:14.0728 4676 AudioEndpointBuilder - ok 15:34:14.0736 4676 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 15:34:14.0741 4676 AudioSrv - ok 15:34:14.0805 4676 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys 15:34:14.0812 4676 avgntflt - ok 15:34:14.0826 4676 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys 15:34:14.0833 4676 avipbb - ok 15:34:14.0864 4676 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys 15:34:14.0868 4676 avkmgr - ok 15:34:14.0884 4676 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 15:34:14.0890 4676 AxInstSV - ok 15:34:14.0931 4676 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 15:34:14.0940 4676 b06bdrv - ok 15:34:14.0980 4676 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 15:34:14.0988 4676 b57nd60a - ok 15:34:15.0036 4676 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 15:34:15.0041 4676 BDESVC - ok 15:34:15.0053 4676 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 15:34:15.0055 4676 Beep - ok 15:34:15.0101 4676 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 15:34:15.0114 4676 BFE - ok 15:34:15.0197 4676 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 15:34:15.0210 4676 BITS - ok 15:34:15.0260 4676 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 15:34:15.0264 4676 blbdrive - ok 15:34:15.0345 4676 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 15:34:15.0356 4676 Bonjour Service - ok 15:34:15.0386 4676 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 15:34:15.0391 4676 bowser - ok 15:34:15.0402 4676 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 15:34:15.0405 4676 BrFiltLo - ok 15:34:15.0408 4676 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 15:34:15.0410 4676 BrFiltUp - ok 15:34:15.0442 4676 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 15:34:15.0449 4676 Browser - ok 15:34:15.0475 4676 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 15:34:15.0484 4676 Brserid - ok 15:34:15.0500 4676 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 15:34:15.0503 4676 BrSerWdm - ok 15:34:15.0507 4676 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 15:34:15.0510 4676 BrUsbMdm - ok 15:34:15.0513 4676 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 15:34:15.0515 4676 BrUsbSer - ok 15:34:15.0526 4676 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 15:34:15.0531 4676 BTHMODEM - ok 15:34:15.0546 4676 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 15:34:15.0552 4676 bthserv - ok 15:34:15.0563 4676 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 15:34:15.0566 4676 cdfs - ok 15:34:15.0585 4676 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 15:34:15.0590 4676 cdrom - ok 15:34:15.0605 4676 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 15:34:15.0608 4676 CertPropSvc - ok 15:34:15.0625 4676 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 15:34:15.0628 4676 circlass - ok 15:34:15.0663 4676 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 15:34:15.0672 4676 CLFS - ok 15:34:15.0760 4676 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:34:15.0766 4676 clr_optimization_v2.0.50727_32 - ok 15:34:15.0813 4676 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 15:34:15.0819 4676 clr_optimization_v2.0.50727_64 - ok 15:34:15.0874 4676 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:34:15.0881 4676 clr_optimization_v4.0.30319_32 - ok 15:34:15.0910 4676 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 15:34:15.0917 4676 clr_optimization_v4.0.30319_64 - ok 15:34:15.0937 4676 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 15:34:15.0940 4676 CmBatt - ok 15:34:15.0944 4676 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 15:34:15.0948 4676 cmdide - ok 15:34:16.0006 4676 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 15:34:16.0017 4676 CNG - ok 15:34:16.0026 4676 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 15:34:16.0031 4676 Compbatt - ok 15:34:16.0043 4676 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys 15:34:16.0048 4676 CompositeBus - ok 15:34:16.0051 4676 COMSysApp - ok 15:34:16.0056 4676 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 15:34:16.0060 4676 crcdisk - ok 15:34:16.0089 4676 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 15:34:16.0097 4676 CryptSvc - ok 15:34:16.0146 4676 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 15:34:16.0158 4676 DcomLaunch - ok 15:34:16.0213 4676 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 15:34:16.0221 4676 defragsvc - ok 15:34:16.0235 4676 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 15:34:16.0241 4676 DfsC - ok 15:34:16.0277 4676 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 15:34:16.0286 4676 Dhcp - ok 15:34:16.0301 4676 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 15:34:16.0305 4676 discache - ok 15:34:16.0316 4676 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 15:34:16.0322 4676 Disk - ok 15:34:16.0351 4676 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 15:34:16.0359 4676 Dnscache - ok 15:34:16.0386 4676 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 15:34:16.0393 4676 dot3svc - ok 15:34:16.0412 4676 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 15:34:16.0420 4676 DPS - ok 15:34:16.0442 4676 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 15:34:16.0444 4676 drmkaud - ok 15:34:16.0502 4676 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 15:34:16.0516 4676 DXGKrnl - ok 15:34:16.0533 4676 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 15:34:16.0538 4676 EapHost - ok 15:34:16.0688 4676 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 15:34:16.0707 4676 ebdrv - ok 15:34:16.0804 4676 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 15:34:16.0809 4676 EFS - ok 15:34:16.0875 4676 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 15:34:16.0888 4676 ehRecvr - ok 15:34:16.0902 4676 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 15:34:16.0910 4676 ehSched - ok 15:34:16.0965 4676 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 15:34:16.0975 4676 elxstor - ok 15:34:16.0982 4676 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 15:34:16.0985 4676 ErrDev - ok 15:34:17.0029 4676 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 15:34:17.0040 4676 EventSystem - ok 15:34:17.0063 4676 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 15:34:17.0070 4676 exfat - ok 15:34:17.0093 4676 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 15:34:17.0099 4676 fastfat - ok 15:34:17.0143 4676 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 15:34:17.0151 4676 Fax - ok 15:34:17.0167 4676 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 15:34:17.0169 4676 fdc - ok 15:34:17.0182 4676 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 15:34:17.0185 4676 fdPHost - ok 15:34:17.0191 4676 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 15:34:17.0194 4676 FDResPub - ok 15:34:17.0205 4676 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 15:34:17.0209 4676 FileInfo - ok 15:34:17.0217 4676 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 15:34:17.0219 4676 Filetrace - ok 15:34:17.0311 4676 FLEXnet Licensing Service (8669be94f63944e4f899c3950b520241) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 15:34:17.0329 4676 FLEXnet Licensing Service - ok 15:34:17.0333 4676 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 15:34:17.0336 4676 flpydisk - ok 15:34:17.0368 4676 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 15:34:17.0377 4676 FltMgr - ok 15:34:17.0444 4676 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 15:34:17.0459 4676 FontCache - ok 15:34:17.0528 4676 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 15:34:17.0532 4676 FontCache3.0.0.0 - ok 15:34:17.0557 4676 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 15:34:17.0561 4676 FsDepends - ok 15:34:17.0587 4676 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 15:34:17.0591 4676 Fs_Rec - ok 15:34:17.0615 4676 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 15:34:17.0625 4676 fvevol - ok 15:34:17.0641 4676 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 15:34:17.0647 4676 gagp30kx - ok 15:34:17.0679 4676 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 15:34:17.0683 4676 GEARAspiWDM - ok 15:34:17.0737 4676 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 15:34:17.0750 4676 gpsvc - ok 15:34:17.0781 4676 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys 15:34:17.0785 4676 hamachi - ok 15:34:17.0945 4676 Hamachi2Svc (d483dbaef409e8ab7477c28615fcd853) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe 15:34:17.0971 4676 Hamachi2Svc - ok 15:34:18.0095 4676 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 15:34:18.0100 4676 hcw85cir - ok 15:34:18.0118 4676 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys 15:34:18.0124 4676 HDAudBus - ok 15:34:18.0134 4676 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 15:34:18.0138 4676 HidBatt - ok 15:34:18.0157 4676 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 15:34:18.0162 4676 HidBth - ok 15:34:18.0172 4676 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 15:34:18.0177 4676 HidIr - ok 15:34:18.0199 4676 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 15:34:18.0204 4676 hidserv - ok 15:34:18.0217 4676 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 15:34:18.0220 4676 HidUsb - ok 15:34:18.0284 4676 HiPatchService (5a457c3d00c1c701230a12aa1580114d) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe 15:34:18.0287 4676 HiPatchService - ok 15:34:18.0304 4676 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 15:34:18.0310 4676 hkmsvc - ok 15:34:18.0331 4676 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 15:34:18.0341 4676 HomeGroupListener - ok 15:34:18.0399 4676 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 15:34:18.0407 4676 HomeGroupProvider - ok 15:34:18.0426 4676 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 15:34:18.0432 4676 HpSAMD - ok 15:34:18.0482 4676 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 15:34:18.0496 4676 HTTP - ok 15:34:18.0528 4676 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 15:34:18.0532 4676 hwpolicy - ok 15:34:18.0540 4676 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 15:34:18.0546 4676 i8042prt - ok 15:34:18.0592 4676 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\drivers\iaStor.sys 15:34:18.0601 4676 iaStor - ok 15:34:18.0658 4676 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 15:34:18.0662 4676 IAStorDataMgrSvc - ok 15:34:18.0692 4676 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 15:34:18.0700 4676 iaStorV - ok 15:34:18.0799 4676 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 15:34:18.0819 4676 idsvc - ok 15:34:18.0839 4676 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 15:34:18.0841 4676 iirsp - ok 15:34:18.0904 4676 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 15:34:18.0918 4676 IKEEXT - ok 15:34:19.0059 4676 IntcAzAudAddService (b4563fdbcae3d96d1aff474a84965a63) C:\Windows\system32\drivers\RTKVHD64.sys 15:34:19.0080 4676 IntcAzAudAddService - ok 15:34:19.0194 4676 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 15:34:19.0197 4676 intelide - ok 15:34:19.0231 4676 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 15:34:19.0237 4676 intelppm - ok 15:34:19.0262 4676 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 15:34:19.0268 4676 IPBusEnum - ok 15:34:19.0285 4676 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:34:19.0291 4676 IpFilterDriver - ok 15:34:19.0297 4676 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 15:34:19.0303 4676 IPMIDRV - ok 15:34:19.0311 4676 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 15:34:19.0317 4676 IPNAT - ok 15:34:19.0421 4676 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe 15:34:19.0437 4676 iPod Service - ok 15:34:19.0448 4676 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 15:34:19.0451 4676 IRENUM - ok 15:34:19.0461 4676 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 15:34:19.0465 4676 isapnp - ok 15:34:19.0490 4676 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 15:34:19.0499 4676 iScsiPrt - ok 15:34:19.0524 4676 JRAID (a577f5db30f70eca9708c07c2eacbd9d) C:\Windows\system32\drivers\jraid.sys 15:34:19.0530 4676 JRAID - ok 15:34:19.0544 4676 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 15:34:19.0549 4676 kbdclass - ok 15:34:19.0563 4676 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 15:34:19.0567 4676 kbdhid - ok 15:34:19.0604 4676 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:34:19.0605 4676 KeyIso - ok 15:34:19.0613 4676 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 15:34:19.0619 4676 KSecDD - ok 15:34:19.0638 4676 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 15:34:19.0645 4676 KSecPkg - ok 15:34:19.0652 4676 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 15:34:19.0656 4676 ksthunk - ok 15:34:19.0697 4676 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 15:34:19.0706 4676 KtmRm - ok 15:34:19.0727 4676 LADF_DHP2 (86dcbf8a41c78561a1da07ab5e7b1ccc) C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys 15:34:19.0732 4676 LADF_DHP2 - ok 15:34:19.0774 4676 LADF_SBVM (175c04c7813ce64616b5cb046e5e1383) C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys 15:34:19.0785 4676 LADF_SBVM - ok 15:34:19.0822 4676 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 15:34:19.0831 4676 LanmanServer - ok 15:34:19.0857 4676 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 15:34:19.0866 4676 LanmanWorkstation - ok 15:34:19.0888 4676 LHidFilt (1b669af5811ae2f69024f34203bad2a2) C:\Windows\system32\DRIVERS\LHidFilt.Sys 15:34:19.0893 4676 LHidFilt - ok 15:34:19.0909 4676 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 15:34:19.0914 4676 lltdio - ok 15:34:19.0945 4676 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 15:34:19.0952 4676 lltdsvc - ok 15:34:19.0963 4676 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 15:34:19.0968 4676 lmhosts - ok 15:34:19.0980 4676 LMouFilt (79f3696e25b289a6b2b7ea931c7bec00) C:\Windows\system32\DRIVERS\LMouFilt.Sys 15:34:19.0985 4676 LMouFilt - ok 15:34:20.0003 4676 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 15:34:20.0009 4676 LSI_FC - ok 15:34:20.0028 4676 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 15:34:20.0034 4676 LSI_SAS - ok 15:34:20.0047 4676 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 15:34:20.0052 4676 LSI_SAS2 - ok 15:34:20.0060 4676 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 15:34:20.0066 4676 LSI_SCSI - ok 15:34:20.0084 4676 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 15:34:20.0090 4676 luafv - ok 15:34:20.0174 4676 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe 15:34:20.0184 4676 McComponentHostService - ok 15:34:20.0224 4676 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 15:34:20.0230 4676 Mcx2Svc - ok 15:34:20.0243 4676 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 15:34:20.0247 4676 megasas - ok 15:34:20.0272 4676 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 15:34:20.0279 4676 MegaSR - ok 15:34:20.0309 4676 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys 15:34:20.0314 4676 MEIx64 - ok 15:34:20.0348 4676 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 15:34:20.0354 4676 MMCSS - ok 15:34:20.0371 4676 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 15:34:20.0374 4676 Modem - ok 15:34:20.0398 4676 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 15:34:20.0403 4676 monitor - ok 15:34:20.0414 4676 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 15:34:20.0419 4676 mouclass - ok 15:34:20.0430 4676 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 15:34:20.0434 4676 mouhid - ok 15:34:20.0445 4676 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 15:34:20.0451 4676 mountmgr - ok 15:34:20.0471 4676 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 15:34:20.0478 4676 mpio - ok 15:34:20.0498 4676 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 15:34:20.0503 4676 mpsdrv - ok 15:34:20.0526 4676 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 15:34:20.0533 4676 MRxDAV - ok 15:34:20.0558 4676 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:34:20.0564 4676 mrxsmb - ok 15:34:20.0587 4676 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:34:20.0595 4676 mrxsmb10 - ok 15:34:20.0614 4676 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:34:20.0620 4676 mrxsmb20 - ok 15:34:20.0643 4676 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 15:34:20.0647 4676 msahci - ok 15:34:20.0657 4676 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 15:34:20.0664 4676 msdsm - ok 15:34:20.0702 4676 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 15:34:20.0711 4676 MSDTC - ok 15:34:20.0726 4676 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 15:34:20.0729 4676 Msfs - ok 15:34:20.0734 4676 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 15:34:20.0736 4676 mshidkmdf - ok 15:34:20.0763 4676 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 15:34:20.0767 4676 msisadrv - ok 15:34:20.0802 4676 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 15:34:20.0808 4676 MSiSCSI - ok 15:34:20.0811 4676 msiserver - ok 15:34:20.0821 4676 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 15:34:20.0823 4676 MSKSSRV - ok 15:34:20.0841 4676 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 15:34:20.0843 4676 MSPCLOCK - ok 15:34:20.0845 4676 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 15:34:20.0846 4676 MSPQM - ok 15:34:20.0877 4676 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 15:34:20.0885 4676 MsRPC - ok 15:34:20.0895 4676 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 15:34:20.0899 4676 mssmbios - ok 15:34:20.0902 4676 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 15:34:20.0904 4676 MSTEE - ok 15:34:20.0907 4676 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 15:34:20.0911 4676 MTConfig - ok 15:34:20.0919 4676 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 15:34:20.0924 4676 Mup - ok 15:34:20.0969 4676 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 15:34:20.0981 4676 napagent - ok 15:34:21.0004 4676 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 15:34:21.0013 4676 NativeWifiP - ok 15:34:21.0072 4676 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys 15:34:21.0083 4676 NDIS - ok 15:34:21.0095 4676 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 15:34:21.0098 4676 NdisCap - ok 15:34:21.0113 4676 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 15:34:21.0116 4676 NdisTapi - ok 15:34:21.0123 4676 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 15:34:21.0126 4676 Ndisuio - ok 15:34:21.0143 4676 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 15:34:21.0148 4676 NdisWan - ok 15:34:21.0161 4676 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 15:34:21.0164 4676 NDProxy - ok 15:34:21.0168 4676 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 15:34:21.0171 4676 NetBIOS - ok 15:34:21.0190 4676 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 15:34:21.0195 4676 NetBT - ok 15:34:21.0229 4676 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:34:21.0230 4676 Netlogon - ok 15:34:21.0269 4676 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 15:34:21.0279 4676 Netman - ok 15:34:21.0370 4676 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:34:21.0380 4676 NetMsmqActivator - ok 15:34:21.0383 4676 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:34:21.0384 4676 NetPipeActivator - ok 15:34:21.0417 4676 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 15:34:21.0430 4676 netprofm - ok 15:34:21.0434 4676 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:34:21.0435 4676 NetTcpActivator - ok 15:34:21.0438 4676 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:34:21.0439 4676 NetTcpPortSharing - ok 15:34:21.0470 4676 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 15:34:21.0475 4676 nfrd960 - ok 15:34:21.0502 4676 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 15:34:21.0510 4676 NlaSvc - ok 15:34:21.0520 4676 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 15:34:21.0524 4676 Npfs - ok 15:34:21.0531 4676 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 15:34:21.0535 4676 nsi - ok 15:34:21.0541 4676 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 15:34:21.0544 4676 nsiproxy - ok 15:34:21.0650 4676 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 15:34:21.0669 4676 Ntfs - ok 15:34:21.0760 4676 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 15:34:21.0762 4676 Null - ok 15:34:21.0802 4676 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys 15:34:21.0807 4676 nusb3hub - ok 15:34:21.0851 4676 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys 15:34:21.0858 4676 nusb3xhc - ok 15:34:21.0885 4676 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys 15:34:21.0892 4676 NVHDA - ok 15:34:22.0379 4676 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys 15:34:22.0428 4676 nvlddmkm - ok 15:34:22.0531 4676 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 15:34:22.0537 4676 nvraid - ok 15:34:22.0577 4676 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 15:34:22.0584 4676 nvstor - ok 15:34:22.0649 4676 NVSvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe 15:34:22.0665 4676 NVSvc - ok 15:34:22.0837 4676 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 15:34:22.0866 4676 nvUpdatusService - ok 15:34:22.0965 4676 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 15:34:22.0971 4676 nv_agp - ok 15:34:22.0983 4676 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 15:34:22.0989 4676 ohci1394 - ok 15:34:23.0041 4676 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 15:34:23.0049 4676 ose - ok 15:34:23.0292 4676 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 15:34:23.0316 4676 osppsvc - ok 15:34:23.0432 4676 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 15:34:23.0440 4676 p2pimsvc - ok 15:34:23.0473 4676 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 15:34:23.0482 4676 p2psvc - ok 15:34:23.0523 4676 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 15:34:23.0527 4676 Parport - ok 15:34:23.0562 4676 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 15:34:23.0568 4676 partmgr - ok 15:34:23.0586 4676 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 15:34:23.0595 4676 PcaSvc - ok 15:34:23.0624 4676 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 15:34:23.0631 4676 pci - ok 15:34:23.0647 4676 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 15:34:23.0651 4676 pciide - ok 15:34:23.0676 4676 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 15:34:23.0683 4676 pcmcia - ok 15:34:23.0699 4676 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 15:34:23.0704 4676 pcw - ok 15:34:23.0741 4676 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 15:34:23.0755 4676 PEAUTH - ok 15:34:23.0825 4676 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 15:34:23.0830 4676 PerfHost - ok 15:34:23.0914 4676 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 15:34:23.0933 4676 pla - ok 15:34:23.0971 4676 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 15:34:23.0982 4676 PlugPlay - ok 15:34:23.0985 4676 PnkBstrA - ok 15:34:24.0002 4676 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 15:34:24.0007 4676 PNRPAutoReg - ok 15:34:24.0030 4676 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 15:34:24.0034 4676 PNRPsvc - ok 15:34:24.0076 4676 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 15:34:24.0082 4676 PolicyAgent - ok 15:34:24.0103 4676 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 15:34:24.0109 4676 Power - ok 15:34:24.0152 4676 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 15:34:24.0158 4676 PptpMiniport - ok 15:34:24.0194 4676 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 15:34:24.0199 4676 Processor - ok 15:34:24.0226 4676 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 15:34:24.0235 4676 ProfSvc - ok 15:34:24.0279 4676 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:34:24.0280 4676 ProtectedStorage - ok 15:34:24.0301 4676 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 15:34:24.0307 4676 Psched - ok 15:34:24.0333 4676 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys 15:34:24.0338 4676 PxHlpa64 - ok 15:34:24.0414 4676 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 15:34:24.0431 4676 ql2300 - ok 15:34:24.0560 4676 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 15:34:24.0567 4676 ql40xx - ok 15:34:24.0606 4676 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 15:34:24.0614 4676 QWAVE - ok 15:34:24.0630 4676 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 15:34:24.0634 4676 QWAVEdrv - ok 15:34:24.0647 4676 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 15:34:24.0650 4676 RasAcd - ok 15:34:24.0669 4676 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 15:34:24.0674 4676 RasAgileVpn - ok 15:34:24.0687 4676 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 15:34:24.0693 4676 RasAuto - ok 15:34:24.0707 4676 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:34:24.0712 4676 Rasl2tp - ok 15:34:24.0736 4676 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 15:34:24.0744 4676 RasMan - ok 15:34:24.0759 4676 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 15:34:24.0764 4676 RasPppoe - ok 15:34:24.0778 4676 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 15:34:24.0783 4676 RasSstp - ok 15:34:24.0808 4676 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 15:34:24.0816 4676 rdbss - ok 15:34:24.0830 4676 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 15:34:24.0833 4676 rdpbus - ok 15:34:24.0843 4676 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:34:24.0846 4676 RDPCDD - ok 15:34:24.0857 4676 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 15:34:24.0859 4676 RDPENCDD - ok 15:34:24.0870 4676 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 15:34:24.0872 4676 RDPREFMP - ok 15:34:24.0906 4676 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 15:34:24.0912 4676 RDPWD - ok 15:34:24.0937 4676 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 15:34:24.0944 4676 rdyboost - ok 15:34:24.0978 4676 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 15:34:24.0984 4676 RemoteAccess - ok 15:34:25.0001 4676 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 15:34:25.0009 4676 RemoteRegistry - ok 15:34:25.0043 4676 REN2CAP_DRIVER (5c6a5b94b477435e9374a1cb841d6bb3) C:\Windows\system32\drivers\ren2cap.sys 15:34:25.0048 4676 REN2CAP_DRIVER - ok 15:34:25.0187 4676 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe 15:34:25.0205 4676 RoxMediaDB12OEM - ok 15:34:25.0242 4676 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe 15:34:25.0253 4676 RoxWatch12 - ok 15:34:25.0368 4676 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 15:34:25.0375 4676 RpcEptMapper - ok 15:34:25.0399 4676 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 15:34:25.0402 4676 RpcLocator - ok 15:34:25.0437 4676 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 15:34:25.0443 4676 RpcSs - ok 15:34:25.0492 4676 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 15:34:25.0496 4676 rspndr - ok 15:34:25.0534 4676 RTL8167 (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys 15:34:25.0541 4676 RTL8167 - ok 15:34:25.0553 4676 RtNdPt60 (e16b7c030a05ef649b18fab0a93d871f) C:\Windows\system32\DRIVERS\RtNdPt60.sys 15:34:25.0557 4676 RtNdPt60 - ok 15:34:25.0575 4676 RTTEAMPT (1de78f5008120cd79b34c12394dcd493) C:\Windows\system32\DRIVERS\RtTeam60.sys 15:34:25.0579 4676 RTTEAMPT - ok 15:34:25.0592 4676 RTVLANPT (b1018aa1b5735f5fa89fd4dadf4bea7a) C:\Windows\system32\DRIVERS\RtVlan60.sys 15:34:25.0596 4676 RTVLANPT - ok 15:34:25.0629 4676 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:34:25.0630 4676 SamSs - ok 15:34:25.0650 4676 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 15:34:25.0656 4676 sbp2port - ok 15:34:25.0782 4676 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 15:34:25.0802 4676 SBSDWSCService - ok 15:34:25.0835 4676 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 15:34:25.0843 4676 SCardSvr - ok 15:34:25.0905 4676 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 15:34:25.0910 4676 scfilter - ok 15:34:25.0972 4676 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 15:34:25.0990 4676 Schedule - ok 15:34:26.0021 4676 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 15:34:26.0021 4676 SCPolicySvc - ok 15:34:26.0055 4676 ScreamBAudioSvc (8b56bdce6a303dde63d63440d1cf9ad1) C:\Windows\system32\drivers\ScreamingBAudio64.sys 15:34:26.0059 4676 ScreamBAudioSvc - ok 15:34:26.0078 4676 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 15:34:26.0087 4676 SDRSVC - ok 15:34:26.0095 4676 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 15:34:26.0098 4676 secdrv - ok 15:34:26.0106 4676 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 15:34:26.0111 4676 seclogon - ok 15:34:26.0120 4676 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 15:34:26.0128 4676 SENS - ok 15:34:26.0136 4676 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 15:34:26.0141 4676 SensrSvc - ok 15:34:26.0155 4676 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 15:34:26.0157 4676 Serenum - ok 15:34:26.0171 4676 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 15:34:26.0174 4676 Serial - ok 15:34:26.0184 4676 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 15:34:26.0187 4676 sermouse - ok 15:34:26.0215 4676 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 15:34:26.0221 4676 SessionEnv - ok 15:34:26.0234 4676 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 15:34:26.0237 4676 sffdisk - ok 15:34:26.0241 4676 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 15:34:26.0244 4676 sffp_mmc - ok 15:34:26.0258 4676 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 15:34:26.0261 4676 sffp_sd - ok 15:34:26.0265 4676 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 15:34:26.0267 4676 sfloppy - ok 15:34:26.0404 4676 SftService (29ddea72c5bdf61d62f4d438dc0e497c) C:\Program Files (x86)\AlienRespawn\sftservice.EXE 15:34:26.0427 4676 SftService - ok 15:34:26.0543 4676 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 15:34:26.0554 4676 ShellHWDetection - ok 15:34:26.0600 4676 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 15:34:26.0604 4676 SiSRaid2 - ok 15:34:26.0618 4676 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 15:34:26.0623 4676 SiSRaid4 - ok 15:34:26.0675 4676 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe 15:34:26.0719 4676 SkypeUpdate - ok 15:34:26.0739 4676 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 15:34:26.0742 4676 Smb - ok 15:34:26.0756 4676 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 15:34:26.0758 4676 SNMPTRAP - ok 15:34:26.0769 4676 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 15:34:26.0771 4676 spldr - ok 15:34:26.0813 4676 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 15:34:26.0826 4676 Spooler - ok 15:34:26.0971 4676 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 15:34:27.0002 4676 sppsvc - ok 15:34:27.0088 4676 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 15:34:27.0095 4676 sppuinotify - ok 15:34:27.0145 4676 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 15:34:27.0154 4676 srv - ok 15:34:27.0186 4676 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 15:34:27.0195 4676 srv2 - ok 15:34:27.0216 4676 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 15:34:27.0222 4676 srvnet - ok 15:34:27.0241 4676 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 15:34:27.0247 4676 SSDPSRV - ok 15:34:27.0261 4676 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 15:34:27.0267 4676 SstpSvc - ok 15:34:27.0311 4676 Steam Client Service - ok 15:34:27.0407 4676 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 15:34:27.0416 4676 Stereo Service - ok 15:34:27.0433 4676 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 15:34:27.0436 4676 stexstor - ok 15:34:27.0470 4676 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 15:34:27.0479 4676 stisvc - ok 15:34:27.0522 4676 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe 15:34:27.0528 4676 stllssvr - ok 15:34:27.0543 4676 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 15:34:27.0546 4676 swenum - ok 15:34:27.0578 4676 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 15:34:27.0587 4676 swprv - ok 15:34:27.0676 4676 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 15:34:27.0695 4676 SysMain - ok 15:34:27.0796 4676 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 15:34:27.0803 4676 TabletInputService - ok 15:34:27.0827 4676 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 15:34:27.0836 4676 TapiSrv - ok 15:34:27.0869 4676 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 15:34:27.0875 4676 TBS - ok 15:34:28.0002 4676 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 15:34:28.0026 4676 Tcpip - ok 15:34:28.0135 4676 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 15:34:28.0141 4676 TCPIP6 - ok 15:34:28.0192 4676 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 15:34:28.0194 4676 tcpipreg - ok 15:34:28.0203 4676 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 15:34:28.0205 4676 TDPIPE - ok 15:34:28.0235 4676 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 15:34:28.0238 4676 TDTCP - ok 15:34:28.0250 4676 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 15:34:28.0254 4676 tdx - ok 15:34:28.0274 4676 TEAM (1de78f5008120cd79b34c12394dcd493) C:\Windows\system32\DRIVERS\RtTeam60.sys 15:34:28.0274 4676 TEAM - ok 15:34:28.0290 4676 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys 15:34:28.0294 4676 TermDD - ok 15:34:28.0337 4676 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 15:34:28.0346 4676 TermService - ok 15:34:28.0349 4676 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 15:34:28.0354 4676 Themes - ok 15:34:28.0381 4676 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 15:34:28.0382 4676 THREADORDER - ok 15:34:28.0397 4676 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 15:34:28.0403 4676 TrkWks - ok 15:34:28.0454 4676 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 15:34:28.0458 4676 TrustedInstaller - ok 15:34:28.0473 4676 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:34:28.0476 4676 tssecsrv - ok 15:34:28.0491 4676 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 15:34:28.0496 4676 TsUsbFlt - ok 15:34:28.0508 4676 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 15:34:28.0512 4676 TsUsbGD - ok 15:34:28.0529 4676 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 15:34:28.0533 4676 tunnel - ok 15:34:28.0550 4676 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 15:34:28.0553 4676 uagp35 - ok 15:34:28.0583 4676 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 15:34:28.0588 4676 udfs - ok 15:34:28.0599 4676 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 15:34:28.0602 4676 UI0Detect - ok 15:34:28.0614 4676 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 15:34:28.0617 4676 uliagpkx - ok 15:34:28.0631 4676 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 15:34:28.0633 4676 umbus - ok 15:34:28.0642 4676 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 15:34:28.0644 4676 UmPass - ok 15:34:28.0673 4676 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 15:34:28.0677 4676 upnphost - ok 15:34:28.0703 4676 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 15:34:28.0705 4676 USBAAPL64 - ok 15:34:28.0736 4676 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 15:34:28.0739 4676 usbaudio - ok 15:34:28.0767 4676 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys 15:34:28.0770 4676 usbccgp - ok 15:34:28.0787 4676 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 15:34:28.0792 4676 usbcir - ok 15:34:28.0804 4676 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 15:34:28.0807 4676 usbehci - ok 15:34:28.0836 4676 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 15:34:28.0841 4676 usbhub - ok 15:34:28.0858 4676 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 15:34:28.0859 4676 usbohci - ok 15:34:28.0869 4676 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 15:34:28.0871 4676 usbprint - ok 15:34:28.0904 4676 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 15:34:28.0908 4676 usbscan - ok 15:34:28.0924 4676 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:34:28.0929 4676 USBSTOR - ok 15:34:28.0958 4676 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 15:34:28.0962 4676 usbuhci - ok 15:34:28.0989 4676 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 15:34:28.0995 4676 UxSms - ok 15:34:29.0028 4676 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 15:34:29.0030 4676 VaultSvc - ok 15:34:29.0040 4676 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 15:34:29.0044 4676 vdrvroot - ok 15:34:29.0078 4676 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 15:34:29.0089 4676 vds - ok 15:34:29.0094 4676 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 15:34:29.0097 4676 vga - ok 15:34:29.0113 4676 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 15:34:29.0116 4676 VgaSave - ok 15:34:29.0147 4676 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 15:34:29.0155 4676 vhdmp - ok 15:34:29.0168 4676 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 15:34:29.0171 4676 viaide - ok 15:34:29.0200 4676 VLAN (b1018aa1b5735f5fa89fd4dadf4bea7a) C:\Windows\system32\DRIVERS\RtVLAN60.sys 15:34:29.0201 4676 VLAN - ok 15:34:29.0217 4676 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 15:34:29.0222 4676 volmgr - ok 15:34:29.0247 4676 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 15:34:29.0256 4676 volmgrx - ok 15:34:29.0284 4676 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 15:34:29.0292 4676 volsnap - ok 15:34:29.0321 4676 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 15:34:29.0327 4676 vsmraid - ok 15:34:29.0419 4676 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 15:34:29.0437 4676 VSS - ok 15:34:29.0538 4676 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe 15:34:29.0552 4676 vToolbarUpdater11.1.0 - ok 15:34:29.0646 4676 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 15:34:29.0650 4676 vwifibus - ok 15:34:29.0660 4676 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 15:34:29.0664 4676 vwififlt - ok 15:34:29.0672 4676 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 15:34:29.0675 4676 vwifimp - ok 15:34:29.0716 4676 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 15:34:29.0726 4676 W32Time - ok 15:34:29.0744 4676 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 15:34:29.0747 4676 WacomPen - ok 15:34:29.0760 4676 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:34:29.0764 4676 WANARP - ok 15:34:29.0767 4676 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 15:34:29.0768 4676 Wanarpv6 - ok 15:34:29.0853 4676 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 15:34:29.0870 4676 wbengine - ok 15:34:29.0962 4676 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 15:34:29.0970 4676 WbioSrvc - ok 15:34:30.0003 4676 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 15:34:30.0012 4676 wcncsvc - ok 15:34:30.0027 4676 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 15:34:30.0033 4676 WcsPlugInService - ok 15:34:30.0072 4676 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 15:34:30.0077 4676 Wd - ok 15:34:30.0116 4676 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 15:34:30.0128 4676 Wdf01000 - ok 15:34:30.0164 4676 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 15:34:30.0172 4676 WdiServiceHost - ok 15:34:30.0175 4676 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 15:34:30.0178 4676 WdiSystemHost - ok 15:34:30.0225 4676 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 15:34:30.0234 4676 WebClient - ok 15:34:30.0262 4676 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 15:34:30.0270 4676 Wecsvc - ok 15:34:30.0287 4676 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 15:34:30.0294 4676 wercplsupport - ok 15:34:30.0301 4676 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 15:34:30.0307 4676 WerSvc - ok 15:34:30.0317 4676 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 15:34:30.0320 4676 WfpLwf - ok 15:34:30.0347 4676 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys 15:34:30.0353 4676 WimFltr - ok 15:34:30.0365 4676 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 15:34:30.0368 4676 WIMMount - ok 15:34:30.0374 4676 WinHttpAutoProxySvc - ok 15:34:30.0429 4676 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 15:34:30.0436 4676 Winmgmt - ok 15:34:30.0553 4676 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 15:34:30.0573 4676 WinRM - ok 15:34:30.0695 4676 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 15:34:30.0701 4676 WinUsb - ok 15:34:30.0769 4676 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 15:34:30.0783 4676 Wlansvc - ok 15:34:30.0948 4676 wlidsvc (98f138897ef4246381d197cb81846d62) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 15:34:30.0972 4676 wlidsvc - ok 15:34:31.0021 4676 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 15:34:31.0024 4676 WmiAcpi - ok 15:34:31.0087 4676 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 15:34:31.0093 4676 wmiApSrv - ok 15:34:31.0119 4676 WMPNetworkSvc - ok 15:34:31.0142 4676 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 15:34:31.0146 4676 WPCSvc - ok 15:34:31.0167 4676 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 15:34:31.0174 4676 WPDBusEnum - ok 15:34:31.0183 4676 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 15:34:31.0186 4676 ws2ifsl - ok 15:34:31.0188 4676 WSearch - ok 15:34:31.0299 4676 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 15:34:31.0314 4676 wuauserv - ok 15:34:31.0421 4676 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 15:34:31.0426 4676 WudfPf - ok 15:34:31.0448 4676 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 15:34:31.0453 4676 WUDFRd - ok 15:34:31.0471 4676 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 15:34:31.0476 4676 wudfsvc - ok 15:34:31.0508 4676 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 15:34:31.0514 4676 WwanSvc - ok 15:34:31.0574 4676 xnacc (4a5ce13408945e525503b5f73d29b9c5) C:\Windows\system32\DRIVERS\xnacc.sys 15:34:31.0586 4676 xnacc - ok 15:34:31.0610 4676 xusb21 (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys 15:34:31.0615 4676 xusb21 - ok 15:34:31.0631 4676 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 15:34:31.0902 4676 \Device\Harddisk0\DR0 - ok 15:34:31.0904 4676 Boot (0x1200) (098a341f7b467a7bfb0b05057af764af) \Device\Harddisk0\DR0\Partition0 15:34:31.0906 4676 \Device\Harddisk0\DR0\Partition0 - ok 15:34:31.0935 4676 Boot (0x1200) (98867cbf88bbfa1840e7d2f5591d41f0) \Device\Harddisk0\DR0\Partition1 15:34:31.0936 4676 \Device\Harddisk0\DR0\Partition1 - ok 15:34:31.0936 4676 ============================================================ 15:34:31.0936 4676 Scan finished 15:34:31.0936 4676 ============================================================ 15:34:31.0944 7600 Detected object count: 0 15:34:31.0944 7600 Actual detected object count: 0 Jan Geändert von Keandir (12.06.2012 um 14:47 Uhr) |
|
12.06.2012, 15:03
| #6 |
| /// Malwareteam | Avira findet dauernd TR/ATRAPS.Gen und TR/ATRAPS.Gen2, was muss ich machen damit es verschwindet ? Starte aswMBR erneut. Wähle im Menü "Quick Scan" und klicke scan. Poste die Logdatei!
__________________ --> Avira findet dauernd TR/ATRAPS.Gen und TR/ATRAPS.Gen2, was muss ich machen damit es verschwindet ? |
|
12.06.2012, 16:18
| #7 |
| | Avira findet dauernd TR/ATRAPS.Gen und TR/ATRAPS.Gen2, was muss ich machen damit es verschwindet ? ich habe es öfters hinter einander nochmal probiert aber es ist immer an der gleichen Stelle (Scanning:c:\Microsoft\assambly\Gac_MSIL\Microsoft.visualstudio.Tools.Application..) stehen geblieben. Ich habe alles so gemacht wie es gesagt wurde. Es bleibt auch stehen wenn ich anstatt "quick scan" "c:\" mache. Jan |
|
13.06.2012, 06:45
| #8 | |
| /// Malwareteam | Avira findet dauernd TR/ATRAPS.Gen und TR/ATRAPS.Gen2, was muss ich machen damit es verschwindet ? Combofix Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
14.06.2012, 14:20
| #9 |
| | Avira findet dauernd TR/ATRAPS.Gen und TR/ATRAPS.Gen2, was muss ich machen damit es verschwindet ? Habe alles gemacht und hat auch alles geklappt hoffe ich also ich habe nichts merkwürdiges bemerkt. Danke nochmals für die gute und schnelle Hilfe. Ich hoffe die nächsten Schritte sind genau so einfach und schnell. Hier ist die Log-Datei : Combofix Logfile: Code:
ATTFilter ComboFix 12-06-14.01 - Jan 14.06.2012 14:58:52.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8174.6516 [GMT 2:00]
ausgeführt von:: c:\users\Jan\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\program files (x86)\Complitly
c:\program files (x86)\Complitly\chrome\ComplitlyChrome.crx
c:\program files (x86)\Complitly\FireFoxExtensionWithFF8Fix.exe
c:\program files (x86)\Complitly\FireFoxUninstaller.exe
c:\program files (x86)\Complitly\InstTracker.exe
c:\program files (x86)\Complitly\support@Complitly.com\chrome.manifest
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\appIcon.png
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\options.js
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\options.xul
c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\utils.js
c:\program files (x86)\Complitly\support@Complitly.com\defaults\preferences\predictad.js
c:\program files (x86)\Complitly\support@Complitly.com\install.rdf
c:\program files (x86)\Complitly\System.Data.SQLite.dll
c:\program files (x86)\Complitly\unins000.dat
c:\program files (x86)\Complitly\unins000.exe
c:\program files (x86)\I Want This
c:\program files (x86)\I Want This\appAPIinternalWrapper.js
c:\program files (x86)\I Want This\fb.js
c:\program files (x86)\I Want This\I Want This.ico
c:\program files (x86)\I Want This\jquery.js
c:\program files (x86)\I Want This\json.js
c:\program files (x86)\IMinent Toolbar\tbHElper.dll
c:\programdata\Windows
c:\programdata\Windows\ccdxmmde.dat
c:\programdata\windows\drss.dat
c:\programdata\windows\msseedir.dll
c:\programdata\Windows\xessmsxe.dat
c:\users\Jan\AppData\Roaming\Microsoft\Windows\Recent\Portal.url
c:\windows\Installer\{9cf40b3a-87ab-7192-8eae-de1194e8f075}\@
c:\windows\Installer\{9cf40b3a-87ab-7192-8eae-de1194e8f075}\U\00000001.@
c:\windows\Installer\{9cf40b3a-87ab-7192-8eae-de1194e8f075}\U\80000000.@
c:\windows\Installer\{9cf40b3a-87ab-7192-8eae-de1194e8f075}\U\800000cb.@
.
Infizierte Kopie von c:\windows\system32\services.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe wurde wiederhergestellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-05-14 bis 2012-06-14 ))))))))))))))))))))))))))))))
.
.
2012-06-14 13:03 . 2012-06-14 13:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-06-14 13:03 . 2012-06-14 13:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-13 15:04 . 2012-06-13 15:04 -------- d-----w- c:\users\Jan\AppData\Roaming\LolClient2
2012-06-05 19:47 . 2012-06-05 19:47 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-06-05 15:25 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{12D4E2AA-B141-449A-BCCD-B5A43D96A0B6}\mpengine.dll
2012-06-05 15:14 . 2012-06-05 15:14 -------- d-----w- c:\users\Jan\AppData\Roaming\Leadertech
2012-06-05 15:14 . 2012-06-05 15:14 -------- d-----w- c:\program files\Logitech
2012-06-05 15:14 . 2012-06-05 15:14 -------- d-----w- c:\program files (x86)\Logitech
2012-06-05 15:12 . 2012-06-05 15:12 -------- d-----w- c:\programdata\LogiShrd
2012-06-05 07:02 . 2012-06-05 07:02 -------- d-----w- c:\windows\PCHEALTH
2012-06-05 06:59 . 2012-06-05 06:59 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2012-06-05 06:59 . 2012-06-05 06:59 -------- d-----r- C:\MSOCache
2012-06-05 06:55 . 2012-06-05 06:55 -------- d-----w- c:\users\Jan\AppData\Local\Microsoft Help
2012-06-05 06:55 . 2012-06-06 07:08 -------- d-----w- c:\programdata\Microsoft Help
2012-05-31 16:16 . 2012-03-22 11:43 2557952 ----a-w- c:\windows\SysWow64\QtCore4.dll
2012-05-31 16:16 . 2012-04-18 11:49 405176 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll
2012-05-31 16:16 . 2012-05-31 16:16 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2012-05-31 16:16 . 2012-05-31 16:16 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2012-05-31 16:15 . 2012-05-31 16:20 -------- d-----w- c:\users\Jan\AppData\Roaming\DVDVideoSoft
2012-05-30 17:46 . 2011-11-07 14:18 46728 ----a-w- c:\windows\system32\drivers\ren2cap.sys
2012-05-26 20:53 . 2012-05-26 20:53 -------- d-----w- C:\Ace of Spades
2012-05-26 12:44 . 2012-05-26 12:44 -------- d-----w- c:\programdata\SweetIM
2012-05-26 12:44 . 2012-05-26 12:44 -------- d-----w- c:\program files (x86)\SweetIM
2012-05-26 12:42 . 2012-05-26 12:42 -------- d-----w- c:\program files (x86)\Yontoo
2012-05-26 12:42 . 2012-05-26 12:42 -------- d-----w- c:\programdata\Tarma Installer
2012-05-26 12:41 . 2012-05-26 14:06 -------- d-----w- c:\program files (x86)\1ClickDownload
2012-05-19 11:24 . 2012-05-30 15:31 -------- d-----w- c:\program files (x86)\Diablo III
2012-05-19 11:21 . 2012-05-19 11:22 -------- d-----w- c:\programdata\Battle.net
2012-05-19 09:24 . 2007-12-07 00:08 108032 ----a-w- c:\windows\system32\E_ILMEJE.DLL
2012-05-19 09:24 . 2007-12-07 00:01 81408 ----a-w- c:\windows\system32\E_IBCBEJE.DLL
2012-05-19 09:24 . 2007-04-09 23:06 10752 ----a-w- c:\windows\system32\E_GCINST.DLL
2012-05-19 09:22 . 2012-05-19 09:25 -------- d-----w- c:\programdata\EPSON
2012-05-19 09:12 . 2012-05-19 09:12 -------- d-----w- c:\program files (x86)\Renesas Electronics
2012-05-19 09:12 . 2012-05-19 09:12 -------- d-----w- c:\programdata\Downloaded Installations
2012-05-18 17:26 . 2012-05-18 17:26 -------- d-----w- C:\ts3overlay
2012-05-18 17:25 . 2012-05-18 17:25 -------- d-----w- c:\users\Jan\AppData\Local\Origin
2012-05-18 17:17 . 2012-05-18 17:20 -------- d-----w- c:\program files (x86)\Origin
2012-05-18 12:23 . 2012-05-18 12:51 -------- d-----w- c:\program files (x86)\Screaming Bee
2012-05-18 12:14 . 2012-05-18 12:14 -------- d-----w- c:\users\Jan\AppData\Local\AVG Secure Search
2012-05-18 12:14 . 2012-05-18 12:14 -------- d-----w- c:\programdata\AVG Secure Search
2012-05-18 12:14 . 2012-05-18 12:14 -------- d-----w- c:\program files (x86)\AVG Secure Search
2012-05-18 12:14 . 2012-05-18 12:14 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2012-05-18 12:13 . 2012-05-18 12:13 -------- d--h--w- c:\programdata\Common Files
2012-05-18 12:12 . 2012-05-18 12:21 -------- d-----w- c:\program files (x86)\Fake Voice
2012-05-18 12:05 . 2012-06-14 13:03 -------- d-----w- c:\program files (x86)\IMinent Toolbar
2012-05-18 12:04 . 2012-05-18 12:04 -------- d-----w- c:\users\Jan\AppData\Roaming\Screaming Bee
2012-05-18 12:04 . 2012-05-18 12:04 -------- d-----w- c:\users\Jan\AppData\Roaming\Iminent
2012-05-18 12:04 . 2012-05-18 12:04 -------- d-----w- c:\programdata\Iminent
2012-05-18 12:04 . 2012-05-18 12:04 -------- d-----w- c:\program files (x86)\Iminent
2012-05-18 12:03 . 2012-05-18 12:04 -------- d-----w- c:\programdata\Screaming Bee
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-13 19:14 . 2012-01-27 19:44 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-06-13 19:14 . 2012-01-26 14:36 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-06-13 19:13 . 2012-01-26 14:36 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-05-10 16:40 . 2011-12-06 13:25 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-10 16:40 . 2011-12-06 13:25 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-05-05 11:35 . 2012-04-08 00:14 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-05 11:35 . 2011-11-30 09:29 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 11:35 . 2012-04-08 00:35 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-19 19:21 . 2012-04-19 19:21 89312 ----a-w- c:\windows\SysWow64\acedrv09.dll
2012-04-19 19:21 . 2012-04-19 19:21 134880 ----a-w- c:\windows\system32\drivers\acedrv09.sys
2012-04-07 10:55 . 2011-11-30 09:39 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-03-31 06:05 . 2012-05-09 18:39 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-31 04:39 . 2012-05-09 18:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-31 04:39 . 2012-05-09 18:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-31 03:10 . 2012-05-09 18:39 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-03-30 11:35 . 2012-05-09 18:37 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-17 07:58 . 2012-05-09 18:37 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
2010-07-02 07:54 2607872 ----a-w- c:\program files (x86)\IMinent Toolbar\tbcore3.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-05-18 12:14 2068536 ----a-w- c:\program files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2012-04-24 12:24 1310000 ----a-w- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{977AE9CC-AF83-45E8-9E03-E2798216E2D5}"= "c:\program files (x86)\IMinent Toolbar\tbcore3.dll" [2010-07-02 2607872]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll" [2012-05-18 2068536]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-04-24 1310000]
.
[HKEY_CLASSES_ROOT\clsid\{977ae9cc-af83-45e8-9e03-e2798216e2d5}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\TBSB01620.TBSB01620]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2012-05-18 3407496]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-05-25 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2009-12-01 963584]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-04-04 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-10 348624]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 1987976]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Iminent"="c:\program files (x86)\Iminent\Iminent.exe" [2012-04-27 1073744]
"IminentMessenger"="c:\program files (x86)\Iminent\Iminent.Messengers.exe" [2012-04-27 884816]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-05-18 1104440]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2012-02-16 114992]
"Sweetpacks Communicator"="c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-02-26 295728]
"Logitech G35"="c:\program files (x86)\Logitech\G35\G35.exe" [2010-10-05 1811800]
.
c:\users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AWMouseCI.lnk - c:\program files\Alienware\Alienware TactX Mouse CI\AWMouseCI.exe [2009-6-25 831488]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe [2011-05-02 15296]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 REN2CAP_DRIVER;Hear;c:\windows\system32\drivers\ren2cap.sys [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);c:\windows\system32\DRIVERS\RtVLAN60.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 acedrv09;acedrv09;c:\windows\system32\drivers\acedrv09.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-10 86224]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-04-05 8704]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [x]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\AlienRespawn\sftservice.EXE [2011-09-22 1692480]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-05-18 935480]
S3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys [x]
S3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-06-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 11:35]
.
2012-06-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2532466536-4214561068-2911664243-1000Core.job
- c:\users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-06 12:52]
.
2012-06-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2532466536-4214561068-2911664243-1000UA.job
- c:\users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-06 12:52]
.
2012-06-11 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\AlienAutopsy\uaclauncher.exe [2011-03-22 17:20]
.
2012-06-13 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\AlienAutopsy\pcdrcui.exe [2011-03-22 17:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-14 11777128]
"Launch Keyboard CI"="c:\program files\Alienware\Alienware TactX Keyboard CI\txkbci.exe" [2009-05-28 3438088]
"Command Center Controllers"="c:\program files\Alienware\Command Center\AWCCStartupOrchestrator.exe" [2011-05-02 13256]
"RunDLLEntry_THXCfg"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
"RunDLLEntry_EptMon"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-04-22 130576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://isearch.avg.com/?cid={A76DCA3B-EEEF-46FE-A69C-525F15656C8E}&mid=35a99a1396e147d0bca52104e43accda-b9b8d9fa4e648cf9caba6f3668e5d45d9c3118d4&lang=de&ds=cv011&pr=sa&d=2012-05-18 14:14&v=11.1.0.7&sap=hp
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={89B351E1-A730-11E1-A30B-F04DA2DE2529}
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Web-Suche - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll
FF - ProfilePath - c:\users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\pam6zqu0.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://search.iminent.com/?appId=694f2c06-9d73-4bfe-bbce-657abafd8dd5&lcid=1031&ref=homepage
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Be1532237-9126-492d-826e-8e11e95c7ea2%7D&mid=35a99a1396e147d0bca52104e43accda-b9b8d9fa4e648cf9caba6f3668e5d45d9c3118d4&ds=cv011&v=11.1.0.7&lang=de&pr=sa&d=2012-05-18%2014%3A14%3A06&sap=ku&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109986
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 566fb474000000000000e2d53d94cced
FF - user.js: extensions.BabylonToolbar_i.hardId - 566fb474000000000000e2d53d94cced
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15423
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1712:49
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: extentions.y2layers.installId - b7c4218a-eaa8-4c60-99d5-9d23b34a28f7
FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,ezLooker,pagerage,buzzdock,toprelatedtopics
FF - user.js: extensions.autoDisableScopes - 14
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
BHO-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-LicenseValidator - c:\users\Jan\AppData\Roaming\Mozilla\{55BA6F2F-4A5E-46D3-A5A8-3CC80754E6F9}\LicenseValidator.exe
Toolbar-Locked - (no file)
WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
HKLM-Run-(Standard) - (no file)
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files (x86)\Complitly\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{6E6E744E-4D20-4CE3-9A7A-26DFFFE22F68}"=hex:51,66,7a,6c,4c,1d,38,12,20,77,7d,
6a,12,03,8d,09,e5,6c,65,9f,fa,bc,6b,7c
"{977AE9CC-AF83-45E8-9E03-E2798216E2D5}"=hex:51,66,7a,6c,4c,1d,38,12,a2,ea,69,
93,b1,e1,86,00,e1,15,a1,39,87,48,a6,c1
"{0FB6A909-6086-458F-BD92-1F8EE10042A0}"=hex:51,66,7a,6c,4c,1d,38,12,67,aa,a5,
0b,b4,2e,e1,00,c2,84,5c,ce,e4,5e,06,b4
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,
57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b
"{58124A0B-DC32-4180-9BFF-E0E21AE34026}"=hex:51,66,7a,6c,4c,1d,38,12,65,49,01,
5c,00,92,ee,04,e4,e9,a3,a2,1f,bd,04,32
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}"=hex:51,66,7a,6c,4c,1d,38,12,85,b5,89,
a4,87,7f,22,00,e8,fa,d8,69,48,cc,aa,3e
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:05,3f,53,5f,ef,34,cd,01
.
[HKEY_USERS\S-1-5-21-2532466536-4214561068-2911664243-1000\Software\SecuROM\License information*]
"datasecu"=hex:7c,83,a9,f7,d6,fd,02,f5,f1,97,27,47,fd,bb,17,40,ba,08,e8,74,e4,
9b,13,a8,a3,a8,f9,3a,14,21,f3,b7,a1,dd,82,f9,f4,10,98,87,0b,09,66,7b,10,bb,\
"rkeysecu"=hex:6a,47,c6,ba,76,a4,66,f1,cc,f3,c9,13,c3,3a,af,72
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\AlienRespawn\TOASTER.EXE
c:\program files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-06-14 15:09:32 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-06-14 13:09
.
Vor Suchlauf: 14 Verzeichnis(se), 299.245.019.136 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 299.361.280.000 Bytes frei
.
- - End Of File - - 8096505AD14F3EDAF042C9C3B3BC61B5
Jan |
|
14.06.2012, 14:43
| #10 | |
| /// Malwareteam | Avira findet dauernd TR/ATRAPS.Gen und TR/ATRAPS.Gen2, was muss ich machen damit es verschwindet ? Schritt 1: Teatimer abstellen Mit laufendem TeaTimer von Spybot Search&Destroy lässt sich keine Reinigung durchführen, da er alle gelöschten Einträge wiederherstellt. Der Teatimer muss also während der Reinigungsarbeiten abgestellt werden (lasse den Teatimer so lange ausgeschaltet, bis wir mit der Reinigung fertig sind): Starte Spybot S&D => stelle im Menü "Modus" den "Erweiterten Modus" ein => klicke dann links unten auf "Werkzeuge" => klicke auf "Resident" => das Häkchen entfernen bei Resident "TeaTimer" (Schutz aller Systemeinstellungen) => Spybot Search&Destroy schließen => Rechner neu starten. Bebilderte Anleitung. Schritt 2: Software deinstallieren
Schritt 3: Scan mit adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 4: CF-Script Hinweis für Mitleser: Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen! Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von einem der folgenden Download-Spiegel neu herunter: BleepingComputer.com - ForoSpyware.comund speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)! Drücke die Windows + R Taste --> Notepad (hinein schreiben) --> OK Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument. Code:
ATTFilter DIRLOOK::
c:\users\Jan\AppData\local\{9cf40b3a-87ab-7192-8eae-de1194e8f075}
Wichtig:
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
18.06.2012, 08:33
| #11 |
| /// Malwareteam | Avira findet dauernd TR/ATRAPS.Gen und TR/ATRAPS.Gen2, was muss ich machen damit es verschwindet ? Hallo, benötigst Du noch weiterhin Hilfe ? Sollte ich innerhalb der nächsten 24 Stunden keine Antwort von dir erhalten, werde ich dein Thema aus meinen Abos nehmen und bekomme dadurch keine Nachricht über neue Antworten. Das Verschwinden der Symptome bedeutet nicht, dass dein System schon sauber ist
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
20.06.2012, 16:01
| #12 |
| | Avira findet dauernd TR/ATRAPS.Gen und TR/ATRAPS.Gen2, was muss ich machen damit es verschwindet ? Hier sind die Log's : Combofix: Combofix Logfile: Code:
ATTFilter ComboFix 12-06-19.01 - Jan 19.06.2012 17:46:18.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8174.6316 [GMT 2:00]
ausgeführt von:: c:\users\Jan\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Jan\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Outdated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Outdated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-05-19 bis 2012-06-19 ))))))))))))))))))))))))))))))
.
.
2012-06-19 15:51 . 2012-06-19 15:51 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-06-19 15:51 . 2012-06-19 15:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-13 15:04 . 2012-06-13 15:04 -------- d-----w- c:\users\Jan\AppData\Roaming\LolClient2
2012-06-13 07:57 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-05 19:47 . 2012-06-05 19:47 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-06-05 15:14 . 2012-06-05 15:14 -------- d-----w- c:\users\Jan\AppData\Roaming\Leadertech
2012-06-05 15:14 . 2012-06-05 15:14 -------- d-----w- c:\program files\Logitech
2012-06-05 15:14 . 2012-06-05 15:14 -------- d-----w- c:\program files (x86)\Logitech
2012-06-05 15:12 . 2012-06-05 15:12 -------- d-----w- c:\programdata\LogiShrd
2012-06-05 07:02 . 2012-06-05 07:02 -------- d-----w- c:\windows\PCHEALTH
2012-06-05 06:59 . 2012-06-05 06:59 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2012-06-05 06:59 . 2012-06-05 06:59 -------- d-----r- C:\MSOCache
2012-06-05 06:55 . 2012-06-05 06:55 -------- d-----w- c:\users\Jan\AppData\Local\Microsoft Help
2012-06-05 06:55 . 2012-06-14 16:39 -------- d-----w- c:\programdata\Microsoft Help
2012-05-31 16:16 . 2012-03-22 11:43 2557952 ----a-w- c:\windows\SysWow64\QtCore4.dll
2012-05-31 16:16 . 2012-04-18 11:49 405176 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll
2012-05-31 16:16 . 2012-05-31 16:16 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2012-05-31 16:16 . 2012-05-31 16:16 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2012-05-31 16:15 . 2012-05-31 16:20 -------- d-----w- c:\users\Jan\AppData\Roaming\DVDVideoSoft
2012-05-30 17:46 . 2011-11-07 14:18 46728 ----a-w- c:\windows\system32\drivers\ren2cap.sys
2012-05-26 20:53 . 2012-05-26 20:53 -------- d-----w- C:\Ace of Spades
2012-05-26 12:42 . 2012-06-14 17:14 -------- d-----w- c:\programdata\Tarma Installer
2012-05-26 12:41 . 2012-05-26 14:06 -------- d-----w- c:\program files (x86)\1ClickDownload
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-18 17:58 . 2012-01-27 19:44 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-06-18 17:58 . 2012-01-26 14:36 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-06-18 17:58 . 2012-01-26 14:36 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-06-17 16:38 . 2012-04-08 00:14 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-17 16:38 . 2011-11-30 09:29 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-10 16:40 . 2011-12-06 13:25 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-10 16:40 . 2011-12-06 13:25 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-05-05 11:35 . 2012-04-08 00:35 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-19 19:21 . 2012-04-19 19:21 89312 ----a-w- c:\windows\SysWow64\acedrv09.dll
2012-04-19 19:21 . 2012-04-19 19:21 134880 ----a-w- c:\windows\system32\drivers\acedrv09.sys
2012-04-07 10:55 . 2011-11-30 09:39 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-03-30 11:35 . 2012-05-09 18:37 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\users\Jan\AppData\local\{9cf40b3a-87ab-7192-8eae-de1194e8f075} ----
.
2012-01-11 16:42 . 2012-06-08 18:31 2048 --sha-w- c:\users\Jan\AppData\local\{9cf40b3a-87ab-7192-8eae-de1194e8f075}\@
.
.
((((((((((((((((((((((((((((( SnapShot@2012-06-14_13.05.11 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-21 03:09 . 2012-06-18 14:46 54308 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-06-19 12:35 37122 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-12-06 14:53 . 2012-06-19 15:54 13526 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2532466536-4214561068-2911664243-1000_UserData.bin
- 2011-12-06 12:47 . 2012-06-13 06:02 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-12-06 12:47 . 2012-06-16 13:46 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-12-06 12:47 . 2012-06-16 13:46 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-12-06 12:47 . 2012-06-13 06:02 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-06-13 06:02 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-06-16 13:46 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2012-06-17 15:28 95344 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-07-14 04:46 . 2012-06-14 12:53 95344 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2012-05-09 18:49 . 2012-05-09 18:49 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 87408 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 93024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 35688 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 11120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 17784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 58240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 44920 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 37240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 64352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 51032 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 50552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 81784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 81800 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 39784 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 68952 c:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 12128 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 97680 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 17240 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 94552 c:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 91488 c:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 78168 c:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 81248 c:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-06-05 07:02 . 2012-06-05 19:51 34144 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe
+ 2012-06-05 07:02 . 2012-06-14 16:39 34144 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe
+ 2012-06-05 07:02 . 2012-06-14 16:39 42848 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe
- 2012-06-05 07:02 . 2012-06-05 19:51 42848 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe
- 2012-06-05 07:02 . 2012-06-05 19:51 19296 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe
+ 2012-06-05 07:02 . 2012-06-14 16:39 19296 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe
+ 2012-06-17 16:30 . 2012-06-17 16:30 53760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DynamicD#\11c324b9616d95c2685716fbae9324ab\System.Web.DynamicData.Design.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 46592 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\be0023b0814db0cd39b177e21632f8e9\System.Web.DynamicData.Design.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\eef76dd965ea0a8ae5fb0c734d84389c\System.Web.DynamicData.Design.ni.dll
+ 2012-06-17 16:25 . 2012-06-17 16:25 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\WiaProxy32\5615759c960578516fd6fa5b76741d18\WiaProxy32.ni.exe
+ 2012-06-17 16:26 . 2012-06-17 16:26 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\2b97ccae44726f13c418f1406180c3e8\System.Web.DynamicData.Design.ni.dll
+ 2012-04-11 23:36 . 2010-11-13 00:08 24576 c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Drawing.Resources.dll
- 2012-04-11 23:36 . 2010-11-12 23:26 24576 c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Drawing.Resources.dll
- 2012-03-14 08:51 . 2012-01-25 06:33 9216 c:\windows\system32\rdrmemptylst.exe
+ 2012-06-13 07:57 . 2012-04-26 05:34 9216 c:\windows\system32\rdrmemptylst.exe
- 2012-06-14 13:04 . 2012-06-14 13:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-19 15:51 . 2012-06-19 15:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-14 13:04 . 2012-06-14 13:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-06-19 15:51 . 2012-06-19 15:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-06-17 16:38 . 2012-06-17 16:38 686280 c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_Plugin.exe
+ 2012-04-08 00:14 . 2012-06-17 16:38 257224 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2012-06-13 07:57 . 2012-04-24 04:36 140288 c:\windows\SysWOW64\cryptsvc.dll
+ 2012-06-13 07:57 . 2012-04-24 04:36 103936 c:\windows\SysWOW64\cryptnet.dll
+ 2011-12-15 08:51 . 2012-06-16 19:19 280418 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2012-06-13 07:57 . 2012-04-26 05:41 149504 c:\windows\system32\rdpcorekmts.dll
- 2012-03-14 08:51 . 2012-01-25 06:38 149504 c:\windows\system32\rdpcorekmts.dll
+ 2012-06-13 07:57 . 2012-05-01 05:40 209920 c:\windows\system32\profsvc.dll
- 2010-11-21 03:24 . 2010-11-21 03:24 209920 c:\windows\system32\profsvc.dll
+ 2009-07-14 02:36 . 2012-06-14 16:38 651938 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-06-06 12:20 651938 c:\windows\system32\perfh009.dat
- 2010-11-21 06:50 . 2012-06-06 12:20 696620 c:\windows\system32\perfh007.dat
+ 2010-11-21 06:50 . 2012-06-14 16:38 696620 c:\windows\system32\perfh007.dat
+ 2009-07-14 02:36 . 2012-06-14 16:38 120870 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-06-06 12:20 120870 c:\windows\system32\perfc009.dat
- 2010-11-21 06:50 . 2012-06-06 12:20 147916 c:\windows\system32\perfc007.dat
+ 2010-11-21 06:50 . 2012-06-14 16:38 147916 c:\windows\system32\perfc007.dat
+ 2012-06-17 16:38 . 2012-06-17 16:38 417480 c:\windows\system32\Macromed\Flash\FlashUtil64_11_3_300_257_Plugin.exe
+ 2009-07-14 04:45 . 2012-06-14 17:06 487248 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 04:45 . 2012-06-05 15:05 487248 c:\windows\system32\FNTCACHE.DAT
- 2012-03-14 08:51 . 2012-02-17 04:58 210944 c:\windows\system32\drivers\rdpwd.sys
+ 2012-06-13 07:57 . 2012-04-28 03:55 210944 c:\windows\system32\drivers\rdpwd.sys
+ 2012-06-13 07:57 . 2012-04-24 05:37 184320 c:\windows\system32\cryptsvc.dll
+ 2012-06-13 07:57 . 2012-04-24 05:37 140288 c:\windows\system32\cryptnet.dll
- 2012-04-11 02:08 . 2012-06-13 19:17 533912 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2012-04-11 02:08 . 2012-06-19 15:51 533912 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-07-14 05:01 . 2012-06-19 15:51 471896 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-06-14 13:03 471896 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-04-21 09:03 . 2012-04-21 09:03 616024 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.dll
+ 2012-06-13 07:57 . 2012-04-23 22:33 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll
- 2012-04-11 23:36 . 2012-01-26 23:31 630784 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll
+ 2012-04-21 09:03 . 2012-04-21 09:03 616024 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll
- 2012-04-11 23:36 . 2012-01-26 23:33 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2012-06-13 07:57 . 2012-04-23 22:35 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 350592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 163168 c:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 138592 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 699224 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 857960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 675672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 113512 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 129912 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 390008 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 505208 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 261472 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 122264 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 291184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 349568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 236880 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 253280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 378720 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 134528 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 123736 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 392552 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 125816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 120152 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 616024 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 395120 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 182144 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 285072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 829280 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 747360 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 436600 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 683872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 409448 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 210816 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 156440 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 122248 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 525704 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 112976 c:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 581464 c:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 832856 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 194424 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 478576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 167288 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 232304 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 661352 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 349576 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 387960 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 746336 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 505184 c:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 288616 c:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 335712 c:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 125440 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 237424 c:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 187776 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 269672 c:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 334688 c:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 109568 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 246128 c:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 170368 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
- 2012-03-12 15:59 . 2012-03-12 15:59 371272 c:\windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe
+ 2012-06-15 17:41 . 2012-06-15 17:41 371272 c:\windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe
- 2012-06-05 07:02 . 2012-06-05 19:51 415584 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pubs.exe
+ 2012-06-05 07:02 . 2012-06-14 16:39 415584 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pubs.exe
- 2012-06-05 07:02 . 2012-06-05 19:51 303456 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
+ 2012-06-05 07:02 . 2012-06-14 16:39 303456 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
+ 2012-06-05 07:02 . 2012-06-14 16:39 571232 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe
- 2012-06-05 07:02 . 2012-06-05 19:51 571232 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe
- 2012-06-05 07:02 . 2012-06-05 19:51 326496 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe
+ 2012-06-05 07:02 . 2012-06-14 16:39 326496 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe
+ 2012-05-09 18:48 . 2012-05-09 18:48 269672 c:\windows\assembly\temp\YOJZT4HQZI\System.Transactions.dll
+ 2012-05-09 18:48 . 2012-05-09 18:48 109568 c:\windows\assembly\temp\IEP99USI4R\System.EnterpriseServices.Wrapper.dll
+ 2012-06-17 16:31 . 2012-06-17 16:31 337408 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\08becdcc9bd647c4e4d07ceea7fe4895\WindowsFormsIntegration.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 244736 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\99cb318f961215576faaa1545dda4f49\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 451072 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Entity\319e75d7f46269746bf9b0e90bb6bd72\System.Web.Entity.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 367104 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Entity.D#\36a0e6286d72d98d39588687815731bb\System.Web.Entity.Design.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 973824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DynamicD#\4167c5a7841a7d28d41c1c3729b3924c\System.Web.DynamicData.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 331776 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DataVisu#\3e3b88c0768491811650ffae55afb0cb\System.Web.DataVisualization.Design.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 281088 c:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\ca5505a49a075ee7ad2535f89d9ea992\System.ServiceProcess.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 781824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\0d8257087be3e57b071d1d5ccd705c2f\System.Messaging.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 292352 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing.Desi#\b296ac056fd009b084b03fdfc9559b92\System.Drawing.Design.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 181760 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\52792a7ce63196551c29f5201562c1ae\System.Configuration.Install.ni.dll
+ 2012-06-17 16:29 . 2012-06-17 16:29 232960 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\db2b738efe91eed6c4413faf44707248\Microsoft.VisualStudio.Tools.Office.ContainerControl.ni.dll
+ 2012-06-17 16:29 . 2012-06-17 16:29 247808 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\b3b3284d16359533332c3424e1330c5c\Microsoft.VisualStudio.Tools.Office.Runtime.Internal.ni.dll
+ 2012-06-17 16:29 . 2012-06-17 16:29 864768 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\13f2ca7a3f3c6cf653896f76a7b167b6\Microsoft.VisualStudio.Tools.Office.Runtime.ni.dll
+ 2012-06-17 16:29 . 2012-06-17 16:29 422912 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\097137b03ff37196b4b8ba62db34d64a\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 432128 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\f669d7c64bbabbc41a4dc0221b5e8fb9\Microsoft.Office.Tools.Common.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 199680 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\90d90e963577dcdcf1474cb98bd76781\Microsoft.Office.Tools.Outlook.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 993280 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\644f5d4e386c5f2d2602e7348cc8a4a5\Microsoft.Office.Tools.Excel.ni.dll
+ 2012-06-17 16:29 . 2012-06-17 16:29 408576 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\2ee96094ed4baf5bb46c395630e07df1\Microsoft.Office.Tools.Outlook.Implementation.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 253952 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\44752ffa92ebb7170951a41898d8b9c6\WindowsFormsIntegration.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 194560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\122b5ef2b93132bd770c2c5d753d73ee\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 865280 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\c85b43405ac9aa403a714af716ef3c5e\System.Web.Extensions.Design.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 335360 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity\a0abe24dff94a2fb2c27c631a45aa95f\System.Web.Entity.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 297984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity.D#\951b0d1b999b49a47fb06f4011565ffa\System.Web.Entity.Design.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 712192 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\ae2121b64d021313d3c1ddd621e4d472\System.Web.DynamicData.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 260608 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\15e5acbd2196d1d4bde8466ff690aa76\System.Web.DataVisualization.Design.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\a730931e386537e3c229e049c9a6d271\System.Messaging.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 226304 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing.Desi#\0640b7fe359ea63a1799465631aa691a\System.Drawing.Design.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\c7d60a49e43964b1ae17e9a080376c6d\System.Configuration.Install.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 708608 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\f120c1f17850a7b8d105f22907a09dd0\Microsoft.VisualStudio.Tools.Office.Runtime.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 177152 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\740410269afdf2276525e1dfd870fee8\Microsoft.VisualStudio.Tools.Office.ContainerControl.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 210432 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\39817a23777554d968852971b91a4f78\Microsoft.VisualStudio.Tools.Office.Runtime.Internal.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 303104 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\8cc4dd9babffe370cf375925fba15f84\Microsoft.VisualBasic.Compatibility.Data.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 864768 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\ec9a55a16c6613554d1a7409811b7a2c\Microsoft.Office.Tools.Common.Implementation.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 336384 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\54ab02cb617ed9070723032361c72de6\Microsoft.Office.Tools.Common.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 152064 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\42a5e49641bff019e55a8228560fc541\Microsoft.Office.Tools.Outlook.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 312320 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\386e988bfb077fd6e494fd1b4f9e3da8\Microsoft.Office.Tools.Outlook.Implementation.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 730624 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\282f3b9bd8dc8a67787e210a9b0e78e3\Microsoft.Office.Tools.Excel.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 676864 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\14ae412fbc10916dda33ce1616a63cf1\Microsoft.Office.Tools.Word.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 852480 c:\windows\assembly\NativeImages_v4.0.30319_32\AspNetMMCExt\b02ad189fc3de84d6361f0bf0cfafbf5\AspNetMMCExt.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\f4d304fcbfda323997083a1f88b83719\WindowsFormsIntegration.ni.dll
+ 2012-06-17 16:18 . 2012-06-17 16:18 548864 c:\windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3449.tmp\mcplayerinterop.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\681410f842337dccc72eb059738c3ced\TaskScheduler.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\72b4992e45d232251a273a59eb3333d5\System.Web.Routing.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\b905eb57b631a30c60caa4d68c186963\System.Web.Entity.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\e412dfbf1aa49bbe345a02a4d23104f5\System.Web.Entity.Design.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\815769f953ebe3f84439d522c97317b8\System.Web.DynamicData.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\c8144ee08dccdac183527e53c86aa901\System.Web.Abstractions.ni.dll
+ 2012-06-14 17:10 . 2012-06-14 17:10 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f71d2f65d0f149c75ac7a569dbcc8500\System.ServiceProcess.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\d5d612f7d372f500e3062e3814e79d75\System.Messaging.ni.dll
+ 2012-06-14 17:10 . 2012-06-14 17:10 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\fbc02e9f5a14bb93082ebc88bc577413\System.Drawing.Design.ni.dll
+ 2012-06-14 17:10 . 2012-06-14 17:10 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\a88ca70ab9641b8236149bc5dd8d1564\System.Configuration.Install.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 241152 c:\windows\assembly\NativeImages_v2.0.50727_64\PaintDotNet.SystemL#\07301119c90dbc27715812e9d2afc039\PaintDotNet.SystemLayer.Native.x64.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 417280 c:\windows\assembly\NativeImages_v2.0.50727_64\PaintDotNet.Resourc#\4ef768367e6aae0e4666329d21eabe4f\PaintDotNet.Resources.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 781824 c:\windows\assembly\NativeImages_v2.0.50727_64\PaintDotNet.Data\4805d0ea3e621297b48d498aed2846e4\PaintDotNet.Data.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\2f1bad2fb963482a02443d5e7fece2b6\napsnap.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\bb4947f0ecc925a7bcfd129b6eec8f9b\napinit.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\67240ddde494b9cc05cd732ccd099668\MMCFxCommon.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 305664 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\fda2f68162063c54d2e669e85de7dfb1\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 226304 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\d1ffef140ded6229eb2681594a992395\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 225280 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\cf9c858a00058974b41c67bbd68e45c4\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 773120 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\3adbee43498cd363d94881c0a329d519\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 215040 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\1246477c5df0cb5da9e06cf1ef7c4f44\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 311296 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\0bbf0efc8d3c0d4a2829c1a604e6abf4\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 244224 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\c28d0d3c7d9214d676526f0f3b5eb305\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\795e07cc078bee3396f1d946f734c871\Microsoft.Office.Tools.v9.0.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\e29cbd30a31d3c8dae19eb17f70c4ec4\Microsoft.MediaCenter.iTv.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\409dae089f2e041343cff71f822cd505\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\803188573fb19785a94284e097c48a67\Microsoft.ManagementConsole.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\4ae6ccc32dafb4e3765b9db05585bd48\mcplayerinterop.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\b0db345fd62a84c98fd8b0bf3c72e8bb\mcGlidHostObj.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\bc5df15ee827e248dd6f819874a85718\EventViewer.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\08c9aa18b306aa47ddc0ae4a63b05d04\ehExtHost.ni.exe
+ 2012-06-17 16:26 . 2012-06-17 16:26 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\f2f8201dd3453250dfd9ed1afce630a0\WindowsFormsIntegration.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\f3e052584df9c614407da662dd3c3df3\TaskScheduler.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\06e4119a0a3484bb0ca667a16145ce74\System.Web.Routing.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\4f13c2c06fb97f6659473f02802b377b\System.Web.Extensions.Design.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\bc239944bca7cc6b6ddb473259183c7d\System.Web.Entity.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\3701488fb9e601ebe963db25b784d684\System.Web.Entity.Design.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\a09cc9877f51f16a4610b702155e8b70\System.Web.DynamicData.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c6aad1edcc51862ceb26b6b65dad1490\System.Web.Abstractions.ni.dll
+ 2012-06-14 17:11 . 2012-06-14 17:11 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
+ 2012-06-17 16:25 . 2012-06-17 16:25 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\2b4d6976393bf5643a4ef2d8dffdf75b\System.Messaging.ni.dll
+ 2012-06-14 17:11 . 2012-06-14 17:11 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\912a0776c2bfd35ff76bd0b8ba977ed4\System.Drawing.Design.ni.dll
+ 2012-06-14 17:11 . 2012-06-14 17:11 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\498d2033c60fe5b777cf923b71b25972\System.Configuration.Install.ni.dll
+ 2012-06-17 16:25 . 2012-06-17 16:25 902144 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.SystemL#\980500a470e202c8ea3eac01fead7f41\PaintDotNet.SystemLayer.ni.dll
+ 2012-06-17 16:25 . 2012-06-17 16:25 863232 c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Base\21f801fd98a54a0bc33f4d8510b0986c\PaintDotNet.Base.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\acfafa161ea232928cb02b01c50acf1c\napsnap.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\0abec246c5ca6ec4858bfd3ab84da0ec\napinit.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\1e03b7c2539c5376f0665a4aba04efbd\MMCFxCommon.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 617472 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\e439c12c9e047a5252fc0870a0edad57\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
+ 2012-06-17 16:25 . 2012-06-17 16:25 215040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\d7f1a24f4ab28ff9859120d65b72d688\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
+ 2012-06-17 16:25 . 2012-06-17 16:25 196608 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9b87d0a9668f934f1589792a6e4a07ae\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\787f2a870ba9d0895455ccd8578f1a20\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 145920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\54aa66ae5ce18ece1133102c5de4a105\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
+ 2012-06-17 16:25 . 2012-06-17 16:25 134144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\1e4f25c361064c9bddc86a0f0da2b561\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\e1a8a0ddc283db83528f343abaa74ac5\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 854528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\b70bc4c745dd9a2e5e90e46bcedfe1dc\Microsoft.Office.Tools.Word.v9.0.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 816128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\78dd5caf7a28d0b1b122483818205cf0\Microsoft.Office.Tools.Common.v9.0.ni.dll
+ 2012-06-17 16:25 . 2012-06-17 16:25 152064 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\51ad304ce7ae5aa72a6afdbce7661195\Microsoft.Office.Tools.v9.0.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\622b582866fca37f113bd97ae4c6d1f6\Microsoft.ManagementConsole.ni.dll
+ 2012-06-17 16:25 . 2012-06-17 16:25 475136 c:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\09557e6c5a83a1cb68c7c50a841c8064\IAStorUtil.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\02577b78c6ed2f9bda301de888dccad8\EventViewer.ni.dll
+ 2012-06-17 16:25 . 2012-06-17 16:25 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\a6b8eb80cfbdd927b2fa4ecb69fc0209\ehExtHost32.ni.exe
- 2012-04-11 23:36 . 2012-01-26 23:33 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-06-13 07:57 . 2012-04-23 22:35 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-06-13 07:57 . 2010-11-12 23:26 544768 c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Design.Resources.dll
- 2010-11-21 06:49 . 2010-11-21 06:49 544768 c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Design.Resources.dll
- 2012-05-09 18:39 . 2012-03-31 04:39 3913072 c:\windows\SysWOW64\ntoskrnl.exe
+ 2012-06-13 07:57 . 2012-05-04 10:03 3913072 c:\windows\SysWOW64\ntoskrnl.exe
- 2012-05-09 18:39 . 2012-03-31 04:39 3968368 c:\windows\SysWOW64\ntkrnlpa.exe
+ 2012-06-13 07:57 . 2012-05-04 10:03 3968368 c:\windows\SysWOW64\ntkrnlpa.exe
+ 2012-06-13 07:57 . 2012-04-07 11:26 2342400 c:\windows\SysWOW64\msi.dll
+ 2012-06-17 16:38 . 2012-06-17 16:38 9459912 c:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
+ 2012-06-17 16:38 . 2012-06-17 16:38 1535176 c:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
+ 2012-06-13 07:57 . 2012-04-24 04:36 1158656 c:\windows\SysWOW64\crypt32.dll
+ 2012-06-13 07:57 . 2012-05-15 01:32 3146752 c:\windows\system32\win32k.sys
- 2012-05-09 18:39 . 2012-03-31 06:05 5559664 c:\windows\system32\ntoskrnl.exe
+ 2012-06-13 07:57 . 2012-05-04 11:06 5559664 c:\windows\system32\ntoskrnl.exe
+ 2012-06-13 07:57 . 2012-04-07 12:31 3216384 c:\windows\system32\msi.dll
+ 2012-06-13 07:57 . 2012-04-24 05:37 1462272 c:\windows\system32\crypt32.dll
+ 2009-07-14 04:45 . 2012-06-14 17:10 7187735 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2012-06-14 11:54 7187735 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2012-03-15 11:17 . 2012-03-15 11:17 5029672 c:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.dll
- 2012-05-09 18:39 . 2012-01-04 03:34 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll
+ 2012-06-13 07:57 . 2012-03-21 22:30 5025792 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Windows.Forms.dll
- 2010-11-21 03:23 . 2010-11-21 03:23 4927488 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll
+ 2012-06-13 07:57 . 2012-03-21 22:30 4927488 c:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll
+ 2012-03-15 11:17 . 2012-03-15 11:17 5029672 c:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll
- 2012-05-09 18:39 . 2012-01-04 02:51 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2012-06-13 07:57 . 2012-03-21 22:32 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
- 2010-11-21 03:24 . 2010-11-21 03:24 4927488 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2012-06-13 07:57 . 2012-03-21 22:32 4927488 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 1369872 c:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 3512072 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 2207568 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 5029672 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 1711496 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 6097256 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 1026936 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 4464480 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 1354584 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 1199968 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 1462648 c:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 6429992 c:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 3116376 c:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 3825952 c:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 4970768 c:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-05-09 18:49 . 2012-05-09 18:49 3563408 c:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 2975064 c:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 3790112 c:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 5201168 c:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-06-14 16:38 . 2012-06-14 16:38 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
- 2012-05-09 18:48 . 2012-05-09 18:48 2989456 c:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
+ 2012-05-17 00:58 . 2012-05-17 00:58 3462144 c:\windows\Installer\b89adf.msp
+ 2012-04-22 20:46 . 2012-04-22 20:46 1187328 c:\windows\Installer\b89acb.msp
+ 2012-03-15 12:26 . 2012-03-15 12:26 4212736 c:\windows\Installer\b89ac3.msp
- 2012-06-05 07:02 . 2012-06-05 19:51 1479520 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
+ 2012-06-05 07:02 . 2012-06-14 16:39 1479520 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
+ 2012-06-05 07:02 . 2012-06-14 16:39 1858400 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
- 2012-06-05 07:02 . 2012-06-05 19:51 1858400 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
- 2012-06-05 07:02 . 2012-06-05 19:51 4525408 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\promoicon.exe
+ 2012-06-05 07:02 . 2012-06-14 16:39 4525408 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\promoicon.exe
+ 2012-06-05 07:02 . 2012-06-14 16:39 3792736 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe
- 2012-06-05 07:02 . 2012-06-05 19:51 3792736 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe
+ 2012-06-05 07:02 . 2012-06-14 16:39 1449312 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\accicons.exe
- 2012-06-05 07:02 . 2012-06-05 19:51 1449312 c:\windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\accicons.exe
+ 2012-05-09 18:48 . 2012-05-09 18:48 2975064 c:\windows\assembly\temp\9ZRAMK16TM\System.Data.dll
+ 2012-05-09 18:48 . 2012-05-09 18:48 3116376 c:\windows\assembly\temp\1SKK5ZOF3Q\System.Data.dll
+ 2012-06-17 16:29 . 2012-06-17 16:29 5237248 c:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\e286701acf74012d3aa4a21953f03b6b\WindowsBase.ni.dll
+ 2012-06-17 16:31 . 2012-06-17 16:31 1602560 c:\windows\assembly\NativeImages_v4.0.30319_64\System.WorkflowServ#\fb9bda76fdb95462be5964d24b3a3694\System.WorkflowServices.ni.dll
+ 2012-06-17 16:31 . 2012-06-17 16:31 5922304 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Workflow.Com#\7e21b535d75b72744702755d91df3e04\System.Workflow.ComponentModel.ni.dll
+ 2012-06-17 16:31 . 2012-06-17 16:31 3744768 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Workflow.Act#\788eeff916be29e97c39ceed908b36c1\System.Workflow.Activities.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 5645824 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\950f64ba9fb22ca06c5b2b9cf6f5f4b4\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 2964992 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Mobile\1991b901c67dc756a410b4352a0b82d5\System.Web.Mobile.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 1101312 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Extensio#\a08563ecdd9d8c25776f7697b82441b8\System.Web.Extensions.Design.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 3805184 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.Extensio#\4e3d591d1ffa8ce8d8659f6b096a968e\System.Web.Extensions.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 5618688 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web.DataVisu#\1d5dfd6fd8c797913853b3bb7b58e340\System.Web.DataVisualization.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 1467392 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\d2de16284459454472a6875185c64d08\System.Printing.ni.dll
+ 2012-06-17 16:29 . 2012-06-17 16:29 2305024 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\1225ef41527a975de83f22328d0a3b93\System.Drawing.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 2403328 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\ad9ff5d55f7ea22e80c39e0ff0240984\System.Deployment.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 5048832 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\707f90689caf41ad429bf3ad373503cb\System.Activities.Presentation.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 4233216 c:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\16c9569b75a9f47c38b60ba733936e1a\ReachFramework.ni.dll
+ 2012-06-17 16:29 . 2012-06-17 16:29 2056704 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\9c3d6b3ddef66cac069b6ab1fec514f8\PresentationUI.ni.dll
+ 2012-06-17 16:29 . 2012-06-17 16:29 2317312 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\70e2694fe050bd480b9f61f935ca2da5\Microsoft.VisualBasic.ni.dll
+ 2012-06-17 16:29 . 2012-06-17 16:29 1829888 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\06b302bc4d53d2abace0e35c7c6ac340\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 2035200 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\c5886f181a9ef4bfb7303a40f8fd79e7\Microsoft.Office.Tools.Excel.Implementation.ni.dll
+ 2012-06-17 16:29 . 2012-06-17 16:29 1070080 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\8da91be67f85f2d15c39ff4857bf123e\Microsoft.Office.Tools.Word.ni.dll
+ 2012-06-17 16:29 . 2012-06-17 16:29 1470464 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\5ea66dced4abc72f13ccf343c2430a92\Microsoft.Office.Tools.Word.Implementation.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 1118208 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\59691253f9dc08a60936eec9e2e57f2f\Microsoft.Office.Tools.Common.Implementation.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 3821056 c:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Build.Tas#\9857693ea27b34f5c8d00356eddefb9b\Microsoft.Build.Tasks.v4.0.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 1007104 c:\windows\assembly\NativeImages_v4.0.30319_64\AspNetMMCExt\582c7d14b9ce7ac950f2a432a0809270\AspNetMMCExt.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 3858432 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 1226752 c:\windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\6831f648f5b925f1194f691b0b491662\System.WorkflowServices.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 4476416 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Com#\a1705962a6725e5f40066496222d67e7\System.Workflow.ComponentModel.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 2872320 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Act#\ec819e8a7e4585ffc87ae93d3b0662d8\System.Workflow.Activities.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 4587008 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\7f0476e4df01ca2219f7db531408e91c\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 2334720 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Mobile\98709826ecf4cc93d6b85c8fe2c009b7\System.Web.Mobile.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 3127296 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\27b66f127250f2ba37f9bf1d519c6039\System.Web.Extensions.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 4575232 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\794ebda123b04ccc874a5624bdced900\System.Web.DataVisualization.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 1060864 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\f87f8bc0bc9563096150f23f6c220e7b\System.Printing.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 1666048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 1880064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\e899cda47704280f54949c69b78c55cc\System.Deployment.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 3757568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\36299fad6b7b591cfb6bd9e50dbd33df\System.Activities.Presentation.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 2906624 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\442af6f7c8b447bdec3ad8d23da89c5a\ReachFramework.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 1641984 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\cf455da9b8fedf66767c1a7ab3eea9c9\PresentationUI.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 1139200 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\41acde5834988268e2cdbed499715066\Microsoft.VisualBasic.Compatibility.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 1838080 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\09c2f8f606e09d85cfe6e0ad89fbe729\Microsoft.VisualBasic.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 1551872 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\7cfb808ac13b9432c5b771d64ff37f8d\Microsoft.Office.Tools.Excel.Implementation.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 1117696 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\061c7b119b70d6b4dcd2067dffa86976\Microsoft.Office.Tools.Word.Implementation.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 2877440 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build.Tas#\545d26502454316492990b42b093e673\Microsoft.Build.Tasks.v4.0.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\70cc5e8a5a3372fe0b104c1b20392cd2\System.WorkflowServices.ni.dll
+ 2012-06-14 17:11 . 2012-06-14 17:11 2711040 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\aa638ba79250284eb4af4adaa4a4117b\System.Workflow.Runtime.ni.dll
+ 2012-06-14 17:11 . 2012-06-14 17:11 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\996dc2af3b9e5c111130935f298908c6\System.Workflow.ComponentModel.ni.dll
+ 2012-06-14 17:11 . 2012-06-14 17:11 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\178797db84abae2eeaed835bd28ca52c\System.Workflow.Activities.ni.dll
+ 2012-06-14 17:10 . 2012-06-14 17:10 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\a32734087cd0db5607d5744ca63235d7\System.Web.Services.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\af7689e8cbec5d2755497be23c30e293\System.Web.Mobile.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 3044352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\768ea257d75839979b4efb2d49d653f6\System.Web.Extensions.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\2c47bc5d426a7cf9ffef1425eda08184\System.Web.Extensions.Design.ni.dll
+ 2012-06-14 16:35 . 2012-06-14 16:35 1463808 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\b964519964d302b4977e1380d8d15f1a\System.Printing.ni.dll
+ 2012-06-14 16:33 . 2012-06-14 16:33 2318848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll
+ 2012-06-14 17:07 . 2012-06-14 17:07 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\6e4e9b07f376d445df1718c0011fa99b\System.Deployment.ni.dll
+ 2012-06-14 16:35 . 2012-06-14 16:35 3116032 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\1f88a3693c8ddd527a130aff49dc58b3\ReachFramework.ni.dll
+ 2012-06-14 17:10 . 2012-06-14 17:10 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\b91c32fab08ba62d8c7681cc596895be\PresentationUI.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 4402688 c:\windows\assembly\NativeImages_v2.0.50727_64\PaintDotNet\a4ddd54d44e4134c0d2169e94c037271\PaintDotNet.ni.exe
+ 2012-06-17 16:17 . 2012-06-17 16:17 1327616 c:\windows\assembly\NativeImages_v2.0.50727_64\PaintDotNet.SystemL#\b8f5e6e7790ee08e491b48681b2a4982\PaintDotNet.SystemLayer.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 1070080 c:\windows\assembly\NativeImages_v2.0.50727_64\PaintDotNet.Effects\06b0865033d9933fc2efba8d0afb3a4b\PaintDotNet.Effects.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 2722816 c:\windows\assembly\NativeImages_v2.0.50727_64\PaintDotNet.Core\dd1a868664b7a83305d3654ef3305805\PaintDotNet.Core.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 1171968 c:\windows\assembly\NativeImages_v2.0.50727_64\PaintDotNet.Base\c5a848fa54da67757273ce5f871bbe7d\PaintDotNet.Base.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\ac1ba76ed19d668ce53a74593f040453\Narrator.ni.exe
+ 2012-06-17 16:28 . 2012-06-17 16:28 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\df2557ab1b8e4389d846e13dc82eba57\MMCEx.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 8167424 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\affae5dd374933d9aa35db11a2e95775\MIGUIControls.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\61812970c4743b686a67f28687e1dcb6\MIGUIControls.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\1586ee919f86130df9771cf9b8d95d3a\Microsoft.VisualBasic.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\ca7e936eed0de2436d87b2601ee3a20a\Microsoft.PowerShell.Editor.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6caa366471176a065a96d77e8ba01eeb\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\3040e2de07177c0a6a66a49de61fdc59\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 1186304 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\91391297ea9428993774313f05e98dd2\Microsoft.Office.Tools.Word.v9.0.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 1875456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\6ecfa88a42ba7c5c3a4580cd479d0d21\Microsoft.Office.Tools.Excel.v9.0.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 1093632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\0929a1a8f19d58cca0ff9bf5f9086dc1\Microsoft.Office.Tools.Common.v9.0.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b2afc0af3d89ae00e973b4e6e9db382c\Microsoft.MediaCenter.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\73bfbdccdc1b0ae87f70a0ec594fee3c\Microsoft.MediaCenter.Bml.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\653e1ee01f10d658d52ca42e17e74283\Microsoft.MediaCenter.UI.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\dac69844e6333484159a4cf544190906\Microsoft.Ink.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\4b362e9e25c33e371f06403edec8849a\Microsoft.Build.Tasks.ni.dll
+ 2012-06-17 16:28 . 2012-06-17 16:28 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\33730d136a34d2f4e56a0322f49ee9b6\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\cc4844e7242c1e35d145bf2439f944c5\mcstore.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\e3e5aa45736b95804bf6bb7eca08a57b\System.WorkflowServices.ni.dll
+ 2012-06-14 17:11 . 2012-06-14 17:11 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\88bfc62ac0195a8ae673c444a3339505\System.Workflow.Runtime.ni.dll
+ 2012-06-14 17:11 . 2012-06-14 17:11 4516352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\cfb739be21092d5b8f7b4fde529e6aaa\System.Workflow.ComponentModel.ni.dll
+ 2012-06-14 17:11 . 2012-06-14 17:11 2994688 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\a815fffab98375c1919df68b5b292725\System.Workflow.Activities.ni.dll
+ 2012-06-14 17:11 . 2012-06-14 17:11 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\761fd1afc17f11bf6d49c3a7d16465ca\System.Web.Services.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4a90802e36dee6e10d9bf54832cbf549\System.Web.Mobile.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 2404352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c45efc7ec92c1da8e67eb597559ec39c\System.Web.Extensions.ni.dll
+ 2012-06-14 16:36 . 2012-06-14 16:36 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\991dbe40be5b114ed705bb5b48e6b330\System.Printing.ni.dll
+ 2012-06-14 16:36 . 2012-06-14 16:36 1591808 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
+ 2012-06-14 17:11 . 2012-06-14 17:11 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3421b96c2885b8e4137a376ff3d95fa5\System.Deployment.ni.dll
+ 2012-06-14 16:36 . 2012-06-14 16:36 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\87f73de6e080d37be93adfc7d5c31d7a\ReachFramework.ni.dll
+ 2012-06-14 17:11 . 2012-06-14 17:11 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\163517c8a195fb48f7ef6ee17c585bdb\PresentationUI.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\17add09c98fa34255142d42697db53df\Narrator.ni.exe
+ 2012-06-17 16:26 . 2012-06-17 16:26 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\21abde8efab609732b2ade3f05234e79\MMCEx.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\0e7da0df83f0619e3b0e0a7d7ee05fa3\MIGUIControls.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\99ae5f32cd1dc3618659bc3c77f2b2a9\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\77b5496d214dd5034294b058c0bb0e8d\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\72765e5fab12761eb6d3f58180fa34d7\Microsoft.PowerShell.Editor.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 1354752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\63513a219edd166209b039f0681f1d59\Microsoft.Office.Tools.Excel.v9.0.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 3238400 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.Bu#\2db98cd03e8f4be6c6b33bee3bdbfc30\Microsoft.Office.BusinessData.ni.dll
+ 2012-06-17 16:25 . 2012-06-17 16:25 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\8ce1d10f94b40f054017865757552f2d\Microsoft.MediaCenter.UI.ni.dll
+ 2012-06-17 16:25 . 2012-06-17 16:25 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\7fab1ec8f5ed6a55a8a73b2c590bd7cd\Microsoft.MediaCenter.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\4d381048e3b9c0914c0f72c6aa0a599d\Microsoft.Ink.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\3893fa9a19b52dee8b2cc424840d5d08\Microsoft.Build.Tasks.ni.dll
+ 2012-06-17 16:26 . 2012-06-17 16:26 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\1d2250044b1ecff755e26ed12f6d27cb\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-06-17 16:25 . 2012-06-17 16:25 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\3a4e56a8d1075cf0af0619c383b3e592\mcstore.ni.dll
+ 2012-06-13 07:57 . 2012-03-21 22:32 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-05-09 18:39 . 2012-01-04 02:51 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-06-13 07:57 . 2012-03-21 22:32 4927488 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2010-11-21 03:24 . 2010-11-21 03:24 4927488 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-07-14 02:34 . 2012-06-13 19:17 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:34 . 2012-06-14 17:05 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2011-12-09 15:54 . 2012-06-14 16:36 58957832 c:\windows\system32\MRT.exe
+ 2012-06-17 16:38 . 2012-06-17 16:38 12310216 c:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll
+ 2011-12-06 14:47 . 2012-06-19 15:51 13684616 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2532466536-4214561068-2911664243-1000-8192.dat
+ 2012-06-15 17:41 . 2012-06-15 17:41 19263488 c:\windows\Installer\8aa50.msi
+ 2012-06-17 16:30 . 2012-06-17 16:30 17355264 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\e883d90a0210bf99ca88f3b4ade53a24\System.Windows.Forms.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 15761920 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Web\be472c4f636fc5b8fc38476dbfe01358\System.Web.ni.dll
+ 2012-06-17 16:30 . 2012-06-17 16:30 13314048 c:\windows\assembly\NativeImages_v4.0.30319_64\System.Design\2cf901cb93fe6a24b4466094390ec73a\System.Design.ni.dll
+ 2012-06-17 16:29 . 2012-06-17 16:29 24407552 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\a3c3789d54894008501ce5891f1eeb40\PresentationFramework.ni.dll
+ 2012-06-17 16:29 . 2012-06-17 16:29 15908864 c:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\9d69a7a407bbc43a1bcb2da603af5840\PresentationCore.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 13198336 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
+ 2012-06-17 16:27 . 2012-06-17 16:27 12079616 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web\fdb5565e4c807a8cd79de9f40c0cd644\System.Web.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 11021824 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Design\ecde3362b4d67a0025c3c9d5b9525f4a\System.Design.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 18000896 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
+ 2012-06-14 16:39 . 2012-06-14 16:39 11451904 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
+ 2012-06-14 17:09 . 2012-06-14 17:09 17383424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll
+ 2012-06-14 17:10 . 2012-06-14 17:10 15270912 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\95f38e7485bbe2b73b6055c45196fedd\System.Web.ni.dll
+ 2012-06-14 17:10 . 2012-06-14 17:10 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\582144c0ee317038621aebc626187b56\System.Design.ni.dll
+ 2012-06-14 16:35 . 2012-06-14 16:35 19198464 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\47054c4d5b7e522c21a9d57797410302\PresentationFramework.ni.dll
+ 2012-06-14 16:33 . 2012-06-14 16:33 16543232 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\3a9d13514a8c4c710fa5ce8e9b5393fe\PresentationCore.ni.dll
+ 2012-06-17 16:17 . 2012-06-17 16:17 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\0c1f96a4136efe532bbb8eb91d3de300\ehshell.ni.dll
+ 2012-06-14 17:11 . 2012-06-14 17:11 12436480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
+ 2012-06-14 17:11 . 2012-06-14 17:11 11833344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
+ 2012-06-14 17:11 . 2012-06-14 17:11 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7c144f89b1f8f292d6940a1b2f8ffbec\System.Design.ni.dll
+ 2012-06-14 16:36 . 2012-06-14 16:36 14340608 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
+ 2012-06-14 16:36 . 2012-06-14 16:36 12237824 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
.
-- Snapshot auf jetziges Datum zurückgesetzt --
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-06-05 17344176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2009-12-01 963584]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-04-04 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-10 348624]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 1987976]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"Logitech G35"="c:\program files (x86)\Logitech\G35\G35.exe" [2010-10-05 1811800]
.
c:\users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AWMouseCI.lnk - c:\program files\Alienware\Alienware TactX Mouse CI\AWMouseCI.exe [2009-6-25 831488]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe [2011-05-02 15296]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-17 257224]
R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys [x]
R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 REN2CAP_DRIVER;Hear;c:\windows\system32\drivers\ren2cap.sys [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);c:\windows\system32\DRIVERS\RtVLAN60.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 acedrv09;acedrv09;c:\windows\system32\drivers\acedrv09.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-10 86224]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-04-05 8704]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [x]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\AlienRespawn\sftservice.EXE [2011-09-22 1692480]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-06-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 16:38]
.
2012-06-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2532466536-4214561068-2911664243-1000Core.job
- c:\users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-06 12:52]
.
2012-06-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2532466536-4214561068-2911664243-1000UA.job
- c:\users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-06 12:52]
.
2012-06-17 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\AlienAutopsy\uaclauncher.exe [2011-03-22 17:20]
.
2012-06-19 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\AlienAutopsy\pcdrcui.exe [2011-03-22 17:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-14 11777128]
"Launch Keyboard CI"="c:\program files\Alienware\Alienware TactX Keyboard CI\txkbci.exe" [2009-05-28 3438088]
"Command Center Controllers"="c:\program files\Alienware\Command Center\AWCCStartupOrchestrator.exe" [2011-05-02 13256]
"RunDLLEntry_THXCfg"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
"RunDLLEntry_EptMon"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-04-22 130576]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.de/
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={89B351E1-A730-11E1-A30B-F04DA2DE2529}
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\pam6zqu0.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Be1532237-9126-492d-826e-8e11e95c7ea2%7D&mid=35a99a1396e147d0bca52104e43accda-b9b8d9fa4e648cf9caba6f3668e5d45d9c3118d4&ds=cv011&v=11.1.0.7&lang=de&pr=sa&d=2012-05-18%2014%3A14%3A06&sap=ku&q=
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109986
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 566fb474000000000000e2d53d94cced
FF - user.js: extensions.BabylonToolbar_i.hardId - 566fb474000000000000e2d53d94cced
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15423
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1712:49
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: extensions.autoDisableScopes - 14
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{6E6E744E-4D20-4CE3-9A7A-26DFFFE22F68}"=hex:51,66,7a,6c,4c,1d,38,12,20,77,7d,
6a,12,03,8d,09,e5,6c,65,9f,fa,bc,6b,7c
"{977AE9CC-AF83-45E8-9E03-E2798216E2D5}"=hex:51,66,7a,6c,4c,1d,38,12,a2,ea,69,
93,b1,e1,86,00,e1,15,a1,39,87,48,a6,c1
"{0FB6A909-6086-458F-BD92-1F8EE10042A0}"=hex:51,66,7a,6c,4c,1d,38,12,67,aa,a5,
0b,b4,2e,e1,00,c2,84,5c,ce,e4,5e,06,b4
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,
57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b
"{58124A0B-DC32-4180-9BFF-E0E21AE34026}"=hex:51,66,7a,6c,4c,1d,38,12,65,49,01,
5c,00,92,ee,04,e4,e9,a3,a2,1f,bd,04,32
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}"=hex:51,66,7a,6c,4c,1d,38,12,85,b5,89,
a4,87,7f,22,00,e8,fa,d8,69,48,cc,aa,3e
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:05,3f,53,5f,ef,34,cd,01
.
[HKEY_USERS\S-1-5-21-2532466536-4214561068-2911664243-1000\Software\SecuROM\License information*]
"datasecu"=hex:7c,83,a9,f7,d6,fd,02,f5,f1,97,27,47,fd,bb,17,40,ba,08,e8,74,e4,
9b,13,a8,a3,a8,f9,3a,14,21,f3,b7,a1,dd,82,f9,f4,10,98,87,0b,09,66,7b,10,bb,\
"rkeysecu"=hex:6a,47,c6,ba,76,a4,66,f1,cc,f3,c9,13,c3,3a,af,72
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\AlienRespawn\TOASTER.EXE
c:\program files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-06-19 17:57:26 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-06-19 15:57
ComboFix2.txt 2012-06-14 13:09
.
Vor Suchlauf: 15 Verzeichnis(se), 301.294.313.472 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 301.120.626.688 Bytes frei
.
- - End Of File - - 607A27E63A9F1194C8E4931CB5B2357F
und AdwCleaner: # AdwCleaner v1.609 - Logfile created 06/19/2012 at 17:35:34 # Updated 10/06/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Jan - JAN-PC # Running from : C:\Users\Jan\Desktop\adwcleaner.exe # Option [Search] ***** [Services] ***** ***** [Files / Folders] ***** Folder Found : C:\Users\Jan\AppData\Local\Babylon Folder Found : C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} Folder Found : C:\Users\Jan\AppData\Local\Temp\Iminent Folder Found : C:\Users\Jan\AppData\LocalLow\boost_interprocess Folder Found : C:\Users\Jan\AppData\LocalLow\Toolbar4 Folder Found : C:\Users\Jan\AppData\Roaming\Babylon Folder Found : C:\Users\Jan\AppData\Roaming\Complitly Folder Found : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\pam6zqu0.default\SweetPacksToolbarData Folder Found : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\pam6zqu0.default\extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} Folder Found : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\pam6zqu0.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444} Folder Found : C:\ProgramData\Babylon Folder Found : C:\ProgramData\Tarma Installer File Found : C:\Users\Jan\AppData\Local\Temp\Uninstall.exe File Found : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\pam6zqu0.default\searchplugins\SweetIm.xml File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml ***** [Registry] ***** Key Found : HKCU\Software\Complitly Key Found : HKCU\Software\IGearSettings Key Found : HKCU\Software\IM Key Found : HKCU\Software\Softonic Key Found : HKCU\Software\SweetIm Key Found : HKLM\SOFTWARE\Babylon Key Found : HKLM\SOFTWARE\Iminent Key Found : HKLM\SOFTWARE\SweetIM Key Found : HKLM\SOFTWARE\Classes\b Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1 Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP [x64] Key Found : HKCU\Software\Complitly [x64] Key Found : HKCU\Software\IGearSettings [x64] Key Found : HKCU\Software\IM [x64] Key Found : HKCU\Software\Softonic [x64] Key Found : HKCU\Software\SweetIm [x64] Key Found : HKLM\SOFTWARE\Classes\b [x64] Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 [x64] Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils [x64] Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1 [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL [x64] Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3} [x64] Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1} ***** [Registre - GUID] ***** Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Found : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153} Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Key Found : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Found : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F} Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Key Found : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}] [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} [x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} [x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} [x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} [x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} [x64] Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} [x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] [x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] [x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}] ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={89B351E1-A730-11E1-A30B-F04DA2DE2529} -\\ Mozilla Firefox v10.0.1 (de) Profile name : default File : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\pam6zqu0.default\prefs.js Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Found : user_pref("browser.search.order.1", "Search the web (Babylon)"); Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); Found : user_pref("extensions.BabylonToolbar_i.babExt", ""); Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109986"); Found : user_pref("extensions.BabylonToolbar_i.hardId", "566fb474000000000000e2d53d94cced"); Found : user_pref("extensions.BabylonToolbar_i.id", "566fb474000000000000e2d53d94cced"); Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15423"); Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); Found : user_pref("extensions.BabylonToolbar_i.newTab", true); Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=109986&babsrc=NT_s[...] Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9"); Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1712:49:19"); Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); Found : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7Be1532237-9126-492d-826e-8e11e95c7ea2%[...] Found : user_pref("sweetim.toolbar.cargo", "3.1010000.10011"); Found : user_pref("sweetim.toolbar.dialogs.0.enable", "true"); Found : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...] Found : user_pref("sweetim.toolbar.dialogs.0.height", "335"); Found : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog"); Found : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;"); Found : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.html")[...] Found : user_pref("sweetim.toolbar.dialogs.0.width", "761"); Found : user_pref("sweetim.toolbar.dialogs.1.enable", "true"); Found : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...] Found : user_pref("sweetim.toolbar.dialogs.1.height", "300"); Found : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog"); Found : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog"); Found : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...] Found : user_pref("sweetim.toolbar.dialogs.1.width", "500"); Found : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...] Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0"); Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7"); Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log"); Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000"); Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7"); Found : user_pref("sweetim.toolbar.mode.debug", "false"); Found : user_pref("sweetim.toolbar.prad.initialized_by_rc", "true"); Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "SearchTheWeb"); Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "AVG Secure Search"); Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://isearch.avg.com?cid=%7Be15322[...] Found : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q="); Found : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true"); Found : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification"); Found : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", ""); Found : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*"); Found : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb"); Found : user_pref("sweetim.toolbar.scripts.0.enable", "true"); Found : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb"); Found : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js"); Found : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "false"); Found : user_pref("sweetim.toolbar.scripts.1.callback", ""); Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...] Found : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", ""); Found : user_pref("sweetim.toolbar.scripts.1.elementid", "id_predict_include_script"); Found : user_pref("sweetim.toolbar.scripts.1.enable", "true"); Found : user_pref("sweetim.toolbar.scripts.1.id", "id_script_prad"); Found : user_pref("sweetim.toolbar.scripts.1.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...] Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...] Found : user_pref("sweetim.toolbar.search.history.capacity", "10"); Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1"); Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1"); Found : user_pref("sweetim.toolbar.searchguard.enable", "true"); Found : user_pref("sweetim.toolbar.simapp_id", "{89B351E1-A730-11E1-A30B-F04DA2DE2529}"); Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={89B3[...] Found : user_pref("sweetim.toolbar.version", "1.5.0.2"); -\\ Google Chrome v19.0.1084.56 File : C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Preferences Found : "description": "SweetIm for Facebook", Found : "name": "SweetIM for Facebook", ************************* AdwCleaner[R1].txt - [26602 octets] - [19/06/2012 17:35:34] ########## EOF - C:\AdwCleaner[R1].txt - [26731 octets] ########## |
|
21.06.2012, 06:47
| #13 |
| /// Malwareteam | Avira findet dauernd TR/ATRAPS.Gen und TR/ATRAPS.Gen2, was muss ich machen damit es verschwindet ? Schritt 1: Fix mit adwCleaner
Schritt 2: CF-Script Hinweis für Mitleser: Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen! Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm von einem der folgenden Download-Spiegel neu herunter: BleepingComputer.com - ForoSpyware.comund speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)! Drücke die Windows + R Taste --> Notepad (hinein schreiben) --> OK Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument. Code:
ATTFilter FOLDER::
c:\users\Jan\AppData\local\{9cf40b3a-87ab-7192-8eae-de1194e8f075}
CLEARJAVACACHE::
Wichtig:
Schritt 3: MBAM Downloade Dir bitte Malwarebytes
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
25.06.2012, 16:06
| #14 |
| | Avira findet dauernd TR/ATRAPS.Gen und TR/ATRAPS.Gen2, was muss ich machen damit es verschwindet ? Malwarebytes funktioniert nicht ab einem gewissen Punkt kommt ein blauer Bildschirm und er startet neu. Ich weis nicht wieso.Alles andere hat funktioniert. Hier sind die Log Dateien : adwCleaner: # AdwCleaner v1.609 - Logfile created 06/22/2012 at 17:45:07 # Updated 10/06/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Jan - JAN-PC # Running from : C:\Users\Jan\Desktop\adwcleaner.exe # Option [Delete] ***** [Services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Users\Jan\AppData\Local\Babylon Folder Deleted : C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} Folder Deleted : C:\Users\Jan\AppData\LocalLow\boost_interprocess Folder Deleted : C:\Users\Jan\AppData\LocalLow\Toolbar4 Folder Deleted : C:\Users\Jan\AppData\Roaming\Babylon Folder Deleted : C:\Users\Jan\AppData\Roaming\Complitly Folder Deleted : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\pam6zqu0.default\SweetPacksToolbarData Folder Deleted : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\pam6zqu0.default\extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516} Folder Deleted : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\pam6zqu0.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444} Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\Tarma Installer File Deleted : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\pam6zqu0.default\searchplugins\SweetIm.xml File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml ***** [Registry] ***** Key Deleted : HKCU\Software\Complitly Key Deleted : HKCU\Software\IGearSettings Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\SweetIm Key Deleted : HKLM\SOFTWARE\Babylon Key Deleted : HKLM\SOFTWARE\Iminent Key Deleted : HKLM\SOFTWARE\SweetIM Key Deleted : HKLM\SOFTWARE\Classes\b Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1 Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP [x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3} [x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1} ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}] [x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} [x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0} ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={89B351E1-A730-11E1-A30B-F04DA2DE2529} --> hxxp://www.google.com -\\ Mozilla Firefox v10.0.1 (de) Profile name : default File : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\pam6zqu0.default\prefs.js C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\pam6zqu0.default\user.js ... Deleted ! Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)"); Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); Deleted : user_pref("extensions.BabylonToolbar_i.babExt", ""); Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109986"); Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "566fb474000000000000e2d53d94cced"); Deleted : user_pref("extensions.BabylonToolbar_i.id", "566fb474000000000000e2d53d94cced"); Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15423"); Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true); Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=109986&babsrc=NT_s[...] Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1712:49:19"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7Be1532237-9126-492d-826e-8e11e95c7ea2%[...] Deleted : user_pref("sweetim.toolbar.cargo", "3.1010000.10011"); Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true"); Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...] Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335"); Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog"); Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;"); Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.html")[...] Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761"); Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true"); Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...] Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300"); Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog"); Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog"); Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...] Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500"); Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...] Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0"); Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7"); Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log"); Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000"); Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7"); Deleted : user_pref("sweetim.toolbar.mode.debug", "false"); Deleted : user_pref("sweetim.toolbar.prad.initialized_by_rc", "true"); Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "SearchTheWeb"); Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "AVG Secure Search"); Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://isearch.avg.com?cid=%7Be15322[...] Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q="); Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true"); Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification"); Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", ""); Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*"); Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb"); Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "true"); Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb"); Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js"); Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "false"); Deleted : user_pref("sweetim.toolbar.scripts.1.callback", ""); Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...] Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", ""); Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_predict_include_script"); Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "true"); Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_prad"); Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...] Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...] Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10"); Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1"); Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1"); Deleted : user_pref("sweetim.toolbar.searchguard.enable", "true"); Deleted : user_pref("sweetim.toolbar.simapp_id", "{89B351E1-A730-11E1-A30B-F04DA2DE2529}"); Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={89B3[...] Deleted : user_pref("sweetim.toolbar.version", "1.5.0.2"); -\\ Google Chrome v19.0.1084.56 File : C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted : "description": "SweetIm for Facebook", Deleted : "name": "SweetIM for Facebook", ************************* AdwCleaner[R1].txt - [26535 octets] - [19/06/2012 17:35:34] AdwCleaner[S1].txt - [23714 octets] - [22/06/2012 17:45:07] ########## EOF - C:\AdwCleaner[S1].txt - [23843 octets] ########## Combofix: Combofix Logfile: Code:
ATTFilter ComboFix 12-06-21.03 - Jan 22.06.2012 17:54:49.3.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8174.6103 [GMT 2:00]
ausgeführt von:: c:\users\Jan\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Jan\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jan\AppData\local\{9cf40b3a-87ab-7192-8eae-de1194e8f075}
c:\users\Jan\AppData\local\{9cf40b3a-87ab-7192-8eae-de1194e8f075}\@
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-05-22 bis 2012-06-22 ))))))))))))))))))))))))))))))
.
.
2012-06-22 15:59 . 2012-06-22 15:59 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-06-13 15:04 . 2012-06-13 15:04 -------- d-----w- c:\users\Jan\AppData\Roaming\LolClient2
2012-06-13 07:57 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-05 19:47 . 2012-06-05 19:47 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-06-05 15:14 . 2012-06-05 15:14 -------- d-----w- c:\users\Jan\AppData\Roaming\Leadertech
2012-06-05 15:14 . 2012-06-05 15:14 -------- d-----w- c:\program files\Logitech
2012-06-05 15:14 . 2012-06-05 15:14 -------- d-----w- c:\program files (x86)\Logitech
2012-06-05 15:12 . 2012-06-05 15:12 -------- d-----w- c:\programdata\LogiShrd
2012-06-05 07:02 . 2012-06-05 07:02 -------- d-----w- c:\windows\PCHEALTH
2012-06-05 06:59 . 2012-06-05 06:59 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2012-06-05 06:59 . 2012-06-05 06:59 -------- d-----r- C:\MSOCache
2012-06-05 06:55 . 2012-06-05 06:55 -------- d-----w- c:\users\Jan\AppData\Local\Microsoft Help
2012-06-05 06:55 . 2012-06-14 16:39 -------- d-----w- c:\programdata\Microsoft Help
2012-05-31 16:16 . 2012-03-22 11:43 2557952 ----a-w- c:\windows\SysWow64\QtCore4.dll
2012-05-31 16:16 . 2012-04-18 11:49 405176 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll
2012-05-31 16:16 . 2012-05-31 16:16 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2012-05-31 16:16 . 2012-05-31 16:16 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2012-05-31 16:15 . 2012-05-31 16:20 -------- d-----w- c:\users\Jan\AppData\Roaming\DVDVideoSoft
2012-05-30 17:46 . 2011-11-07 14:18 46728 ----a-w- c:\windows\system32\drivers\ren2cap.sys
2012-05-26 20:53 . 2012-05-26 20:53 -------- d-----w- C:\Ace of Spades
2012-05-26 12:41 . 2012-05-26 14:06 -------- d-----w- c:\program files (x86)\1ClickDownload
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-21 19:28 . 2012-01-27 19:44 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-06-21 19:28 . 2012-01-26 14:36 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-06-21 19:28 . 2012-01-26 14:36 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-06-17 16:38 . 2012-04-08 00:14 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-17 16:38 . 2011-11-30 09:29 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-10 16:40 . 2011-12-06 13:25 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-10 16:40 . 2011-12-06 13:25 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-05-05 11:35 . 2012-04-08 00:35 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-19 19:21 . 2012-04-19 19:21 89312 ----a-w- c:\windows\SysWow64\acedrv09.dll
2012-04-19 19:21 . 2012-04-19 19:21 134880 ----a-w- c:\windows\system32\drivers\acedrv09.sys
2012-04-07 10:55 . 2011-11-30 09:39 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-03-30 11:35 . 2012-05-09 18:37 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
((((((((((((((((((((((((((((( SnapShot_2012-06-19_15.52.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-06-21 12:45 . 2012-06-02 22:19 44056 c:\windows\system32\wups2.dll
+ 2012-06-21 12:45 . 2012-06-02 22:19 38424 c:\windows\system32\wups.dll
+ 2012-06-21 12:45 . 2012-06-02 22:15 99840 c:\windows\system32\wudriver.dll
+ 2012-06-21 12:45 . 2012-06-02 22:19 57880 c:\windows\system32\wuauclt.exe
- 2010-11-21 03:24 . 2010-11-21 03:24 36864 c:\windows\system32\wuapp.exe
+ 2012-06-21 12:45 . 2012-06-02 13:15 36864 c:\windows\system32\wuapp.exe
+ 2010-11-21 03:09 . 2012-06-22 15:48 54380 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-06-22 15:48 37122 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2012-06-19 12:35 37122 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-12-06 14:53 . 2012-06-22 15:48 13582 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2532466536-4214561068-2911664243-1000_UserData.bin
+ 2009-07-14 04:46 . 2012-06-22 15:41 93232 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2011-12-23 20:11 . 2012-06-21 20:14 3254 c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2011-12-23 20:11 . 2012-06-13 19:17 3254 c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2012-06-19 15:51 . 2012-06-19 15:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-22 16:00 . 2012-06-22 16:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-22 16:00 . 2012-06-22 16:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-06-19 15:51 . 2012-06-19 15:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-06-21 12:45 . 2012-06-02 13:19 186752 c:\windows\system32\wuwebv.dll
+ 2012-06-21 12:45 . 2012-06-02 22:19 701976 c:\windows\system32\wuapi.dll
+ 2011-12-15 08:51 . 2012-06-19 18:03 287632 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2012-04-11 02:08 . 2012-06-21 20:14 533912 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2012-04-11 02:08 . 2012-06-19 15:51 533912 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-07-14 05:01 . 2012-06-22 16:00 471896 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-06-19 15:51 471896 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-06-21 12:45 . 2012-06-02 22:15 2622464 c:\windows\system32\wucltux.dll
+ 2012-06-21 12:45 . 2012-06-02 22:19 2428952 c:\windows\system32\wuaueng.dll
+ 2009-07-14 04:45 . 2012-06-22 14:57 7187735 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:45 . 2012-06-14 17:10 7187735 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 02:34 . 2012-06-14 17:05 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:34 . 2012-06-21 12:58 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat
+ 2011-12-06 14:47 . 2012-06-22 16:00 14334893 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2532466536-4214561068-2911664243-1000-8192.dat
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-06-05 17344176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2009-12-01 963584]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-04-04 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-10 348624]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 1987976]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"Logitech G35"="c:\program files (x86)\Logitech\G35\G35.exe" [2010-10-05 1811800]
.
c:\users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AWMouseCI.lnk - c:\program files\Alienware\Alienware TactX Mouse CI\AWMouseCI.exe [2009-6-25 831488]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe [2011-05-02 15296]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-17 257224]
R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys [x]
R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 REN2CAP_DRIVER;Hear;c:\windows\system32\drivers\ren2cap.sys [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);c:\windows\system32\DRIVERS\RtVLAN60.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 acedrv09;acedrv09;c:\windows\system32\drivers\acedrv09.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-10 86224]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-04-05 8704]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [x]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\AlienRespawn\sftservice.EXE [2011-09-22 1692480]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-06-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 16:38]
.
2012-06-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2532466536-4214561068-2911664243-1000Core.job
- c:\users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-06 12:52]
.
2012-06-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2532466536-4214561068-2911664243-1000UA.job
- c:\users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-06 12:52]
.
2012-06-17 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\AlienAutopsy\uaclauncher.exe [2011-03-22 17:20]
.
2012-06-22 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\AlienAutopsy\pcdrcui.exe [2011-03-22 17:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-14 11777128]
"Launch Keyboard CI"="c:\program files\Alienware\Alienware TactX Keyboard CI\txkbci.exe" [2009-05-28 3438088]
"Command Center Controllers"="c:\program files\Alienware\Command Center\AWCCStartupOrchestrator.exe" [2011-05-02 13256]
"RunDLLEntry_THXCfg"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
"RunDLLEntry_EptMon"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-04-22 130576]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.de/
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\pam6zqu0.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{6E6E744E-4D20-4CE3-9A7A-26DFFFE22F68}"=hex:51,66,7a,6c,4c,1d,38,12,20,77,7d,
6a,12,03,8d,09,e5,6c,65,9f,fa,bc,6b,7c
"{977AE9CC-AF83-45E8-9E03-E2798216E2D5}"=hex:51,66,7a,6c,4c,1d,38,12,a2,ea,69,
93,b1,e1,86,00,e1,15,a1,39,87,48,a6,c1
"{0FB6A909-6086-458F-BD92-1F8EE10042A0}"=hex:51,66,7a,6c,4c,1d,38,12,67,aa,a5,
0b,b4,2e,e1,00,c2,84,5c,ce,e4,5e,06,b4
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,
57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b
"{58124A0B-DC32-4180-9BFF-E0E21AE34026}"=hex:51,66,7a,6c,4c,1d,38,12,65,49,01,
5c,00,92,ee,04,e4,e9,a3,a2,1f,bd,04,32
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}"=hex:51,66,7a,6c,4c,1d,38,12,85,b5,89,
a4,87,7f,22,00,e8,fa,d8,69,48,cc,aa,3e
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:05,3f,53,5f,ef,34,cd,01
.
[HKEY_USERS\S-1-5-21-2532466536-4214561068-2911664243-1000\Software\SecuROM\License information*]
"datasecu"=hex:7c,83,a9,f7,d6,fd,02,f5,f1,97,27,47,fd,bb,17,40,ba,08,e8,74,e4,
9b,13,a8,a3,a8,f9,3a,14,21,f3,b7,a1,dd,82,f9,f4,10,98,87,0b,09,66,7b,10,bb,\
"rkeysecu"=hex:6a,47,c6,ba,76,a4,66,f1,cc,f3,c9,13,c3,3a,af,72
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\AlienRespawn\TOASTER.EXE
c:\program files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-06-22 18:05:13 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-06-22 16:05
ComboFix2.txt 2012-06-19 15:57
ComboFix3.txt 2012-06-14 13:09
.
Vor Suchlauf: 15 Verzeichnis(se), 299.247.390.720 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 299.248.906.240 Bytes frei
.
- - End Of File - - EA9CFEE21F2233747AD28063909B6203
|
|
26.06.2012, 08:58
| #15 |
| /// Malwareteam | Avira findet dauernd TR/ATRAPS.Gen und TR/ATRAPS.Gen2, was muss ich machen damit es verschwindet ? Sieht ganz gut aus - kontrollieren wir alles nochmal! Schritt 1: MBAM vollständig Downloade Dir bitte Malwarebytes
Schritt 2: ESET ESET Online Scanner
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
| Themen zu Avira findet dauernd TR/ATRAPS.Gen und TR/ATRAPS.Gen2, was muss ich machen damit es verschwindet ? |
| autostart, avira, bli, daten, einfach, folge, folgen, forum, frage, gemein, log, problem, programme, prozesse, regeln, sache, sachen, taskmanager, thema, themen, tr/atraps.gen, tr/atraps.gen und tr/atraps.gen2, tr/atraps.gen2, tr/small.fi, trojaner-board, wichtige, wichtige daten, worte, überhaupt, öffnet |
Linear-Darstellung
