Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Malwarebytes-Vollscan nur im abgesicherten Modus möglich, sonst blue -screen (https://www.trojaner-board.de/101029-malwarebytes-vollscan-nur-abgesicherten-modus-moeglich-blue-screen.html)

Mike1985 04.07.2011 21:47
Malwarebytes-Vollscan nur im abgesicherten Modus möglich, sonst blue -screen
 
Hallo Zusammen.

Vor ca. einer Woche ging es los, konnte keine Programme mehr starten, kam einfach kurz das Ladezeichen, dann nichts mehr.

Wollte mit Malwarebytes einen Voll-scan durchführen, der aber nach ca. 10 minuten laufzeit abbricht mit einem blue-screen und neustart des rechners.

Hab es im abgesicherten Modus probiert, da ging es.

naja 98 infizierte dateien sprechen bände. konnten aber alle gelöscht werden.
Jedoch werden jetzt jeden tag ein, zwei schädlinge gefunden.

Ich danke im vorraus egal wie das hier endet!

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Datenbank Version: 7003

Windows 6.1.7601 Service Pack 1 (Safe Mode)
Internet Explorer 9.0.8112.16421

02.07.2011 09:15:34
mbam-log-2011-07-02 (09-15-34).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 391567
Laufzeit: 29 Minute(n), 29 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 65
Infizierte Registrierungswerte: 3
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 12
Infizierte Dateien: 15

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QuestBrowse Service (Adware.Agent.ZGen) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{CC7BD6F1-565C-47ce-A5BB-9C935E77B59D} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{02AED140-2B62-4B49-8B3B-179020CC39B9} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.CntntDic.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.CntntDic (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{CFC16189-8A92-4a29-A940-60248385F426} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.CntntDisp.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.CntntDisp (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4d03-A0CF-8203604C3DA6} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483c-A137-731E8F113DD5} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Dwnldr (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Dwnldr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbAx (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbAx.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbGuru (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbGuru.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButton (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButtonA (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.IEButtonA.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.KOPFF (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.KOPFF.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.ReportData (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.ReportData.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Scopes (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Scopes.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Stock (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Stock.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\BRNstIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\CmndFF.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\mozillaps.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\Pltfrm.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestBrowse (Adware.QuestBrowse) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuestBrowse (Adware.QuestBrowse) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\ShopperReports 3.0.517.0 (Adware.HotBar) -> Value: ShopperReports 3.0.517.0 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E8790777B676555337A095 (Malware.Trace) -> Value: SRS_IT_E8790777B676555337A095 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ShopperReports@ShopperReports.com (ShopperReports) -> Value: ShopperReports@ShopperReports.com -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\Users\Mike\AppData\Roaming\shopperreports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files (x86)\shopperreports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files (x86)\shopperreports3\bin (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files (x86)\shopperreports3\bin\3.0.517.0 (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files (x86)\shopperreports3\bin\3.0.517.0\firefox (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files (x86)\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files (x86)\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files (x86)\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files (x86)\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\shopperreports (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files (x86)\questbrwsearch (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\programdata\questbrwsearch (Adware.QuestBrowse) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\programdata\questbrwsearch\questbrowse163.exe (Adware.Agent.ZGen) -> Quarantined and deleted successfully.
c:\program files (x86)\shopperreports3\bin\3.0.517.0\cntntcntr.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files (x86)\ea sports\fussball manager 11\activation.exe (Malware.Packer.gen) -> Quarantined and deleted successfully.
c:\program files (x86)\questbrwsearch\questbrwsearch.dll (Adware.Agent.ZGen) -> Quarantined and deleted successfully.
c:\program files (x86)\questbrwsearch\questbrwsearch.exe (Adware.Agent.ZGen) -> Quarantined and deleted successfully.
c:\program files (x86)\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files (x86)\shopperreports3\bin\3.0.517.0\link.ico (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files (x86)\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files (x86)\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files (x86)\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\chrome\firefoxtoolbar.jar (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files (x86)\shopperreports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\shopperreports\About Us.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\shopperreports\customer support.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\shopperreports\shopperreports uninstall instructions.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\program files (x86)\questbrwsearch\uninstall.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.

kira 05.07.2011 08:35
Hallo und Herzlich Willkommen! :)

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:
Zitat:
  • "Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
    - da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    - also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
  • Charakteristische Merkmale/Profilinformationen:
    - aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
  • Die Systemprüfung und Bereinigung:
    - kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
  • Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
  • Innerhalb der Betreuungszeit:
    - ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
  • Die Reihenfolge:
    - genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
  • GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
  • Ansonsten unsere Forumsregeln:
    - Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
  • Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen:)
Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in Code-Tags hier in den Thread.

2.
→ Lade Dir HJTscanlist.zip herunter
→ entpacke die Datei auf deinem Desktop
→ Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren
→ per Doppelklick starten
→ Wähle dein Betriebsystem aus - bei Win7 wähle Vista
→ Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen
→ Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren
→ Bitte kopiere den Inhalt hier in Deinen Thread.
** Falls es klappt auf einmal nicht, kannst den Text in mehrere Teile teilen und so posten

3.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool Ccleaner herunter
Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:
Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B hjtsanlist o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw
gruß
kira

Mike1985 05.07.2011 09:23
Hallo kira,

vielen dank dass du dich mir annimmst! Kenne mich leider nicht sonderlich aus.

OTL läuft gerade, jedoch mit dem Code-Tags, kann ich da mehrere log files in einem tag reinziehn oder immer nach einem logfile wieder eine neue antwort schreiben?

danke!

Mike1985 05.07.2011 09:44
Ich probiers mal :o
OTL lässt sich weder reinkopieren noch anhängen weil es zu groß ist, was jetzt?


OTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 05.07.2011 10:21:27 - Run 1
OTL by OldTimer - Version 3.2.26.0    Folder = C:\Users\Mike\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,60 Gb Available Physical Memory | 64,97% Memory free
10,83 Gb Paging File | 9,32 Gb Available in Paging File | 85,99% Paging File free
Paging file location(s): c:\pagefile.sys 7000 7000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 908,41 Gb Total Space | 470,01 Gb Free Space | 51,74% Space Free | Partition Type: NTFS
 
Computer Name: MIKE-PC | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2DAB009-8236-48A0-AD7F-E940F5AB1578}" = HP Photosmart Plus B209a-m All-in-One Driver Software 14.0 Rel. 6
"{BCF07271-A853-4D3A-B668-4B752174CAA8}" = iTunes
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{EF5948BA-589D-4BE7-B993-C45DC1A77E24}" = MobileMe Control Panel
"{FA300000-0001-6400-0000-074957833700}" = ABBYY PDF Transformer 3.0
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"CCleaner" = CCleaner
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{50D69C54-6963-49A6-B762-A9FF8F56AF0F}" = Brockhaus multimedial 2010
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = eMachines Recovery Management
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ab23397-e9bd-4004-bcac-26932b86a644}" = Nero 9 Essentials
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CDC8DBA8-37FF-4C82-84FF-DEBEDF93BEC4}" = PS_AIO_06_B209a-m_SW_Min
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D8E1DFEE-622B-46BA-AEFF-AB7E541C0B21}" = Steuer-Spar-Erklärung 2010
"{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}" = AAVUpdateManager
"{E0202C0E-D4B6-49A4-B5E5-A38B7C09D80F}" = SF-Visitenkarte 11.00
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E617721F-B66C-4D5A-AA2A-B2D60820CDC3}" = B209a-m
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = eMachines Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FB1AC1F1-8F47-4DCE-A1ED-0DFBA0F455B4}" = Driver Mender
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ABBYY PDF Transformer 3.0" = ABBYY PDF Transformer 3.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"conduitEngine" = Conduit Engine
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"eMachines Game Console" = eMachines Game Console
"eMachines Registration" = eMachines Registration
"eMachines Screensaver" = eMachines ScreenSaver
"eMachines Welcome Center" = Welcome Center
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube Download_is1" = Free YouTube Download 2.10
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"Hotkey Utility" = Hotkey Utility
"ICQToolbar" = ICQ Toolbar
"Identity Card" = Identity Card
"InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}" = Rome - Total War(TM)
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200
"Mozilla Firefox 5.0 (x86 de)" = Mozilla Firefox 5.0 (x86 de)
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PS3 Media Server" = PS3 Media Server
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.2
"WBFS Manager 3.0" = WBFS Manager 3.0
"WildTangent emachines Master Uninstall" = eMachines Games
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT078910" = Bejeweled 2 Deluxe
"WT078919" = Insaniquarium Deluxe
"WT078930" = Zuma Deluxe
"WT078958" = Blasterball 3
"WT078962" = Bob the Builder Can-Do-Zoo
"WT079018" = Faerie Solitaire
"WT079022" = FATE - The Traitor Soul
"WT079062" = Jewel Quest
"WT079066" = Jewel Quest Solitaire 3
"WT079106" = Penguins!
"WT079114" = Polar Bowler
"WT079118" = Polar Golfer
"WT079122" = Polar Pool
"WT079175" = Virtual Villagers - A New Home
"WT079180" = Yahtzee
"WT079283" = Build-a-lot 2
"WT079296" = Chicken Invaders 3 - Revenge of the Yolk
"WT079316" = Escape Rosecliff Island
"WT079329" = Mahjongg Artifacts
"WT079418" = Virtual Families
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 01.07.2011 09:55:33 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iTunes.exe, Version: 10.3.1.55, Zeitstempel:
 0x4deec351  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17514,
 Zeitstempel: 0x4ce7bafa  Ausnahmecode: 0xe06d7363  Fehleroffset: 0x0000b727  ID des fehlerhaften
 Prozesses: 0x116c  Startzeit der fehlerhaften Anwendung: 0x01cc37f68b5b62f2  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\iTunes\iTunes.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: c9d4a42a-a3e9-11e0-bfac-4487fca8727b
 
Error - 01.07.2011 09:55:38 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iTunes.exe, Version: 10.3.1.55, Zeitstempel:
 0x4deec351  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17514,
 Zeitstempel: 0x4ce7bafa  Ausnahmecode: 0xe06d7363  Fehleroffset: 0x0000b727  ID des fehlerhaften
 Prozesses: 0xf84  Startzeit der fehlerhaften Anwendung: 0x01cc37f68e5c3f6a  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\iTunes\iTunes.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: ccc999c1-a3e9-11e0-bfac-4487fca8727b
 
Error - 01.07.2011 09:56:26 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: msiexec.exe, Version: 5.0.7601.17514,
 Zeitstempel: 0x4ce792c4  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17514,
 Zeitstempel: 0x4ce7bafa  Ausnahmecode: 0xe06d7363  Fehleroffset: 0x0000b727  ID des fehlerhaften
 Prozesses: 0x12b4  Startzeit der fehlerhaften Anwendung: 0x01cc37f6ab3da1de  Pfad der
 fehlerhaften Anwendung: C:\Windows\SysWOW64\msiexec.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: e925af26-a3e9-11e0-bfac-4487fca8727b
 
Error - 01.07.2011 09:56:37 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iTunes.exe, Version: 10.3.1.55, Zeitstempel:
 0x4deec351  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17514,
 Zeitstempel: 0x4ce7bafa  Ausnahmecode: 0xe06d7363  Fehleroffset: 0x0000b727  ID des fehlerhaften
 Prozesses: 0x5c4  Startzeit der fehlerhaften Anwendung: 0x01cc37f6b148b172  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\iTunes\iTunes.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: efb60bc8-a3e9-11e0-bfac-4487fca8727b
 
Error - 01.07.2011 09:56:55 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: QuickTimePlayer.exe, Version: 7.69.80.9,
 Zeitstempel: 0x4cf444ff  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17514,
 Zeitstempel: 0x4ce7bafa  Ausnahmecode: 0xe06d7363  Fehleroffset: 0x0000b727  ID des fehlerhaften
 Prozesses: 0x604  Startzeit der fehlerhaften Anwendung: 0x01cc37f6bb988782  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: fa7be588-a3e9-11e0-bfac-4487fca8727b
 
Error - 01.07.2011 09:57:57 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iTunes.exe, Version: 10.3.1.55, Zeitstempel:
 0x4deec351  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17514,
 Zeitstempel: 0x4ce7bafa  Ausnahmecode: 0xe06d7363  Fehleroffset: 0x0000b727  ID des fehlerhaften
 Prozesses: 0xb90  Startzeit der fehlerhaften Anwendung: 0x01cc37f6e117abcc  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\iTunes\iTunes.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: 1f9cd3e5-a3ea-11e0-bfac-4487fca8727b
 
Error - 01.07.2011 10:03:35 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: msiexec.exe, Version: 5.0.7601.17514,
 Zeitstempel: 0x4ce792c4  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17514,
 Zeitstempel: 0x4ce7bafa  Ausnahmecode: 0xe06d7363  Fehleroffset: 0x0000b727  ID des fehlerhaften
 Prozesses: 0xbb0  Startzeit der fehlerhaften Anwendung: 0x01cc37f7aa20327e  Pfad der
 fehlerhaften Anwendung: C:\Windows\SysWOW64\msiexec.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: e90e1723-a3ea-11e0-bfac-4487fca8727b
 
Error - 01.07.2011 10:06:41 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 5.0.0.4183,
 Zeitstempel: 0x4df95302  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17514,
 Zeitstempel: 0x4ce7bafa  Ausnahmecode: 0xe06d7363  Fehleroffset: 0x0000b727  ID des fehlerhaften
 Prozesses: 0xdf4  Startzeit der fehlerhaften Anwendung: 0x01cc37f819456753  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe  Pfad
des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: 57b7ab7b-a3eb-11e0-bfac-4487fca8727b
 
Error - 01.07.2011 10:06:47 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iTunes.exe, Version: 10.3.1.55, Zeitstempel:
 0x4deec351  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17514,
 Zeitstempel: 0x4ce7bafa  Ausnahmecode: 0xe06d7363  Fehleroffset: 0x0000b727  ID des fehlerhaften
 Prozesses: 0x12c4  Startzeit der fehlerhaften Anwendung: 0x01cc37f81cb3ea29  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\iTunes\iTunes.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: 5b2f8cc1-a3eb-11e0-bfac-4487fca8727b
 
Error - 01.07.2011 10:06:51 | Computer Name = Mike-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 1.1.0.0, Zeitstempel:
 0x4c5158c3  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17514,
 Zeitstempel: 0x4ce7bafa  Ausnahmecode: 0xe06d7363  Fehleroffset: 0x0000b727  ID des fehlerhaften
 Prozesses: 0xe70  Startzeit der fehlerhaften Anwendung: 0x01cc37f81f25f411  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: 5da09ca6-a3eb-11e0-bfac-4487fca8727b
 
[ System Events ]
Error - 06.05.2011 08:30:59 | Computer Name = Mike-PC | Source = DCOM | ID = 10016
Description =
 
Error - 07.05.2011 06:16:42 | Computer Name = Mike-PC | Source = DCOM | ID = 10016
Description =
 
Error - 08.05.2011 00:31:28 | Computer Name = Mike-PC | Source = BugCheck | ID = 1001
Description =
 
Error - 08.05.2011 00:32:51 | Computer Name = Mike-PC | Source = DCOM | ID = 10016
Description =
 
Error - 09.05.2011 05:59:26 | Computer Name = Mike-PC | Source = DCOM | ID = 10016
Description =
 
Error - 10.05.2011 05:28:48 | Computer Name = Mike-PC | Source = DCOM | ID = 10016
Description =
 
Error - 10.05.2011 09:34:28 | Computer Name = Mike-PC | Source = DCOM | ID = 10016
Description =
 
Error - 11.05.2011 03:48:54 | Computer Name = Mike-PC | Source = DCOM | ID = 10016
Description =
 
Error - 12.05.2011 06:51:44 | Computer Name = Mike-PC | Source = DCOM | ID = 10016
Description =
 
Error - 13.05.2011 04:50:00 | Computer Name = Mike-PC | Source = DCOM | ID = 10016
Description =
 
 
< End of report >
--- --- ---

Mike1985 05.07.2011 09:53
Code:

                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
                        º                                    º
                                    hjtscanlist v2.0             
                        º                                    º
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

Microsoft Windows [Version 6.1.7601]
 
 
C:

      C:\pagefile.sys ---------   
      C:\hiberfil.sys ---------   
  04.07.2011 22:11    C:\glassfish3 --------- 0 
  04.07.2011 21:57    C:\Windows --------- 40960 
  03.07.2011 22:03    C:\Config.Msi --------- 0 
  03.07.2011 16:32    C:\ProgramData --------- 12288 
  03.07.2011 16:32    C:\Program Files (x86) --------- 24576 
  03.07.2011 14:37    C:\System Volume Information --------- 16384 
  02.07.2011 19:24    C:\Program Files --------- 8192 
  06.01.2011 23:52    C:\OEM --------- 4096 
  05.11.2010 13:38    C:\MSOCache --------- 0 
  05.11.2010 12:25    C:\$Recycle.Bin --------- 4096 
  05.11.2010 12:22    C:\Users --------- 4096 
  05.11.2010 12:22    C:\Recovery --------- 0 
  05.11.2010 12:22    C:\Programme --------- 0 
  05.11.2010 12:22    C:\Dokumente und Einstellungen --------- 0 
  26.05.2010 07:25    C:\book --------- 0 
  26.05.2010 07:22    C:\RHDSetup.log --------- 2206 
  22.05.2010 08:27    C:\BOOTSECT.BAK --------- 8192 
  22.05.2010 07:43    C:\Intel --------- 0 
  14.07.2009 07:08    C:\Documents and Settings --------- 0 
  14.07.2009 05:20    C:\PerfLogs --------- 0 
----------------------------------------

 
C:\Windows

  05.07.2011 10:17    C:\Windows\WindowsUpdate.log --------- 1264198 
  05.07.2011 10:14    C:\Windows\setupact.log --------- 1981 
  05.07.2011 10:14    C:\Windows\bootstat.dat --------- 67584 
  04.07.2011 22:10    C:\Windows\ntbtlog.txt --------- 561228 
  04.07.2011 21:57    C:\Windows\MEMORY.DMP --------- 1323256355 
  02.07.2011 19:25    C:\Windows\epplauncher.mif --------- 1912 
  02.07.2011 18:26    C:\Windows\PFRO.log --------- 6906 
  01.07.2011 15:35    C:\Windows\diagwrn.xml --------- 2562 
  01.07.2011 15:35    C:\Windows\diagerr.xml --------- 1908 
  01.07.2011 15:26    C:\Windows\setuperr.log --------- 0 
  30.06.2011 19:15    C:\Windows\IE9_main.log --------- 4654 
  26.06.2011 11:01    C:\Windows\RomeTW.ini --------- 237 
  20.11.2010 15:25    C:\Windows\splwow64.exe --------- 67072 
  20.11.2010 15:24    C:\Windows\explorer.exe --------- 2872320 
  20.11.2010 15:24    C:\Windows\bfsvc.exe --------- 71168 
  20.11.2010 14:21    C:\Windows\twain_32.dll --------- 51200 
  16.11.2010 17:11    C:\Windows\Irremote.ini --------- 26 
  14.11.2010 14:16    C:\Windows\hpoins40.dat --------- 221134 
  14.11.2010 14:15    C:\Windows\win.ini --------- 513 
  05.11.2010 18:35    C:\Windows\nsreg.dat --------- 0 
  26.05.2010 16:51    C:\Windows\ChangeLang_Done.tag --------- 11453 
  26.05.2010 07:17    C:\Windows\ATIDetect.txt --------- 30814 
  24.05.2010 03:36    C:\Windows\MOD01SET00000000KA.enc --------- 1996 
  24.05.2010 03:36    C:\Windows\CSUP.TXT --------- 10 
  22.05.2010 08:25    C:\Windows\patch.loag --------- 70 
  05.02.2010 11:16    C:\Windows\MOD01SET78000G0019.enc --------- 2168 
  30.01.2010 14:17    C:\Windows\hpomdl40.dat --------- 918 
  02.11.2009 07:48    C:\Windows\RtlExUpd.dll --------- 831488 
  06.10.2009 22:57    C:\Windows\MOD01SET74DE0N0003.enc --------- 2476 
  18.09.2009 03:02    C:\Windows\NewDeployWinRE.cmd --------- 741 
  29.07.2009 04:44    C:\Windows\MOD01OPK04000N0001.enc --------- 2572 
  26.07.2009 04:21    C:\Windows\MOD01SET75000N0006.enc --------- 2048 
  23.07.2009 04:16    C:\Windows\MOD01SET5K000G0002.enc --------- 2008 
  14.07.2009 06:54    C:\Windows\WindowsShell.Manifest --------- 749 
  14.07.2009 03:39    C:\Windows\write.exe --------- 10240 
  14.07.2009 03:39    C:\Windows\regedit.exe --------- 427008 
  14.07.2009 03:39    C:\Windows\notepad.exe --------- 193536 
  14.07.2009 03:39    C:\Windows\hh.exe --------- 16896 
  14.07.2009 03:39    C:\Windows\HelpPane.exe --------- 733696 
  14.07.2009 03:39    C:\Windows\fveupdate.exe --------- 15360 
  14.07.2009 03:14    C:\Windows\winhlp32.exe --------- 9728 
  14.07.2009 03:14    C:\Windows\twunk_32.exe --------- 31232 
  14.07.2009 01:06    C:\Windows\mib.bin --------- 43131 
  10.07.2009 13:10    C:\Windows\WLXPGSS.SCR --------- 307568 
  10.06.2009 23:41    C:\Windows\twunk_16.exe --------- 49680 
  10.06.2009 23:41    C:\Windows\twain.dll --------- 94784 
  10.06.2009 23:08    C:\Windows\system.ini --------- 219 
  10.06.2009 22:52    C:\Windows\WMSysPr9.prx --------- 316640 
  10.06.2009 22:36    C:\Windows\msdfmap.ini --------- 1405 
  10.06.2009 22:31    C:\Windows\Starter.xml --------- 48201 
  10.06.2009 22:30    C:\Windows\HomePremium.xml --------- 48265 
  23.12.2008 09:49    C:\Windows\eMachines.tag --------- 0 
  19.04.2007 17:35    C:\Windows\DBREG.dll --------- 663104 
  19.04.2007 12:19    C:\Windows\DBReg.exe --------- 174144 
  04.08.2006 14:26    C:\Windows\German2.ini --------- 16070 
  10.05.2006 09:48    C:\Windows\BROCKHAUS multimedial.scr --------- 2572288 
----------------------------------------

 
C:\Windows\System

----------------------------------------

 
C:\Windows\System32

 05.07.2011 10:21    C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 9696 
 05.07.2011 10:21    C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 9696 
 05.07.2011 10:18    C:\Windows\system32\perfh009.dat --------- 611996 
 05.07.2011 10:18    C:\Windows\system32\perfc009.dat --------- 105214 
 05.07.2011 10:18    C:\Windows\system32\perfh007.dat --------- 649238 
 05.07.2011 10:18    C:\Windows\system32\perfc007.dat --------- 128198 
 05.07.2011 10:18    C:\Windows\system32\PerfStringBackup.INI --------- 1487130 
 05.07.2011 09:24    C:\Windows\system32\config --------- 49152 
 03.07.2011 16:32    C:\Windows\system32\catroot --------- 4096 
 03.07.2011 16:32    C:\Windows\system32\drivers --------- 65536 
 01.07.2011 19:48    C:\Windows\system32\LogFiles --------- 4096 
 01.07.2011 19:14    C:\Windows\system32\catroot2 --------- 32768 
 01.07.2011 16:52    C:\Windows\system32\Tasks --------- 4096 
 01.07.2011 16:23    C:\Windows\system32\deployJava1.dll --------- 525544 
 01.07.2011 15:49    C:\Windows\system32\DriverStore --------- 4096 
 01.07.2011 11:12    C:\Windows\system32\migration --------- 0 
 01.07.2011 11:12    C:\Windows\system32\de-DE --------- 262144 
 01.07.2011 11:12    C:\Windows\system32\wbem --------- 65536 
 01.07.2011 11:12    C:\Windows\system32\en-US --------- 147456 
 01.07.2011 11:09    C:\Windows\system32\FNTCACHE.DAT --------- 600760 
 30.06.2011 19:45    C:\Windows\system32\wfp --------- 0 
 30.06.2011 19:23    C:\Windows\system32\da-DK --------- 0 
 30.06.2011 19:23    C:\Windows\system32\oobe --------- 4096 
 30.06.2011 19:23    C:\Windows\system32\AdvancedInstallers --------- 0 
 30.06.2011 19:23    C:\Windows\system32\Setup --------- 0 
 30.06.2011 19:23    C:\Windows\system32\cs-CZ --------- 0 
 30.06.2011 19:23    C:\Windows\system32\manifeststore --------- 0 
 30.06.2011 19:23    C:\Windows\system32\es-ES --------- 0 
 30.06.2011 19:23    C:\Windows\system32\sppui --------- 0 
 30.06.2011 19:23    C:\Windows\system32\migwiz --------- 4096 
 30.06.2011 19:23    C:\Windows\system32\Dism --------- 0 
 30.06.2011 19:22    C:\Windows\system32\Boot --------- 0 
 30.06.2011 19:13    C:\Windows\system32\RegisterIEPKEYs.exe --------- 89088 
 30.06.2011 19:13    C:\Windows\system32\urlmon.dll --------- 1344000 
 30.06.2011 19:13    C:\Windows\system32\msls31.dll --------- 222208 
 30.06.2011 19:13    C:\Windows\system32\wininet.dll --------- 1389056 
 30.06.2011 19:13    C:\Windows\system32\jsproxy.dll --------- 85504 
 30.06.2011 19:13    C:\Windows\system32\iertutil.dll --------- 2136064 
 30.06.2011 19:13    C:\Windows\system32\msrating.dll --------- 197120 
 30.06.2011 19:13    C:\Windows\system32\mshtml.dll --------- 17773568 
 30.06.2011 19:13    C:\Windows\system32\mshtml.tlb --------- 2382848 
 30.06.2011 19:13    C:\Windows\system32\ieUnatt.exe --------- 173056 
 30.06.2011 19:13    C:\Windows\system32\occache.dll --------- 149504 
 30.06.2011 19:13    C:\Windows\system32\mshta.exe --------- 12288 
 30.06.2011 19:13    C:\Windows\system32\pngfilt.dll --------- 65024 
 30.06.2011 19:13    C:\Windows\system32\admparse.dll --------- 114176 
 30.06.2011 19:13    C:\Windows\system32\ieaksie.dll --------- 267776 
 30.06.2011 19:13    C:\Windows\system32\ieakui.dll --------- 163840 
 30.06.2011 19:13    C:\Windows\system32\jscript9.dll --------- 2303488 
 30.06.2011 19:13    C:\Windows\system32\jscript.dll --------- 818176 
 30.06.2011 19:13    C:\Windows\system32\imgutil.dll --------- 49664 
 30.06.2011 19:13    C:\Windows\system32\iepeers.dll --------- 145920 
 30.06.2011 19:13    C:\Windows\system32\msfeedsbs.dll --------- 55296 
 30.06.2011 19:13    C:\Windows\system32\msfeedssync.exe --------- 10752 
 30.06.2011 19:13    C:\Windows\system32\IEAdvpack.dll --------- 135168 
 30.06.2011 19:13    C:\Windows\system32\ieakeng.dll --------- 160256 
 30.06.2011 19:13    C:\Windows\system32\SetIEInstalledDate.exe --------- 91648 
 30.06.2011 19:13    C:\Windows\system32\mshtmler.dll --------- 48640 
 30.06.2011 19:13    C:\Windows\system32\iesysprep.dll --------- 111616 
 30.06.2011 19:13    C:\Windows\system32\ieui.dll --------- 248320 
 30.06.2011 19:13    C:\Windows\system32\ieframe.dll --------- 10885632 
 30.06.2011 19:13    C:\Windows\system32\tdc.ocx --------- 76800 
 30.06.2011 19:13    C:\Windows\system32\html.iec --------- 448512 
 30.06.2011 19:13    C:\Windows\system32\dxtrans.dll --------- 282112 
 30.06.2011 19:13    C:\Windows\system32\dxtmsft.dll --------- 452608 
 30.06.2011 19:13    C:\Windows\system32\ieapfltr.dat --------- 3695416 
 30.06.2011 19:13    C:\Windows\system32\ieapfltr.dll --------- 534528 
 30.06.2011 19:13    C:\Windows\system32\icardie.dll --------- 82432 
 30.06.2011 19:13    C:\Windows\system32\ie4uinit.exe --------- 89088 
 30.06.2011 19:13    C:\Windows\system32\iernonce.dll --------- 39936 
 30.06.2011 19:13    C:\Windows\system32\ieuinit.inf --------- 72822 
 30.06.2011 19:13    C:\Windows\system32\iesetup.dll --------- 85504 
 30.06.2011 19:13    C:\Windows\system32\url.dll --------- 236544 
 30.06.2011 19:13    C:\Windows\system32\iedkcs32.dll --------- 403248 
 30.06.2011 19:13    C:\Windows\system32\inetcpl.cpl --------- 1492992 
 30.06.2011 19:13    C:\Windows\system32\webcheck.dll --------- 249344 
 30.06.2011 19:13    C:\Windows\system32\licmgr10.dll --------- 30720 
 30.06.2011 19:13    C:\Windows\system32\inseng.dll --------- 103936 
 30.06.2011 19:13    C:\Windows\system32\mshtmled.dll --------- 96256 
 30.06.2011 19:13    C:\Windows\system32\wextract.exe --------- 160256 
 30.06.2011 19:13    C:\Windows\system32\iexpress.exe --------- 165888 
 30.06.2011 19:13    C:\Windows\system32\msfeeds.dll --------- 697344 
 30.06.2011 19:13    C:\Windows\system32\vbscript.dll --------- 603648 
 30.06.2011 19:07    C:\Windows\system32\msclmd.dll --------- 175616 
 30.06.2011 18:59    C:\Windows\system32\SPReview --------- 0 
 30.06.2011 18:59    C:\Windows\system32\EventProviders --------- 4096 
 03.06.2011 18:30    C:\Windows\system32\MRT.exe --------- 49454024 
 28.05.2011 05:06    C:\Windows\system32\win32k.sys --------- 3135488 
 24.05.2011 13:42    C:\Windows\system32\umpnpmgr.dll --------- 404480 
 10.05.2011 08:06    C:\Windows\system32\usbaaplrc.dll --------- 4517664 
 03.05.2011 07:29    C:\Windows\system32\inetcomm.dll --------- 976896 
 09.04.2011 09:02    C:\Windows\system32\ntoskrnl.exe --------- 5562240 
 09.04.2011 08:58    C:\Windows\system32\poqexec.exe --------- 142336 
 06.04.2011 16:26    C:\Windows\system32\jdns_sd.dll --------- 69408 
 06.04.2011 16:26    C:\Windows\system32\dnssdX.dll --------- 237856 
 06.04.2011 16:26    C:\Windows\system32\dns-sd.exe --------- 119584 
 06.04.2011 16:26    C:\Windows\system32\dnssd.dll --------- 96544 
 11.03.2011 08:34    C:\Windows\system32\mfc42u.dll --------- 1359872 
 11.03.2011 08:34    C:\Windows\system32\mfc42.dll --------- 1395712 
 03.03.2011 08:24    C:\Windows\system32\dnsrslvr.dll --------- 183296 
----------------------------------------

 
C:\Windows\Prefetch

 05.07.2011 10:52    C:\Windows\Prefetch\CMD.EXE-0BD30981.pf --------- 8836 
 05.07.2011 10:52    C:\Windows\Prefetch\CONHOST.EXE-0C6456FB.pf --------- 15858 
 05.07.2011 10:51    C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-44162447.pf --------- 15840 
 05.07.2011 10:51    C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-69C456C3.pf --------- 15286 
 05.07.2011 10:51    C:\Windows\Prefetch\DLLHOST.EXE-4B6CB38A.pf --------- 70324 
 05.07.2011 10:51    C:\Windows\Prefetch\WINRAR.EXE-BA8CDB31.pf --------- 54750 
 05.07.2011 10:50    C:\Windows\Prefetch\AgGlFgAppHistory.db --------- 2474183 
 05.07.2011 10:50    C:\Windows\Prefetch\AgGlFaultHistory.db --------- 855418 
 05.07.2011 10:50    C:\Windows\Prefetch\AgGlGlobalHistory.db --------- 4810670 
 05.07.2011 10:50    C:\Windows\Prefetch\AgRobust.db --------- 898344 
 05.07.2011 10:47    C:\Windows\Prefetch\NOTEPAD.EXE-D096D5BE.pf --------- 23958 
 05.07.2011 10:46    C:\Windows\Prefetch\AVWSC.EXE-FC348DC0.pf --------- 32322 
 05.07.2011 10:37    C:\Windows\Prefetch\DLLHOST.EXE-63B92852.pf --------- 17578 
 05.07.2011 10:27    C:\Windows\Prefetch\AUDIODG.EXE-AB22E9A6.pf --------- 29794 
 05.07.2011 10:27    C:\Windows\Prefetch\WERMGR.EXE-F439C551.pf --------- 16900 
 05.07.2011 10:24    C:\Windows\Prefetch\MPCMDRUN.EXE-48498337.pf --------- 35820 
 05.07.2011 10:22    C:\Windows\Prefetch\TASKHOST.EXE-A0F5E092.pf --------- 156960 
 05.07.2011 10:22    C:\Windows\Prefetch\SDCLT.EXE-94EAE077.pf --------- 102826 
 05.07.2011 10:22    C:\Windows\Prefetch\SVCHOST.EXE-6E1A6101.pf --------- 347100 
 05.07.2011 10:20    C:\Windows\Prefetch\OTL.EXE-A15F0815.pf --------- 66000 
 05.07.2011 10:18    C:\Windows\Prefetch\WMIADAP.EXE-BB21CD77.pf --------- 70094 
 05.07.2011 10:18    C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-9FED59A7.pf --------- 49854 
 05.07.2011 10:17    C:\Windows\Prefetch\WMIPRVSE.EXE-E8B8DD29.pf --------- 77896 
 05.07.2011 10:17    C:\Windows\Prefetch\SPPSVC.EXE-96070FE0.pf --------- 11850 
 05.07.2011 10:16    C:\Windows\Prefetch\MBAMSERVICE.EXE-08D249B9.pf --------- 243390 
 05.07.2011 10:16    C:\Windows\Prefetch\GOOGLEUPDATE.EXE-0E1E7B82.pf --------- 54068 
 05.07.2011 10:16    C:\Windows\Prefetch\GOOGLECRASHHANDLER.EXE-B23F2ABB.pf --------- 23546 
 05.07.2011 10:15    C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-6B605020.pf --------- 167922 
 05.07.2011 10:15    C:\Windows\Prefetch\FIREFOX.EXE-359C61A4.pf --------- 398834 
 05.07.2011 10:15    C:\Windows\Prefetch\ReadyBoot --------- 4096 
 05.07.2011 10:15    C:\Windows\Prefetch\OSPPSVC.EXE-CAD928DD.pf --------- 52652 
 05.07.2011 10:15    C:\Windows\Prefetch\DLLHOST.EXE-2E02FDCA.pf --------- 103596 
 05.07.2011 10:15    C:\Windows\Prefetch\IPODSERVICE.EXE-716E0AD1.pf --------- 21934 
 05.07.2011 10:15    C:\Windows\Prefetch\WMPNSCFG.EXE-18FC9E64.pf --------- 104696 
 05.07.2011 10:15    C:\Windows\Prefetch\WUDFHOST.EXE-DEBBE5F1.pf --------- 96812 
 05.07.2011 09:24    C:\Windows\Prefetch\PfSvPerfStats.bin --------- 584 
 05.07.2011 09:21    C:\Windows\Prefetch\NEROEXPRESS.EXE-22A9A71F.pf --------- 117132 
 05.07.2011 09:20    C:\Windows\Prefetch\WMPNETWK.EXE-F6E20E14.pf --------- 170224 
 05.07.2011 08:59    C:\Windows\Prefetch\OUTLOOK.EXE-8B2B9B62.pf --------- 321550 
 05.07.2011 08:55    C:\Windows\Prefetch\TASKENG.EXE-35FA9C06.pf --------- 208448 
 05.07.2011 08:53    C:\Windows\Prefetch\DLLHOST.EXE-3C4E5BEC.pf --------- 115044 
 05.07.2011 08:43    C:\Windows\Prefetch\JAVA.EXE-2AB52D6A.pf --------- 17468 
 05.07.2011 08:39    C:\Windows\Prefetch\SVCHOST.EXE-B597A9D1.pf --------- 29694 
 04.07.2011 22:45    C:\Windows\Prefetch\NOTEPAD.EXE-032BB3D8.pf --------- 34020 
 04.07.2011 22:45    C:\Windows\Prefetch\MBAM.EXE-493D9B94.pf --------- 162776 
 04.07.2011 22:38    C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-766EFF52.pf --------- 407352 
 04.07.2011 22:27    C:\Windows\Prefetch\HOTKEYUI.EXE-8FA4E4B5.pf --------- 95590 
 04.07.2011 21:26    C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-1557765290-4178029710-2347594186-1001.db --------- 1027770 
 04.07.2011 21:26    C:\Windows\Prefetch\AgGlUAD_S-1-5-21-1557765290-4178029710-2347594186-1001.db --------- 2232567 
 04.07.2011 20:20    C:\Windows\Prefetch\FFMPEG.EXE-1F6BC1CB.pf --------- 60518 
 04.07.2011 20:13    C:\Windows\Prefetch\UNRAR.EXE-C64AAEF7.pf --------- 254894 
 04.07.2011 19:45    C:\Windows\Prefetch\JAVAW.EXE-CE5F3A8D.pf --------- 710396 
 04.07.2011 19:45    C:\Windows\Prefetch\JDOWNLOADER.EXE-F29ACE48.pf --------- 18216 
 04.07.2011 19:43    C:\Windows\Prefetch\PING.EXE-0314C2F7.pf --------- 15504 
 04.07.2011 19:41    C:\Windows\Prefetch\MENCODER.EXE-177579CB.pf --------- 66714 
 04.07.2011 19:40    C:\Windows\Prefetch\MENCODER-ALTERNATE.EXE-48F7174C.pf --------- 265910 
 04.07.2011 19:29    C:\Windows\Prefetch\MPLAYER.EXE-51720C44.pf --------- 35322 
 04.07.2011 19:29    C:\Windows\Prefetch\PMS.EXE-8E4C125F.pf --------- 56624 
 04.07.2011 19:00    C:\Windows\Prefetch\WSQMCONS.EXE-4048402C.pf --------- 5644 
 04.07.2011 18:10    C:\Windows\Prefetch\ROMETW.EXE-C3EC5948.pf --------- 120746 
 04.07.2011 18:10    C:\Windows\Prefetch\RUNDLL32.EXE-F2D1D602.pf --------- 34648 
 04.07.2011 17:42    C:\Windows\Prefetch\RUNDLL32.EXE-0D53616E.pf --------- 8916 
 04.07.2011 16:49    C:\Windows\Prefetch\DLLHOST.EXE-851C5C91.pf --------- 63686 
 04.07.2011 16:49    C:\Windows\Prefetch\DLLHOST.EXE-D9DCD0F3.pf --------- 22374 
 04.07.2011 16:49    C:\Windows\Prefetch\CONTROL.EXE-6EA5489A.pf --------- 40620 
 04.07.2011 16:42    C:\Windows\Prefetch\ALU.EXE-9B0B947C.pf --------- 196404 
 04.07.2011 16:13    C:\Windows\Prefetch\MPSIGSTUB.EXE-5D0450B3.pf --------- 104414 
 04.07.2011 16:13    C:\Windows\Prefetch\AM_DELTA_PATCH3.EXE-59ED4F7A.pf --------- 8078 
 04.07.2011 16:13    C:\Windows\Prefetch\WUAUCLT.EXE-5D573F0E.pf --------- 160832 
 04.07.2011 16:05    C:\Windows\Prefetch\SC.EXE-6C4D4413.pf --------- 11526 
 04.07.2011 16:04    C:\Windows\Prefetch\ICQ.EXE-C3335CE7.pf --------- 416288 
 04.07.2011 16:03    C:\Windows\Prefetch\ICQUPDATER.EXE-431C4656.pf --------- 32058 
 04.07.2011 16:03    C:\Windows\Prefetch\ICQ.EXE-C93A72AA.pf --------- 42166 
 04.07.2011 06:26    C:\Windows\Prefetch\LOGONUI.EXE-F639BD7E.pf --------- 43814 
 04.07.2011 06:19    C:\Windows\Prefetch\AVSCAN.EXE-3D14B848.pf --------- 198180 
 04.07.2011 06:18    C:\Windows\Prefetch\GUARDGUI.EXE-F5BE2664.pf --------- 18472 
 04.07.2011 04:19    C:\Windows\Prefetch\Layout.ini --------- 1526030 
 04.07.2011 02:30    C:\Windows\Prefetch\AITAGENT.EXE-08FB63FE.pf --------- 2240 
 04.07.2011 00:30    C:\Windows\Prefetch\RUNDLL32.EXE-6FD72002.pf --------- 110382 
 04.07.2011 00:20    C:\Windows\Prefetch\PING.EXE-4A8A6853.pf --------- 14244 
 04.07.2011 00:20    C:\Windows\Prefetch\W32TM.EXE-C4E0F88E.pf --------- 14928 
 04.07.2011 00:19    C:\Windows\Prefetch\CSC.EXE-0E09149C.pf --------- 48056 
 04.07.2011 00:19    C:\Windows\Prefetch\CVTRES.EXE-F4BA0E72.pf --------- 12370 
 04.07.2011 00:19    C:\Windows\Prefetch\SDIAGNHOST.EXE-B3171AA1.pf --------- 38906 
 04.07.2011 00:19    C:\Windows\Prefetch\SVCHOST.EXE-6A249820.pf --------- 18662 
 04.07.2011 00:19    C:\Windows\Prefetch\VSSVC.EXE-6C8F0C66.pf --------- 25032 
 04.07.2011 00:19    C:\Windows\Prefetch\RUNDLL32.EXE-51CCB287.pf --------- 67052 
 03.07.2011 22:05    C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 3455094 
 03.07.2011 14:39    C:\Windows\Prefetch\AVK.EXE-DB53F0E8.pf --------- 32784 
 03.07.2011 14:37    C:\Windows\Prefetch\MSIEXEC.EXE-CDBFC0F7.pf --------- 98566 
 02.07.2011 18:29    C:\Windows\Prefetch\SVCHOST.EXE-F31BDE28.pf --------- 9436 
 01.07.2011 11:16    C:\Windows\Prefetch\AgCx_SC4.db --------- 312141 
 05.11.2010 22:21    C:\Windows\Prefetch\AgCx_SC1.db --------- 511156 
 05.11.2010 22:20    C:\Windows\Prefetch\AgCx_SC1.db.trx --------- 35106 
 05.11.2010 11:20    C:\Windows\Prefetch\AgAppLaunch.db --------- 334168 
----------------------------------------

 
C:\Windows\Tasks

 05.07.2011 10:14    C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1106 
 05.07.2011 10:14    C:\Windows\Tasks\SA.DAT --------- 6 
 05.07.2011 08:55    C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 1110 
 23.04.2011 20:28    C:\Windows\Tasks\SCHEDLGU.TXT --------- 32640 
----------------------------------------

 
C:\Windows\Temp

 05.07.2011 10:24    C:\Windows\Temp\MpCmdRun.log --------- 165316 
 05.07.2011 10:14    C:\Windows\Temp\HPSLPSVC0024.log --------- 2247 
 05.07.2011 10:14    C:\Windows\Temp\hpqddsvc.log --------- 22410 
 05.07.2011 09:25    C:\Windows\Temp\HPSLPSVC0023.log --------- 3851 
 05.07.2011 09:24    C:\Windows\Temp\fwtsqmfile18.sqm --------- 608 
 05.07.2011 08:59    C:\Windows\Temp\fwtsqmfile17.sqm --------- 608 
 05.07.2011 08:39    C:\Windows\Temp\HPSLPSVC0022.log --------- 3229 
 04.07.2011 22:52    C:\Windows\Temp\fwtsqmfile16.sqm --------- 608 
 04.07.2011 22:27    C:\Windows\Temp\HPSLPSVC0021.log --------- 3229 
 04.07.2011 21:55    C:\Windows\Temp\TMP0000017B2D73BC9CCFB132D6 --------- 524288 
 04.07.2011 17:42    C:\Windows\Temp\fwtsqmfile15.sqm --------- 608 
 04.07.2011 16:13    C:\Windows\Temp\MpSigStub.log --------- 20402 
 04.07.2011 16:13    C:\Windows\Temp\A6BFEEFC-1587-4D30-96C2-2AB41B4D922F-Sigs --------- 0 
 04.07.2011 16:02    C:\Windows\Temp\HPSLPSVC0020.log --------- 6666 
 04.07.2011 06:26    C:\Windows\Temp\HPSLPSVC0019.log --------- 8761 
 04.07.2011 02:10    C:\Windows\Temp\fwtsqmfile14.sqm --------- 608 
 03.07.2011 16:34    C:\Windows\Temp\AVSETUP_4e107d5c --------- 0 
 03.07.2011 14:39    C:\Windows\Temp\GDATA_Online_Update --------- 0 
 03.07.2011 14:38    C:\Windows\Temp\_avast4_ --------- 0 
 03.07.2011 13:45    C:\Windows\Temp\fwtsqmfile13.sqm --------- 608 
 03.07.2011 11:37    C:\Windows\Temp\HPSLPSVC0018.log --------- 5005 
 03.07.2011 09:04    C:\Windows\Temp\HPSLPSVC0017.log --------- 3851 
 03.07.2011 09:04    C:\Windows\Temp\fwtsqmfile12.sqm --------- 608 
 03.07.2011 07:59    C:\Windows\Temp\HPSLPSVC0016.log --------- 3851 
 03.07.2011 07:59    C:\Windows\Temp\fwtsqmfile11.sqm --------- 608 
 03.07.2011 07:55    C:\Windows\Temp\HPSLPSVC0015.log --------- 3206 
 02.07.2011 20:32    C:\Windows\Temp\fwtsqmfile10.sqm --------- 608 
 02.07.2011 20:09    C:\Windows\Temp\MPTelemetrySubmit --------- 0 
 02.07.2011 09:17    C:\Windows\Temp\HPSLPSVC0014.log --------- 2247 
 02.07.2011 08:39    C:\Windows\Temp\GoogleToolbarInstaller1.log --------- 6067 
 02.07.2011 08:38    C:\Windows\Temp\Google Toolbar --------- 0 
 02.07.2011 08:36    C:\Windows\Temp\GoogleToolbarInstaller2.log --------- 464 
 02.07.2011 08:34    C:\Windows\Temp\HPSLPSVC0013.log --------- 3229 
 01.07.2011 22:29    C:\Windows\Temp\HPSLPSVC0012.log --------- 2247 
 01.07.2011 19:48    C:\Windows\Temp\HPSLPSVC0011.log --------- 2247 
 01.07.2011 19:37    C:\Windows\Temp\fwtsqmfile09.sqm --------- 608 
 01.07.2011 19:09    C:\Windows\Temp\HPSLPSVC0010.log --------- 3229 
 01.07.2011 16:57    C:\Windows\Temp\HPSLPSVC0009.log --------- 3851 
 01.07.2011 16:57    C:\Windows\Temp\fwtsqmfile08.sqm --------- 608 
 01.07.2011 15:52    C:\Windows\Temp\HPSLPSVC0008.log --------- 3851 
 01.07.2011 15:52    C:\Windows\Temp\fwtsqmfile07.sqm --------- 608 
 01.07.2011 15:21    C:\Windows\Temp\HPSLPSVC0007.log --------- 3851 
 01.07.2011 15:20    C:\Windows\Temp\fwtsqmfile06.sqm --------- 608 
 01.07.2011 15:08    C:\Windows\Temp\HPSLPSVC0006.log --------- 3851 
 01.07.2011 15:08    C:\Windows\Temp\fwtsqmfile05.sqm --------- 608 
 01.07.2011 11:14    C:\Windows\Temp\HPSLPSVC0005.log --------- 2247 
 01.07.2011 11:13    C:\Windows\Temp\HPSLPSVC0004.log --------- 3851 
 01.07.2011 11:10    C:\Windows\Temp\FXSAPIDebugLogFile.txt --------- 0 
 01.07.2011 11:10    C:\Windows\Temp\FXSTIFFDebugLogFile.txt --------- 0 
 30.06.2011 19:25    C:\Windows\Temp\HPSLPSVC0003.log --------- 3852 
 30.06.2011 19:25    C:\Windows\Temp\fwtsqmfile04.sqm --------- 608 
 30.06.2011 19:25    C:\Windows\Temp\WERE496.tmp.hdmp --------- 0 
 30.06.2011 19:25    C:\Windows\Temp\WERE495.tmp.WERInternalMetadata.xml --------- 3030 
 30.06.2011 19:25    C:\Windows\Temp\WERE456.tmp.appcompat.txt --------- 5712 
 30.06.2011 18:40    C:\Windows\Temp\fwtsqmfile03.sqm --------- 608 
 30.06.2011 18:40    C:\Windows\Temp\HPSLPSVC0002.log --------- 3851 
 29.06.2011 18:56    C:\Windows\Temp\HPSLPSVC0001.log --------- 3851 
 29.06.2011 18:56    C:\Windows\Temp\fwtsqmfile02.sqm --------- 608 
 29.06.2011 18:52    C:\Windows\Temp\HPSLPSVC0000.log --------- 3851 
 29.06.2011 18:52    C:\Windows\Temp\fwtsqmfile01.sqm --------- 608 
 29.06.2011 16:37    C:\Windows\Temp\HPSLPSVC0312.log --------- 3851 
 29.06.2011 16:37    C:\Windows\Temp\fwtsqmfile00.sqm --------- 608 
 29.06.2011 16:17    C:\Windows\Temp\HPSLPSVC0311.log --------- 3851 
----------------------------------------

 
C:\Users\Mike\AppData\Local\Temp

 05.07.2011 10:51    C:\Users\Mike\AppData\Local\Temp\hjtscanlist.zip --------- 2097 
 05.07.2011 10:25    C:\Users\Mike\AppData\Local\Temp\plugtmp-1 --------- 0 
 05.07.2011 10:19    C:\Users\Mike\AppData\Local\Temp\jusched.log --------- 13079 
 05.07.2011 10:15    C:\Users\Mike\AppData\Local\Temp\CVRE61.tmp.cvr --------- 0 
 05.07.2011 10:15    C:\Users\Mike\AppData\Local\Temp\hpqddusr.log --------- 4770 
 05.07.2011 10:15    C:\Users\Mike\AppData\Local\Temp\MARC6F7.tmp --------- 1285 
 05.07.2011 10:15    C:\Users\Mike\AppData\Local\Temp\MARC6A8.tmp --------- 1313 
 05.07.2011 10:14    C:\Users\Mike\AppData\Local\Temp\boost_interprocess --------- 0 
 05.07.2011 10:14    C:\Users\Mike\AppData\Local\Temp\WPDNSE --------- 0 
 05.07.2011 09:20    C:\Users\Mike\AppData\Local\Temp\MARD153.tmp --------- 1285 
 05.07.2011 09:20    C:\Users\Mike\AppData\Local\Temp\MARD133.tmp --------- 1313 
 05.07.2011 08:59    C:\Users\Mike\AppData\Local\Temp\CVR6FA3.tmp.cvr --------- 0 
 05.07.2011 08:39    C:\Users\Mike\AppData\Local\Temp\MARE63A.tmp --------- 1285 
 05.07.2011 08:39    C:\Users\Mike\AppData\Local\Temp\MARE629.tmp --------- 1313 
 04.07.2011 22:50    C:\Users\Mike\AppData\Local\Temp\CVR109.tmp.cvr --------- 0 
 04.07.2011 22:38    C:\Users\Mike\AppData\Local\Temp\CVR9202.tmp.cvr --------- 0 
 04.07.2011 22:27    C:\Users\Mike\AppData\Local\Temp\MARE050.tmp --------- 1285 
 04.07.2011 22:27    C:\Users\Mike\AppData\Local\Temp\MARD529.tmp --------- 1313 
 04.07.2011 22:11    C:\Users\Mike\AppData\Local\Temp\hsperfdata_Mike --------- 0 
 04.07.2011 22:10    C:\Users\Mike\AppData\Local\Temp\uninstall.exe2 --------- 0 
 04.07.2011 21:38    C:\Users\Mike\AppData\Local\Temp\plugtmp --------- 0 
 04.07.2011 21:36    C:\Users\Mike\AppData\Local\Temp\~DFB3417C48630F997E.TMP --------- 147456 
 04.07.2011 19:29    C:\Users\Mike\AppData\Local\Temp\jna8174536982898709521.dll --------- 349255 
 04.07.2011 18:10    C:\Users\Mike\AppData\Local\Temp\CVREFF.tmp.cvr --------- 0 
 04.07.2011 16:55    C:\Users\Mike\AppData\Local\Temp\CVRAE58.tmp.cvr --------- 0 
 04.07.2011 16:32    C:\Users\Mike\AppData\Local\Temp\CVR9C7D.tmp.cvr --------- 0 
 04.07.2011 16:03    C:\Users\Mike\AppData\Local\Temp\CVR47E8.tmp.cvr --------- 0 
 04.07.2011 16:03    C:\Users\Mike\AppData\Local\Temp\MARD5D5.tmp --------- 1285 
 04.07.2011 16:03    C:\Users\Mike\AppData\Local\Temp\MARD307.tmp --------- 1313 
 04.07.2011 06:21    C:\Users\Mike\AppData\Local\Temp\CVRB5B1.tmp.cvr --------- 0 
 03.07.2011 22:05    C:\Users\Mike\AppData\Local\Temp\MAR3B1D.tmp --------- 1285 
 03.07.2011 22:05    C:\Users\Mike\AppData\Local\Temp\MAR3AED.tmp --------- 1313 
 03.07.2011 21:55    C:\Users\Mike\AppData\Local\Temp\~DF647474691DEF1A9F.TMP --------- 147456 
 03.07.2011 21:20    C:\Users\Mike\AppData\Local\Temp\CVR8B48.tmp.cvr --------- 0 
 03.07.2011 21:01    C:\Users\Mike\AppData\Local\Temp\CVRF531.tmp.cvr --------- 0 
 03.07.2011 18:21    C:\Users\Mike\AppData\Local\Temp\CVR3D07.tmp.cvr --------- 0 
 03.07.2011 17:41    C:\Users\Mike\AppData\Local\Temp\jna1187094882759175572.dll --------- 349255 
 03.07.2011 16:27    C:\Users\Mike\AppData\Local\Temp\CVR26C6.tmp.cvr --------- 0 
 03.07.2011 14:37    C:\Users\Mike\AppData\Local\Temp\is5015.tmp --------- 0 
 03.07.2011 13:27    C:\Users\Mike\AppData\Local\Temp\CVR92BF.tmp.cvr --------- 0 
 03.07.2011 13:00    C:\Users\Mike\AppData\Local\Temp\wmplog00.sqm --------- 1570 
 03.07.2011 12:59    C:\Users\Mike\AppData\Local\Temp\wmsetup.log --------- 3449 
 03.07.2011 12:54    C:\Users\Mike\AppData\Local\Temp\cookies.sqlite --------- 524288 
 03.07.2011 12:47    C:\Users\Mike\AppData\Local\Temp\CVRD8B3.tmp.cvr --------- 0 
 03.07.2011 11:37    C:\Users\Mike\AppData\Local\Temp\MARBAE6.tmp --------- 1285 
 03.07.2011 11:37    C:\Users\Mike\AppData\Local\Temp\MARB73D.tmp --------- 1313 
 03.07.2011 08:49    C:\Users\Mike\AppData\Local\Temp\CVR3800.tmp.cvr --------- 0 
 03.07.2011 08:48    C:\Users\Mike\AppData\Local\Temp\MARB55A.tmp --------- 1285 
 03.07.2011 08:48    C:\Users\Mike\AppData\Local\Temp\MARB144.tmp --------- 1313 
 03.07.2011 07:56    C:\Users\Mike\AppData\Local\Temp\MARC5BF.tmp --------- 1285 
 03.07.2011 07:56    C:\Users\Mike\AppData\Local\Temp\MARC5AE.tmp --------- 1313 
 03.07.2011 07:49    C:\Users\Mike\AppData\Local\Temp\CVR98E3.tmp.cvr --------- 0 
 02.07.2011 23:42    C:\Users\Mike\AppData\Local\Temp\CVR2985.tmp.cvr --------- 0 
 02.07.2011 22:23    C:\Users\Mike\AppData\Local\Temp\CVR12C9.tmp.cvr --------- 0 
 02.07.2011 21:19    C:\Users\Mike\AppData\Local\Temp\CVR46F1.tmp.cvr --------- 0 
 02.07.2011 19:16    C:\Users\Mike\AppData\Local\Temp\CVR65D4.tmp.cvr --------- 0 
 02.07.2011 18:27    C:\Users\Mike\AppData\Local\Temp\MARF25A.tmp --------- 1285 
 02.07.2011 18:27    C:\Users\Mike\AppData\Local\Temp\MARF259.tmp --------- 1313 
 02.07.2011 18:14    C:\Users\Mike\AppData\Local\Temp\CVR9E3B.tmp.cvr --------- 0 
 02.07.2011 18:08    C:\Users\Mike\AppData\Local\Temp\~DFE16AE67A3108B3AC.TMP --------- 147456 
 02.07.2011 13:27    C:\Users\Mike\AppData\Local\Temp\CVREC94.tmp.cvr --------- 0 
 02.07.2011 11:48    C:\Users\Mike\AppData\Local\Temp\CVR3841.tmp.cvr --------- 0 
 02.07.2011 11:20    C:\Users\Mike\AppData\Local\Temp\CVR5552.tmp.cvr --------- 0 
 02.07.2011 11:17    C:\Users\Mike\AppData\Local\Temp\15116100997249803.tmp --------- 1224 
 02.07.2011 10:22    C:\Users\Mike\AppData\Local\Temp\{5640E466-F126-4DA3-A8CD-6D7B78A2188C} --------- 0 
 02.07.2011 09:45    C:\Users\Mike\AppData\Local\Temp\jna5317992783073305914.dll --------- 349255 
 02.07.2011 09:39    C:\Users\Mike\AppData\Local\Temp\ps3mediaserver --------- 0 
 02.07.2011 09:30    C:\Users\Mike\AppData\Local\Temp\AUCHECK_PARSER.txt --------- 183 
 02.07.2011 09:30    C:\Users\Mike\AppData\Local\Temp\JAUReg.log --------- 160 
 02.07.2011 09:30    C:\Users\Mike\AppData\Local\Temp\java_install_reg.log --------- 11905 
 02.07.2011 09:30    C:\Users\Mike\AppData\Local\Temp\java_install.log --------- 57372 
 02.07.2011 09:29    C:\Users\Mike\AppData\Local\Temp\java_install_sp.log --------- 1227 
 02.07.2011 09:27    C:\Users\Mike\AppData\Local\Temp\CVRC60C.tmp.cvr --------- 0 
 02.07.2011 09:26    C:\Users\Mike\AppData\Local\Temp\Google Toolbar --------- 0 
 02.07.2011 09:17    C:\Users\Mike\AppData\Local\Temp\MARC14C.tmp --------- 1285 
 02.07.2011 09:17    C:\Users\Mike\AppData\Local\Temp\MARC14B.tmp --------- 1313 
 02.07.2011 08:39    C:\Users\Mike\AppData\Local\Temp\~DFE926B65C78F2FEA5.TMP --------- 147456 
 02.07.2011 08:36    C:\Users\Mike\AppData\Local\Temp\1038429291158918.tmp --------- 4 
 02.07.2011 08:35    C:\Users\Mike\AppData\Local\Temp\4153031819154004.tmp --------- 4429 
 02.07.2011 08:35    C:\Users\Mike\AppData\Local\Temp\1511610099149714.tmp --------- 1224 
 02.07.2011 08:34    C:\Users\Mike\AppData\Local\Temp\MARE43.tmp --------- 1285 
 02.07.2011 08:34    C:\Users\Mike\AppData\Local\Temp\MARE32.tmp --------- 1313 
 01.07.2011 22:29    C:\Users\Mike\AppData\Local\Temp\MARE55F.tmp --------- 1285 
 01.07.2011 22:29    C:\Users\Mike\AppData\Local\Temp\MARE54F.tmp --------- 1313 
 01.07.2011 22:28    C:\Users\Mike\AppData\Local\Temp\WER-35615-0.sysdata.xml --------- 201768 
 01.07.2011 21:12    C:\Users\Mike\AppData\Local\Temp\15116100995079189.tmp --------- 1224 
 01.07.2011 19:57    C:\Users\Mike\AppData\Local\Temp\~DF45EA174E3F425514.TMP --------- 147456 
 01.07.2011 19:56    C:\Users\Mike\AppData\Local\Temp\~DF19D9EFC841DF6573.TMP --------- 28672 
 01.07.2011 19:52    C:\Users\Mike\AppData\Local\Temp\~DFE0C5A06067CA197A.TMP --------- 16384 
 01.07.2011 19:52    C:\Users\Mike\AppData\Local\Temp\WLZ7869.tmp --------- 0 
 01.07.2011 19:49    C:\Users\Mike\AppData\Local\Temp\27C2CAE9-1E08-4D13-BFC5-88FAE7B43C41 --------- 0 
 01.07.2011 19:48    C:\Users\Mike\AppData\Local\Temp\MARB4CE.tmp --------- 1285 
 01.07.2011 19:48    C:\Users\Mike\AppData\Local\Temp\MARB4BD.tmp --------- 1313 
 01.07.2011 19:18    C:\Users\Mike\AppData\Local\Temp\1038429291560293.tmp --------- 4 
 01.07.2011 19:17    C:\Users\Mike\AppData\Local\Temp\4153031819499998.tmp --------- 4429 
 01.07.2011 19:12    C:\Users\Mike\AppData\Local\Temp\1511610099195048.tmp --------- 1224 
 01.07.2011 19:11    C:\Users\Mike\AppData\Local\Temp\{d54176c9-b4f9-4d86-a743-6997a57b2008} --------- 0 
 01.07.2011 19:10    C:\Users\Mike\AppData\Local\Temp\MARAE58.tmp --------- 1285 
 01.07.2011 19:10    C:\Users\Mike\AppData\Local\Temp\MARAE57.tmp --------- 1313 
 01.07.2011 16:52    C:\Users\Mike\AppData\Local\Temp\msdtadmin --------- 0 
 01.07.2011 16:48    C:\Users\Mike\AppData\Local\Temp\2011-07-01-16-48-install-summary.html --------- 4722 
 01.07.2011 16:48    C:\Users\Mike\AppData\Local\Temp\2011-07-01-16-48-install.log --------- 1615451 
 01.07.2011 16:01    C:\Users\Mike\AppData\Local\Temp\CVR9A1C.tmp.cvr --------- 0 
 01.07.2011 15:58    C:\Users\Mike\AppData\Local\Temp\Low --------- 0 
 05.11.2010 12:25    C:\Users\Mike\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0 
----------------------------------------

 
C:\Program Files

 02.07.2011 19:25    C:\Program Files\Microsoft Security Client --------- 4096 
 01.07.2011 15:52    C:\Program Files\iTunes --------- 4096 
 01.07.2011 15:52    C:\Program Files\iPod --------- 0 
 01.07.2011 15:49    C:\Program Files\Bonjour --------- 0 
 01.07.2011 15:43    C:\Program Files\Java --------- 0 
 01.07.2011 11:12    C:\Program Files\Internet Explorer --------- 4096 
 30.06.2011 19:23    C:\Program Files\Windows Sidebar --------- 4096 
 30.06.2011 19:23    C:\Program Files\Windows Mail --------- 4096 
 30.06.2011 19:23    C:\Program Files\DVD Maker --------- 4096 
 30.06.2011 19:23    C:\Program Files\Windows Portable Devices --------- 0 
 30.06.2011 19:23    C:\Program Files\Windows Media Player --------- 4096 
 30.06.2011 19:23    C:\Program Files\Windows Photo Viewer --------- 4096 
 30.06.2011 19:23    C:\Program Files\Windows Journal --------- 4096 
 30.06.2011 19:23    C:\Program Files\Windows Defender --------- 4096 
 29.06.2011 16:30    C:\Program Files\CCleaner --------- 0 
 23.06.2011 16:46    C:\Program Files\Activision --------- 0 
 10.11.2010 09:24    C:\Program Files\WBFS --------- 0 
 05.11.2010 13:39    C:\Program Files\Microsoft Office --------- 0 
 05.11.2010 13:02    C:\Program Files\Common Files --------- 4096 
 05.11.2010 12:53    C:\Program Files\WinRAR --------- 4096 
 05.11.2010 12:22    C:\Program Files\eMachines Accessory Store --------- 0 
 05.11.2010 12:22    C:\Program Files\Windows NT --------- 4096 
 05.11.2010 12:22    C:\Program Files\Gemeinsame Dateien --------- 0 
 26.05.2010 07:22    C:\Program Files\Realtek --------- 0 
 26.05.2010 07:20    C:\Program Files\NVIDIA Corporation --------- 0 
 22.05.2010 08:19    C:\Program Files\eMachines --------- 0 
 22.05.2010 08:14    C:\Program Files\Google --------- 0 
 22.05.2010 07:57    C:\Program Files\Preload --------- 0 
 14.07.2009 09:45    C:\Program Files\Microsoft Games --------- 4096 
 14.07.2009 07:32    C:\Program Files\Reference Assemblies --------- 0 
 14.07.2009 07:32    C:\Program Files\MSBuild --------- 0 
 14.07.2009 07:09    C:\Program Files\Uninstall Information --------- 0 
 14.07.2009 06:54    C:\Program Files\desktop.ini --------- 174 
----------------------------------------

 
C:\ProgramData\..

Mike   
Default   
Public   
Default User   
All Users   
desktop.ini   
----------------------------------------

 
C:\Windows\system32\drivers\etc\hosts

74.208.10.249 gs.apple.com

----------------------------------------

 

Abbildname                    PID Sitzungsname      Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process              0 Services                  0            24 K
System                          4 Services                  0        1.940 K
smss.exe                      296 Services                  0        1.108 K
csrss.exe                      440 Services                  0        4.168 K
wininit.exe                    516 Services                  0        4.292 K
csrss.exe                      532 Console                    1        7.432 K
services.exe                  564 Services                  0        10.440 K
lsass.exe                      588 Services                  0        11.568 K
lsm.exe                        596 Services                  0        4.152 K
svchost.exe                    708 Services                  0        9.040 K
nvvsvc.exe                    784 Services                  0        3.716 K
svchost.exe                    832 Services                  0        9.196 K
winlogon.exe                  860 Console                    1        6.796 K
MsMpEng.exe                    920 Services                  0        70.724 K
svchost.exe                    988 Services                  0        24.100 K
svchost.exe                    108 Services                  0      133.964 K
svchost.exe                    460 Services                  0        37.024 K
svchost.exe                  1096 Services                  0        16.540 K
svchost.exe                  1184 Services                  0        15.832 K
nvvsvc.exe                    1436 Console                    1        7.776 K
spoolsv.exe                  1500 Services                  0        15.192 K
sched.exe                    1528 Services                  0        2.032 K
svchost.exe                  1588 Services                  0        25.436 K
taskhost.exe                  1740 Console                    1        9.824 K
dwm.exe                      1820 Console                    1        24.420 K
explorer.exe                  1868 Console                    1        52.808 K
aavus.exe                    2024 Services                  0        4.824 K
NetworkLicenseServer.exe      2044 Services                  0        8.800 K
avguard.exe                  1316 Services                  0        11.800 K
AppleMobileDeviceService.    1472 Services                  0        7.208 K
mDNSResponder.exe            1352 Services                  0        5.404 K
svchost.exe                  2056 Services                  0        16.432 K
GregHSRW.exe                  2088 Services                  0        4.700 K
avshadow.exe                  2100 Services                  0        3.900 K
conhost.exe                  2108 Services                  0        2.508 K
svchost.exe                  2188 Services                  0        7.624 K
ICQ Service.exe              2208 Services                  0        6.240 K
svchost.exe                  2236 Services                  0        3.452 K
svchost.exe                  2300 Services                  0        3.428 K
svchost.exe                  2356 Services                  0        5.252 K
RAVCpl64.exe                  2452 Console                    1        9.960 K
msseces.exe                  2460 Console                    1        13.660 K
GoogleToolbarNotifier.exe    2468 Console                    1        2.120 K
daemon.exe                    2572 Console                    1        12.204 K
UpdaterService.exe            2624 Services                  0        3.684 K
hpqtra08.exe                  2704 Console                    1        10.472 K
HotkeyUtility.exe            2288 Console                    1        11.320 K
hpwuschd2.exe                2652 Console                    1        3.400 K
winampa.exe                  2780 Console                    1        4.080 K
iTunesHelper.exe              1444 Console                    1        12.532 K
mbamgui.exe                  2840 Console                    1        7.152 K
jusched.exe                    960 Console                    1        4.184 K
avgnt.exe                    1416 Console                    1        2.684 K
HotkeyUI.exe                  2764 Console                    1        33.052 K
SearchIndexer.exe            3148 Services                  0        24.184 K
svchost.exe                  3404 Services                  0        7.484 K
NisSrv.exe                    3728 Services                  0        3.504 K
wmpnetwk.exe                  3832 Services                  0        10.560 K
WUDFHost.exe                  4088 Services                  0        5.872 K
iPodService.exe              3448 Services                  0        6.856 K
svchost.exe                  4320 Services                  0        13.984 K
OUTLOOK.EXE                  4936 Console                    1        73.184 K
OSPPSVC.EXE                  5096 Services                  0        12.008 K
firefox.exe                  4688 Console                    1      125.908 K
plugin-container.exe          4564 Console                    1        15.428 K
mbamservice.exe              4156 Services                  0        39.640 K
OTL.exe                      1944 Console                    1        24.296 K
SearchProtocolHost.exe        2316 Services                  0        8.384 K
SearchFilterHost.exe          5072 Services                  0        6.268 K
cmd.exe                      5088 Console                    1        3.716 K
conhost.exe                  2432 Console                    1        5.592 K
dllhost.exe                  3312 Console                    1        5.520 K
tasklist.exe                  4992 Console                    1        5.336 K
WmiPrvSE.exe                  2924 Services                  0        5.968 K

 
***** Ende des Scans 05.07.2011 um 10:52:40,31 ***

Mike1985 05.07.2011 10:00
Code:
ABBYY PDF Transformer 3.0        ABBYY        21.05.2010                3.00.145.7091
Acrobat.com        Adobe Systems Incorporated        20.05.2010        1,61MB        1.6.65
Adobe AIR        Adobe Systems Inc.        21.05.2010                1.5.0.7220
Adobe Flash Player 10 ActiveX        Adobe Systems Incorporated        25.05.2010                10.0.32.18
Adobe Flash Player 10 Plugin        Adobe Systems Incorporated        24.03.2011        6,00MB        10.2.153.1
Adobe Reader 9.1 MUI        Adobe Systems Incorporated        20.05.2010        650MB        9.1.0
Apple Application Support        Apple Inc.        30.06.2011        51,0MB        1.5.2
Apple Mobile Device Support        Apple Inc.        30.06.2011        22,7MB        3.4.1.2
Apple Software Update        Apple Inc.        30.06.2011        2,25MB        2.1.3.127
Avira AntiVir Personal - Free Antivirus        Avira GmbH        02.07.2011        74,3MB        10.0.0.650
Bonjour        Apple Inc.        30.06.2011        1,79MB        2.0.5.0
Brockhaus multimedial 2010        wissenmedia GmbH        20.05.2010        800MB        12.00.0000
CCleaner        Piriform        28.06.2011                3.08
Conduit Engine        Conduit Ltd.        15.04.2011               
CyberLink PowerDVD 9        CyberLink Corp.        25.05.2010        113,7MB        9.0.2610.50
Driver Mender        Driver Mender        13.11.2010        7,77MB        8.0.1
DVDVideoSoftTB Toolbar        DVDVideoSoftTB        15.04.2011                6.3.3.3
eBay Worldwide        OEM        04.11.2010        100,00KB        2.1.0901
eMachines Games        WildTangent        25.05.2010                1.0.0.80
eMachines Recovery Management        Acer Incorporated        20.05.2010                4.05.3007
eMachines Registration        Acer Incorporated        25.05.2010                1.02.3006
eMachines ScreenSaver        eMachines Incorporated        25.05.2010                1.1.0812
eMachines Updater        Acer Incorporated        20.05.2010                1.02.3001
EVEREST Home Edition v2.20        Lavalys Inc        05.06.2011                2.20
Free Audio CD Burner version 1.4.7        DVDVideoSoft Limited.        14.04.2011        10,7MB       
Free YouTube Download 2.10        DVDVideoSoft Limited.        06.11.2010        26,1MB       
Free YouTube to MP3 Converter version 3.9.35.324        DVDVideoSoft Limited.        14.04.2011        36,0MB       
Google Toolbar for Internet Explorer        Google Inc.        01.07.2011                7.1.1821.1806
Hotkey Utility        Acer Incorporated        25.05.2010                2.05.3003
HP Customer Participation Program 14.0        HP        13.11.2010                14.0
HP Imaging Device Functions 14.0        HP        13.11.2010                14.0
HP Photosmart Plus B209a-m All-in-One Driver Software 14.0 Rel. 6        HP        13.11.2010                14.0
HP Smart Web Printing 4.60        HP        13.11.2010                4.60
HP Solution Center 14.0        HP        13.11.2010                14.0
HP Update        Hewlett-Packard        13.11.2010        2,97MB        5.002.002.002
ICQ Toolbar        ICQ        20.05.2011                3.0.0
ICQ7.5        ICQ        20.05.2011                7.5
Identity Card        Acer Incorporated        25.05.2010                1.00.3003
iTunes        Apple Inc.        30.06.2011        145,0MB        10.3.1.55
Java(TM) 6 Update 26        Oracle        01.07.2011        97,1MB        6.0.260
JDownloader        AppWork UG (haftungsbeschränkt)        05.03.2011               
Malwarebytes' Anti-Malware Version 1.51.0.1200        Malwarebytes Corporation        30.06.2011        13,8MB        1.51.0.1200
Microsoft Office 2010        Microsoft Corporation        25.05.2010        6,31MB        14.0.4763.1000
Microsoft Office Professional Plus 2010        Microsoft Corporation        04.11.2010                14.0.4763.1000
Microsoft Security Essentials        Microsoft Corporation        01.07.2011                2.1.1116.0
Microsoft Silverlight        Microsoft Corporation        15.06.2011        128,5MB        4.0.60531.0
Microsoft SQL Server 2005 Compact Edition [ENU]        Microsoft Corporation        25.05.2010        1,72MB        3.1.0000
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        15.06.2011        0,29MB        8.0.61001
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        06.11.2010        0,19MB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022        Microsoft Corporation        14.11.2010        1,42MB        9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729        Microsoft Corporation        05.11.2010        0,59MB        9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        15.06.2011        0,59MB        9.0.30729.6161
MobileMe Control Panel        Apple Inc.        13.11.2010        11,9MB        3.1.4.0
Mozilla Firefox 5.0 (x86 de)        Mozilla        28.06.2011        31,2MB        5.0
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        05.11.2010        1,28MB        4.20.9870.0
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        05.11.2010        1,33MB        4.20.9876.0
Nero 9 Essentials        Nero AG        20.05.2010               
Norton Online Backup        Symantec        20.05.2010        2,09MB        1.2.0.36
NVIDIA Display Control Panel        NVIDIA Corporation        25.05.2010                1.10
NVIDIA Drivers        NVIDIA Corporation        25.05.2010        65,1MB        1.10.57.35
NVIDIA PhysX        NVIDIA Corporation        05.11.2010        78,9MB        9.10.0513
PS3 Media Server        PS3 Media Server        01.07.2011        136,0MB        1.25.1
QuickTime        Apple Inc.        30.06.2011        73,7MB        7.69.80.9
Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        25.05.2010                6.0.1.5972
Rome - Total War(TM)        Ihr Firmenname        25.06.2011        2.346MB        1.0
Safari        Apple Inc.        13.11.2010        41,3MB        5.33.18.5
SF-Visitenkarte 11.00        Frank Stolzer        17.11.2010        81,4MB        11.00.000
Shop for HP Supplies        HP        13.11.2010                14.0
Steuer-Spar-Erklärung 2010        Akademische Arbeitsgemeinschaft Verlag        20.05.2010        297MB        15.03
Ubisoft Game Launcher        UBISOFT        14.11.2010                1.0.0.0
Uninstall 1.0.0.1                14.04.2011        10,9MB       
VLC media player 1.1.2        VideoLAN        12.06.2011                1.1.2
WBFS Manager 3.0        AlexDP        09.11.2010                3.0
Welcome Center        Acer Incorporated        25.05.2010                1.00.3013
Winamp        Nullsoft, Inc        28.03.2011                5.61
Winamp Erkennungs-Plug-in        Nullsoft, Inc        28.03.2011        75,00KB        1.0.0.1
Windows Live Anmelde-Assistent        Microsoft Corporation        25.05.2010        1,94MB        5.000.818.5
Windows Live Essentials        Microsoft Corporation        25.05.2010                14.0.8089.0726
Windows Live Sync        Microsoft Corporation        25.05.2010        2,79MB        14.0.8089.726
Windows Live-Uploadtool        Microsoft Corporation        25.05.2010        0,22MB        14.0.8014.1029
WinRAR                04.11.2010

Mike1985 05.07.2011 12:25
Hab jetzt probiert den OTL txt zu teilen, mal schaun.

Code:
OTL logfile created on: 05.07.2011 10:21:27 - Run 1
OTL by OldTimer - Version 3.2.26.0    Folder = C:\Users\Mike\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,60 Gb Available Physical Memory | 64,97% Memory free
10,83 Gb Paging File | 9,32 Gb Available in Paging File | 85,99% Paging File free
Paging file location(s): c:\pagefile.sys 7000 7000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 908,41 Gb Total Space | 470,01 Gb Free Space | 51,74% Space Free | Partition Type: NTFS
 
Computer Name: MIKE-PC | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Mike\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe ()
PRC - C:\Programme\eMachines\eMachines Updater\UpdaterService.exe (Acer Group)
PRC - C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe (ABBYY)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Mike\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (Updater Service) -- C:\Programme\eMachines\eMachines Updater\UpdaterService.exe (Acer Group)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (GameConsoleService) -- C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (Greg_Service) -- C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ABBYY.Licensing.PDFTransformer.Site License.3.0) -- C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe (ABBYY)
SRV - (AAV UpdateService) -- C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (acedrv09) -- C:\Windows\SysNative\drivers\acedrv09.sys ()
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GearAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0407&m=el1850&r=17361110q106pe405v115r46l2s834
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0407&m=el1850&r=17361110q106pe405v115r46l2s834
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0407&m=el1850&r=17361110q106pe405v115r46l2s834
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.t-online.de"
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.11.14 14:14:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.07.01 15:51:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKCU\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.11.14 14:14:06 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.07.01 15:51:07 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011.06.29 18:54:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\mozilla\Extensions
[2011.07.02 09:30:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.07.02 09:30:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2011.06.16 06:32:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.11.14 13:53:19 | 000,000,877 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 74.208.10.249 gs.apple.com
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  File not found
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBKeyScan]  File not found
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Mike\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Mike\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Mike\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Mike\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c346baca-2648-11e0-a75c-4487fca8727b}\Shell - "" = AutoRun
O33 - MountPoints2\{c346baca-2648-11e0-a75c-4487fca8727b}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.07.05 10:19:31 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2011.07.03 16:33:24 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Avira
[2011.07.03 16:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.07.03 16:32:17 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.07.03 16:32:17 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.07.03 16:32:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.07.03 16:32:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.07.03 14:38:00 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.07.02 19:24:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011.07.02 19:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011.07.02 09:30:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.07.02 09:30:30 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.07.02 09:30:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.07.02 09:30:30 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.07.02 09:29:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
[2011.07.02 09:29:19 | 000,000,000 | ---D | C] -- C:\ProgramData\PMS
[2011.07.02 09:29:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PS3 Media Server
[2011.07.01 19:56:57 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Malwarebytes
[2011.07.01 19:56:53 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.07.01 19:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.07.01 19:56:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.07.01 19:56:49 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.07.01 19:56:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.07.01 16:52:55 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Sun
[2011.07.01 16:46:42 | 000,000,000 | ---D | C] -- C:\glassfish3
[2011.07.01 15:52:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.07.01 15:52:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011.07.01 15:52:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.07.01 15:52:09 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.07.01 15:51:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.07.01 15:50:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.07.01 15:50:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.07.01 15:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011.07.01 15:49:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.07.01 15:43:25 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011.07.01 11:27:03 | 000,525,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2011.06.30 19:14:01 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.06.30 19:14:00 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011.06.30 19:14:00 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.06.30 19:14:00 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.06.30 19:14:00 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.06.30 19:14:00 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2011.06.30 19:14:00 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.06.30 19:14:00 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.06.30 19:14:00 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.06.30 19:14:00 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.06.30 19:14:00 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.06.30 19:14:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.06.30 19:14:00 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.06.30 19:13:59 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.06.30 19:13:59 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.06.30 19:13:59 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.06.30 19:13:59 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.06.30 19:13:59 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.06.30 19:13:59 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2011.06.30 19:13:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.06.30 19:13:59 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2011.06.30 19:13:59 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.06.30 19:13:59 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.06.30 19:13:59 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.06.30 19:13:59 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.06.30 19:13:59 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.06.30 19:13:59 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.06.30 19:13:59 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.06.30 19:13:59 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.06.30 19:13:59 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.06.30 19:13:59 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.06.30 19:13:59 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.06.30 19:13:58 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.06.30 19:13:58 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.06.30 19:13:58 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.06.30 19:13:58 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.06.30 19:13:58 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.06.30 19:13:58 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.06.30 19:13:58 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.06.30 19:13:58 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2011.06.30 19:13:57 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.06.30 19:13:57 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.06.30 19:13:57 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.06.30 19:13:57 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.06.30 19:13:57 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.06.30 19:13:57 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.06.30 19:13:57 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.06.30 19:13:57 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.06.30 19:13:57 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.06.30 19:13:57 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.06.30 19:13:57 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.06.30 19:13:57 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.06.30 19:13:57 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.06.30 19:13:57 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.06.30 19:13:57 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.06.30 19:13:57 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.06.30 19:13:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.06.30 19:13:57 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.06.30 19:13:57 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.06.30 19:13:56 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.06.30 19:13:56 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.06.30 19:13:56 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.06.30 19:13:56 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.06.30 19:13:56 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.06.30 19:13:56 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.06.30 19:13:56 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.06.30 19:13:56 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.06.30 19:13:56 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.06.30 19:13:56 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.06.30 19:13:56 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.06.30 19:13:56 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.06.30 19:13:56 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.06.30 19:13:56 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.06.30 19:13:56 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.06.30 19:13:56 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.06.30 19:13:56 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.06.30 19:13:56 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.06.30 19:13:56 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.06.30 18:59:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011.06.30 18:58:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011.06.29 18:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Mozilla
[2011.06.29 18:54:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.06.29 16:30:09 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.06.29 11:04:17 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2011.06.29 11:04:17 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cfgmgr32.dll
[2011.06.29 11:04:17 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2011.06.23 16:53:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rome - Total War
[2011.06.23 16:46:07 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2011.06.18 17:24:05 | 000,000,000 | ---D | C] -- C:\Users\Mike\Documents\My Games
[2011.06.18 17:24:05 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\Gas Powered Games
[2011.06.16 12:04:43 | 000,288,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2011.06.16 12:03:05 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011.06.14 19:26:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2011.06.13 21:00:11 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\vlc
[2011.06.13 20:59:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011.06.12 11:41:32 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2011.06.12 11:41:32 | 000,048,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2011.06.12 11:41:26 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2011.06.12 11:41:24 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2011.06.12 11:41:24 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2011.06.12 11:41:23 | 003,715,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2011.06.12 11:41:23 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2011.06.12 11:41:21 | 003,215,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011.06.12 11:41:19 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2011.06.12 11:41:19 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2011.06.12 11:41:19 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2011.06.12 11:41:18 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.06.12 11:41:17 | 014,633,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2011.06.12 11:41:17 | 002,314,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2011.06.12 11:41:15 | 003,205,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll
[2011.06.12 11:41:15 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2011.06.12 11:41:15 | 001,731,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011.06.12 11:41:15 | 000,902,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011.06.12 11:41:15 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.06.12 11:41:14 | 004,120,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2011.06.12 11:41:14 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll
[2011.06.12 11:41:14 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011.06.12 11:41:14 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2011.06.12 11:41:14 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2011.06.12 11:41:14 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2011.06.12 11:41:14 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2011.06.12 11:41:14 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2011.06.12 11:41:13 | 001,219,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2011.06.12 11:41:13 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2011.06.12 11:41:13 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2011.06.12 11:41:12 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2011.06.12 11:41:09 | 002,086,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2011.06.12 11:41:08 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011.06.12 11:41:08 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2011.06.12 11:41:08 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizui.dll
[2011.06.12 11:41:07 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll
[2011.06.12 11:41:07 | 001,340,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagperf.dll
[2011.06.12 11:41:06 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2011.06.12 11:41:06 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2011.06.12 11:41:05 | 001,753,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll
[2011.06.12 11:41:05 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2011.06.12 11:41:05 | 001,326,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NaturalLanguage6.dll
[2011.06.12 11:41:04 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll
[2011.06.12 11:41:04 | 002,872,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.06.12 11:41:04 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2011.06.12 11:41:04 | 000,299,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll
[2011.06.12 11:41:03 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2011.06.12 11:41:03 | 001,698,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011.06.12 11:41:02 | 003,027,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVCORE.DLL
[2011.06.12 11:41:02 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011.06.12 11:41:02 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spinstall.exe
[2011.06.12 11:41:02 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2011.06.12 11:41:02 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spreview.exe
[2011.06.12 11:41:02 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2011.06.12 11:41:02 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpdd.dll
[2011.06.12 11:41:02 | 000,109,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2011.06.12 11:41:02 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2011.06.12 11:41:01 | 003,957,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe
[2011.06.12 11:41:01 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2011.06.12 11:41:01 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2011.06.12 11:41:01 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2011.06.12 11:41:00 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll
[2011.06.12 11:41:00 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll
[2011.06.12 11:40:59 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuthFWSnapin.dll
[2011.06.12 11:40:59 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuthFWSnapin.dll
[2011.06.12 11:40:59 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011.06.12 11:40:59 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
[2011.06.12 11:40:58 | 003,391,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll
[2011.06.12 11:40:58 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2011.06.12 11:40:57 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2011.06.12 11:40:57 | 001,456,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2011.06.12 11:40:56 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2011.06.12 11:40:56 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2011.06.12 11:40:56 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011.06.12 11:40:54 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2011.06.12 11:40:53 | 001,244,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2fs.dll
[2011.06.12 11:40:53 | 001,116,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2011.06.12 11:40:53 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.06.12 11:40:53 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqmapi.dll
[2011.06.12 11:40:52 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011.06.12 11:40:52 | 001,900,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll
[2011.06.12 11:40:52 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d9.dll
[2011.06.12 11:40:52 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2011.06.12 11:40:52 | 001,076,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011.06.12 11:40:52 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2011.06.12 11:40:52 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll
[2011.06.12 11:40:52 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2011.06.12 11:40:51 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2011.06.12 11:40:51 | 001,281,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\werconcpl.dll
[2011.06.12 11:40:51 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2011.06.12 11:40:51 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2011.06.12 11:40:50 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certmgr.dll
[2011.06.12 11:40:50 | 001,049,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011.06.12 11:40:50 | 001,008,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2011.06.12 11:40:50 | 000,376,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2011.06.12 11:40:49 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2011.06.12 11:40:49 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll
[2011.06.12 11:40:49 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2011.06.12 11:40:49 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2011.06.12 11:40:49 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2011.06.12 11:40:49 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2011.06.12 11:40:49 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsmf.dll
[2011.06.12 11:40:49 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2011.06.12 11:40:49 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2011.06.12 11:40:47 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2011.06.12 11:40:47 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll
[2011.06.12 11:40:46 | 002,652,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netshell.dll
[2011.06.12 11:40:46 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll
[2011.06.12 11:40:46 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2011.06.12 11:40:46 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2011.06.12 11:40:46 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll
[2011.06.12 11:40:46 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2011.06.12 11:40:46 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll
[2011.06.12 11:40:46 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedynos.dll
[2011.06.12 11:40:46 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpmonui.dll
[2011.06.12 11:40:45 | 002,543,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll
[2011.06.12 11:40:45 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll
[2011.06.12 11:40:45 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2011.06.12 11:40:45 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2011.06.12 11:40:45 | 000,897,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroles.dll
[2011.06.12 11:40:45 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2011.06.12 11:40:45 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2011.06.12 11:40:45 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll
[2011.06.12 11:40:45 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpps.dll
[2011.06.12 11:40:45 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.exe
[2011.06.12 11:40:45 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll
[2011.06.12 11:40:45 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2011.06.12 11:40:45 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.06.12 11:40:45 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsmf.dll
[2011.06.12 11:40:45 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011.06.12 11:40:45 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3api.dll
[2011.06.12 11:40:44 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Vault.dll
[2011.06.12 11:40:44 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2011.06.12 11:40:44 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmd.exe
[2011.06.12 11:40:44 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QAGENT.DLL
[2011.06.12 11:40:43 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll
[2011.06.12 11:40:43 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2011.06.12 11:40:43 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2011.06.12 11:40:43 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpksetup.exe
[2011.06.12 11:40:43 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2011.06.12 11:40:43 | 000,281,600 | ---- | C] (Microsoft) -- C:\Windows\SysNative\DShowRdpFilter.dll
[2011.06.12 11:40:42 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2011.06.12 11:40:42 | 001,190,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2011.06.12 11:40:42 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll
[2011.06.12 11:40:41 | 000,582,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sxs.dll
[2011.06.12 11:40:41 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2011.06.12 11:40:40 | 001,363,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Query.dll
[2011.06.12 11:40:40 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
[2011.06.12 11:40:39 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcndmgr.dll
[2011.06.12 11:40:39 | 001,808,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll
[2011.06.12 11:40:39 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsmsnap.dll
[2011.06.12 11:40:39 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2011.06.12 11:40:39 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfds.dll
[2011.06.12 11:40:39 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcbuilder.exe
[2011.06.12 11:40:39 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\DShowRdpFilter.dll
[2011.06.12 11:40:39 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgprint.dll
[2011.06.12 11:40:39 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2011.06.12 11:40:39 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011.06.12 11:40:38 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2011.06.12 11:40:38 | 001,158,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webservices.dll
[2011.06.12 11:40:38 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlsrv32.dll
[2011.06.12 11:40:38 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2fs.dll
[2011.06.12 11:40:38 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll
[2011.06.12 11:40:38 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdrm.dll
[2011.06.12 11:40:38 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll
[2011.06.12 11:40:38 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3api.dll
[2011.06.12 11:40:38 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2011.06.12 11:40:37 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceApi.dll
[2011.06.12 11:40:36 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2011.06.12 11:40:36 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2011.06.12 11:40:36 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mcbuilder.exe
[2011.06.12 11:40:36 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prncache.dll
[2011.06.12 11:40:35 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll
[2011.06.12 11:40:35 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2011.06.12 11:40:33 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certmgr.dll
[2011.06.12 11:40:33 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanpref.dll
[2011.06.12 11:40:33 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMNetMgr.dll
[2011.06.12 11:40:32 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll
[2011.06.12 11:40:32 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2011.06.12 11:40:32 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnike.dll
[2011.06.12 11:40:32 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2011.06.12 11:40:32 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2011.06.12 11:40:32 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll
[2011.06.12 11:40:31 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2011.06.12 11:40:31 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2011.06.12 11:40:31 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\photowiz.dll
[2011.06.12 11:40:31 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2011.06.12 11:40:31 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedyn.dll
[2011.06.12 11:40:30 | 002,262,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncCenter.dll
[2011.06.12 11:40:30 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPEncEn.dll
[2011.06.12 11:40:30 | 001,082,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll
[2011.06.12 11:40:30 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpeffects.dll
[2011.06.12 11:40:30 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2011.06.12 11:40:30 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2011.06.12 11:40:30 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmd.exe
[2011.06.12 11:40:30 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2011.06.12 11:40:29 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSATAPI.dll
[2011.06.12 11:40:29 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2011.06.12 11:40:29 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfds.dll
[2011.06.12 11:40:29 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedynos.dll
[2011.06.12 11:40:29 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fde.dll
[2011.06.12 11:40:26 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localsec.dll
[2011.06.12 11:40:26 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll
[2011.06.12 11:40:26 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll
[2011.06.12 11:40:24 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netdiagfx.dll
[2011.06.12 11:40:24 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2011.06.12 11:40:23 | 000,298,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcryptprimitives.dll
[2011.06.12 11:40:23 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.06.12 11:40:22 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroles.dll
[2011.06.12 11:40:22 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpipcfg.dll
[2011.06.12 11:40:22 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll
[2011.06.12 11:40:22 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSHVHOST.DLL
[2011.06.12 11:40:22 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll
[2011.06.12 11:40:22 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netid.dll
[2011.06.12 11:40:22 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2011.06.12 11:40:22 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2011.06.12 11:40:21 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\biocpl.dll
[2011.06.12 11:40:21 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msinfo32.exe
[2011.06.12 11:40:20 | 002,746,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2011.06.12 11:40:18 | 001,050,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll
[2011.06.12 11:40:17 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scansetting.dll
[2011.06.12 11:40:16 | 002,755,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll
[2011.06.12 11:40:16 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mspbda.dll
[2011.06.12 11:40:16 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2011.06.12 11:40:16 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoScreensaver.scr
[2011.06.12 11:40:16 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011.06.12 11:40:16 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe
[2011.06.12 11:40:16 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\credui.dll
[2011.06.12 11:40:16 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL
[2011.06.12 11:40:16 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aitagent.exe
[2011.06.12 11:40:16 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2011.06.12 11:40:15 | 000,934,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FirewallControlPanel.dll
[2011.06.12 11:40:15 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbghelp.dll
[2011.06.12 11:40:15 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2011.06.12 11:40:15 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxgi.dll
[2011.06.12 11:40:15 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv
[2011.06.12 11:40:15 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2011.06.12 11:40:15 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2011.06.12 11:40:15 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2011.06.12 11:40:15 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll
[2011.06.12 11:40:14 | 003,211,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2011.06.12 11:40:14 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2011.06.12 11:40:14 | 000,418,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll
[2011.06.12 11:40:14 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisptis.exe
[2011.06.12 11:40:14 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2011.06.12 11:40:14 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2011.06.12 11:40:14 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetup.exe
[2011.06.12 11:40:13 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2011.06.12 11:40:13 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\calc.exe
[2011.06.12 11:40:13 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXP.dll
[2011.06.12 11:40:13 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSATAPI.dll
[2011.06.12 11:40:13 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetapi.dll
[2011.06.12 11:40:12 | 000,780,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2011.06.12 11:40:12 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlsrv32.dll
[2011.06.12 11:40:12 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2011.06.12 11:40:12 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll
[2011.06.12 11:40:11 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2011.06.12 11:40:11 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll
[2011.06.12 11:40:10 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmsys.cpl
[2011.06.12 11:40:10 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll
[2011.06.12 11:40:10 | 000,128,000 | ---- | C] (Microsoft) -- C:\Windows\SysNative\Robocopy.exe
[2011.06.12 11:40:09 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
[2011.06.12 11:40:08 | 002,494,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll
[2011.06.12 11:40:08 | 001,457,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DxpTaskSync.dll
[2011.06.12 11:40:08 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PerfCenterCPL.dll
[2011.06.12 11:40:08 | 000,263,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll
[2011.06.12 11:40:08 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2011.06.12 11:40:08 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\thumbcache.dll
[2011.06.12 11:40:08 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys
[2011.06.12 11:40:07 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll
[2011.06.12 11:40:07 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL
[2011.06.12 11:40:07 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXPTaskRingtone.dll
[2011.06.12 11:40:07 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\puiobj.dll
[2011.06.12 11:40:07 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onex.dll
[2011.06.12 11:40:07 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scecli.dll
[2011.06.12 11:40:07 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2011.06.12 11:40:07 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2011.06.12 11:40:07 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmredir.dll
[2011.06.12 11:40:07 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prncache.dll
[2011.06.12 11:40:07 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2011.06.12 11:40:07 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011.06.12 11:40:06 | 002,341,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msi.dll
[2011.06.12 11:40:06 | 001,363,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll
[2011.06.12 11:40:06 | 000,932,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll
[2011.06.12 11:40:06 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
[2011.06.12 11:40:06 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011.06.12 11:40:06 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2011.06.12 11:40:06 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\net1.exe
[2011.06.12 11:40:06 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2011.06.12 11:40:05 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdengin2.dll
[2011.06.12 11:40:05 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2011.06.12 11:40:05 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VAN.dll
[2011.06.12 11:40:05 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2011.06.12 11:40:05 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll
[2011.06.12 11:40:05 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiadefui.dll
[2011.06.12 11:40:05 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2011.06.12 11:40:05 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2011.06.12 11:40:05 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scansetting.dll
[2011.06.12 11:40:04 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVCORE.DLL
[2011.06.12 11:40:04 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcenter.dll
[2011.06.12 11:40:04 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll
[2011.06.12 11:40:04 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVol.exe
[2011.06.12 11:40:04 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquoui.dll
[2011.06.12 11:40:04 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MMDevAPI.dll
[2011.06.12 11:40:04 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regapi.dll
[2011.06.12 11:40:04 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2011.06.12 11:40:04 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samcli.dll
[2011.06.12 11:40:04 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2011.06.12 11:40:03 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2011.06.12 11:40:02 | 002,621,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2011.06.12 11:39:59 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll
[2011.06.12 11:39:59 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srchadmin.dll
[2011.06.12 11:39:59 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSHVHOST.DLL
[2011.06.12 11:39:59 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2011.06.12 11:39:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2011.06.12 11:39:59 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QUTIL.DLL
[2011.06.12 11:39:58 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdshext.dll
[2011.06.12 11:39:58 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll
[2011.06.12 11:39:58 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webservices.dll
[2011.06.12 11:39:58 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl
[2011.06.12 11:39:58 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TabletPC.cpl
[2011.06.12 11:39:58 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2011.06.12 11:39:58 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2011.06.12 11:39:58 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2011.06.12 11:39:58 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2011.06.12 11:39:58 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netdiagfx.dll
[2011.06.12 11:39:58 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fde.dll
[2011.06.12 11:39:58 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupcl.exe
[2011.06.12 11:39:58 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2011.06.12 11:39:58 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2011.06.12 11:39:57 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgcpl.dll
[2011.06.12 11:39:57 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msconfig.exe
[2011.06.12 11:39:57 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netiohlp.dll
[2011.06.12 11:39:57 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSCard.dll
[2011.06.12 11:39:57 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mimefilt.dll
[2011.06.12 11:39:56 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL
[2011.06.12 11:39:56 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2011.06.12 11:39:56 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll
[2011.06.12 11:39:56 | 000,633,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll
[2011.06.12 11:39:56 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll
[2011.06.12 11:39:56 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxclu.dll
[2011.06.12 11:39:56 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll
[2011.06.12 11:39:56 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.06.12 11:39:56 | 000,166,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll
[2011.06.12 11:39:56 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winsta.dll
[2011.06.12 11:39:56 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdeploy.dll
[2011.06.12 11:39:56 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsmproxy.dll
[2011.06.12 11:39:56 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2011.06.12 11:39:56 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011.06.12 11:39:55 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2011.06.12 11:39:55 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPEncEn.dll
[2011.06.12 11:39:55 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2011.06.12 11:39:55 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DXPTaskRingtone.dll
[2011.06.12 11:39:55 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll
[2011.06.12 11:39:55 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sharemediacpl.dll
[2011.06.12 11:39:55 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onex.dll
[2011.06.12 11:39:55 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logoncli.dll

Mike1985 05.07.2011 12:27
Code:
[2011.06.12 11:39:55 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscmmc.dll
[2011.06.12 11:39:55 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RpcRtRemote.dll
[2011.06.12 11:39:54 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll
[2011.06.12 11:39:54 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe
[2011.06.12 11:39:54 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nci.dll
[2011.06.12 11:39:53 | 002,250,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SensorsCpl.dll
[2011.06.12 11:39:53 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Narrator.exe
[2011.06.12 11:39:53 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autochk.exe
[2011.06.12 11:39:53 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autofmt.exe
[2011.06.12 11:39:53 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll
[2011.06.12 11:39:53 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netjoin.dll
[2011.06.12 11:39:53 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll
[2011.06.12 11:39:53 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll
[2011.06.12 11:39:52 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autochk.exe
[2011.06.12 11:39:52 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autofmt.exe
[2011.06.12 11:39:52 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe
[2011.06.12 11:39:52 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2011.06.12 11:39:52 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe
[2011.06.12 11:39:52 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppcomapi.dll
[2011.06.12 11:39:52 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AudioSes.dll
[2011.06.12 11:39:52 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msutb.dll
[2011.06.12 11:39:52 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2011.06.12 11:39:52 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IPHLPAPI.DLL
[2011.06.12 11:39:52 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapi.dll
[2011.06.12 11:39:52 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnikeapi.dll
[2011.06.12 11:39:52 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\proquota.exe
[2011.06.12 11:39:51 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe
[2011.06.12 11:39:51 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshipsec.dll
[2011.06.12 11:39:51 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsmsnap.dll
[2011.06.12 11:39:51 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll
[2011.06.12 11:39:51 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll
[2011.06.12 11:39:51 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2011.06.12 11:39:51 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2011.06.12 11:39:51 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
[2011.06.12 11:39:50 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2011.06.12 11:39:50 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll
[2011.06.12 11:39:50 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll
[2011.06.12 11:39:50 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpipcfg.dll
[2011.06.12 11:39:50 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2011.06.12 11:39:50 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdsrv.dll
[2011.06.12 11:39:42 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedyn.dll
[2011.06.12 11:39:41 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdclt.exe
[2011.06.12 11:39:41 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2011.06.12 11:39:41 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll
[2011.06.12 11:39:41 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prntvpt.dll
[2011.06.12 11:39:40 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmsys.cpl
[2011.06.12 11:39:40 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
[2011.06.12 11:39:40 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanui.dll
[2011.06.12 11:39:40 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys
[2011.06.12 11:39:40 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2011.06.12 11:39:40 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2011.06.12 11:39:39 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll
[2011.06.12 11:39:39 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontext.dll
[2011.06.12 11:39:39 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2011.06.12 11:39:39 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2011.06.12 11:39:39 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprddm.dll
[2011.06.12 11:39:39 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QAGENT.DLL
[2011.06.12 11:39:39 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netid.dll
[2011.06.12 11:39:38 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll
[2011.06.12 11:39:38 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe
[2011.06.12 11:39:38 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vault.dll
[2011.06.12 11:39:38 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\batmeter.dll
[2011.06.12 11:39:38 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2011.06.12 11:39:38 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll
[2011.06.12 11:39:38 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2011.06.12 11:39:38 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpsrcwp.dll
[2011.06.12 11:39:38 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2011.06.12 11:39:38 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nci.dll
[2011.06.12 11:39:38 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2011.06.12 11:39:37 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanpref.dll
[2011.06.12 11:39:37 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DiagCpl.dll
[2011.06.12 11:39:37 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
[2011.06.12 11:39:36 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bootres.dll
[2011.06.12 11:39:36 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll
[2011.06.12 11:39:36 | 000,433,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MCEWMDRMNDBootstrap.dll
[2011.06.12 11:39:36 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksproxy.ax
[2011.06.12 11:39:36 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\Robocopy.exe
[2011.06.12 11:39:36 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSTPager.ax
[2011.06.12 11:39:36 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2011.06.12 11:39:35 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll
[2011.06.12 11:39:34 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DxpTaskSync.dll
[2011.06.12 11:39:34 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskmgr.exe
[2011.06.12 11:39:34 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll
[2011.06.12 11:39:34 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll
[2011.06.12 11:39:34 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3cfg.dll
[2011.06.12 11:39:33 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll
[2011.06.12 11:39:33 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll
[2011.06.12 11:39:33 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll
[2011.06.12 11:39:32 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnfldr.dll
[2011.06.12 11:39:32 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\termmgr.dll
[2011.06.12 11:39:32 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiobj.dll
[2011.06.12 11:39:32 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2011.06.12 11:39:32 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe
[2011.06.12 11:39:32 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskmgr.exe
[2011.06.12 11:39:32 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll
[2011.06.12 11:39:32 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2011.06.12 11:39:32 | 000,155,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2011.06.12 11:39:32 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2011.06.12 11:39:32 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll
[2011.06.12 11:39:32 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll
[2011.06.12 11:39:32 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\proquota.exe
[2011.06.12 11:39:31 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiadefui.dll
[2011.06.12 11:39:31 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll
[2011.06.12 11:39:31 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSAC3ENC.DLL
[2011.06.12 11:39:31 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppcomapi.dll
[2011.06.12 11:39:31 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll
[2011.06.12 11:39:31 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2011.06.12 11:39:31 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logoncli.dll
[2011.06.12 11:39:31 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll
[2011.06.12 11:39:30 | 003,745,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\accessibilitycpl.dll
[2011.06.12 11:39:30 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FirewallControlPanel.dll
[2011.06.12 11:39:30 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl
[2011.06.12 11:39:30 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2011.06.12 11:39:29 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SensorsCpl.dll
[2011.06.12 11:39:29 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll
[2011.06.12 11:39:28 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll
[2011.06.12 11:39:28 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slui.exe
[2011.06.12 11:39:28 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2011.06.12 11:39:28 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscmmc.dll
[2011.06.12 11:39:27 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoScreensaver.scr
[2011.06.12 11:39:27 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2011.06.12 11:39:27 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hgcpl.dll
[2011.06.12 11:39:27 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\defaultlocationcpl.dll
[2011.06.12 11:39:26 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scecli.dll
[2011.06.12 11:39:26 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax
[2011.06.12 11:39:25 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll
[2011.06.12 11:39:25 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll
[2011.06.12 11:39:25 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceCenter.dll
[2011.06.12 11:39:25 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscms.dll
[2011.06.12 11:39:25 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localsec.dll
[2011.06.12 11:39:25 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprddm.dll
[2011.06.12 11:39:25 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2011.06.12 11:39:24 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkmap.dll
[2011.06.12 11:39:24 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll
[2011.06.12 11:39:24 | 001,065,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2011.06.12 11:39:24 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenter.dll
[2011.06.12 11:39:24 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\batmeter.dll
[2011.06.12 11:39:24 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VAN.dll
[2011.06.12 11:39:24 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll
[2011.06.12 11:39:24 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll
[2011.06.12 11:39:24 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2011.06.12 11:39:24 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2011.06.12 11:39:24 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanui.dll
[2011.06.12 11:39:24 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\intl.cpl
[2011.06.12 11:39:24 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2011.06.12 11:39:24 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskbarcpl.dll
[2011.06.12 11:39:24 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OnLineIDCpl.dll
[2011.06.12 11:39:24 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVolSSO.dll
[2011.06.12 11:39:24 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twext.dll
[2011.06.12 11:39:24 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prntvpt.dll
[2011.06.12 11:39:24 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011.06.12 11:39:24 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2011.06.12 11:39:23 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OobeFldr.dll
[2011.06.12 11:39:23 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2011.06.12 11:39:23 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroleui.dll
[2011.06.12 11:39:23 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdedit.exe
[2011.06.12 11:39:23 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe
[2011.06.12 11:39:23 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxlib.dll
[2011.06.12 11:39:23 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recovery.dll
[2011.06.12 11:39:23 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w32tm.exe
[2011.06.12 11:39:22 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsuiext.dll
[2011.06.12 11:39:22 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizeng.dll
[2011.06.12 11:39:22 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MediaMetadataHandler.dll
[2011.06.12 11:39:22 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cca.dll
[2011.06.12 11:39:22 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\isoburn.exe
[2011.06.12 11:39:22 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sisbkup.dll
[2011.06.12 11:39:21 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll
[2011.06.12 11:39:21 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl
[2011.06.12 11:39:21 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\zipfldr.dll
[2011.06.12 11:39:21 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroleui.dll
[2011.06.12 11:39:21 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\efscore.dll
[2011.06.12 11:39:21 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VBICodec.ax
[2011.06.12 11:39:21 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tzutil.exe
[2011.06.12 11:39:20 | 001,003,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2011.06.12 11:39:20 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdcpl.dll
[2011.06.12 11:39:20 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\main.cpl
[2011.06.12 11:39:20 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2011.06.12 11:39:20 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shwebsvc.dll
[2011.06.12 11:39:20 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2011.06.12 11:39:20 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recdisc.exe
[2011.06.12 11:39:20 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAC3ENC.DLL
[2011.06.12 11:39:20 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysclass.dll
[2011.06.12 11:39:20 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syncui.dll
[2011.06.12 11:39:20 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netplwiz.dll
[2011.06.12 11:39:20 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldp.dll
[2011.06.12 11:39:20 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netjoin.dll
[2011.06.12 11:39:20 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll
[2011.06.12 11:39:20 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptui.dll
[2011.06.12 11:39:20 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdeploy.dll
[2011.06.12 11:39:20 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpapi.dll
[2011.06.12 11:39:20 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2011.06.12 11:39:19 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkmap.dll
[2011.06.12 11:39:19 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenterCPL.dll
[2011.06.12 11:39:19 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll
[2011.06.12 11:39:19 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
[2011.06.12 11:39:18 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll
[2011.06.12 11:39:18 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenter.dll
[2011.06.12 11:39:18 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizeng.dll
[2011.06.12 11:39:18 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\termmgr.dll
[2011.06.12 11:39:18 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnfldr.dll
[2011.06.12 11:39:18 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe
[2011.06.12 11:39:18 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MCEWMDRMNDBootstrap.dll
[2011.06.12 11:39:18 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2011.06.12 11:39:18 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\photowiz.dll
[2011.06.12 11:39:18 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MediaMetadataHandler.dll
[2011.06.12 11:39:18 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFPlay.dll
[2011.06.12 11:39:18 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OnLineIDCpl.dll
[2011.06.12 11:39:18 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2011.06.12 11:39:18 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll
[2011.06.12 11:39:18 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksxbar.ax
[2011.06.12 11:39:17 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2011.06.12 11:39:17 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx
[2011.06.12 11:39:17 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx
[2011.06.12 11:39:17 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2011.06.12 11:39:17 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sethc.exe
[2011.06.12 11:39:17 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iprtrmgr.dll
[2011.06.12 11:39:17 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\defaultlocationcpl.dll
[2011.06.12 11:39:17 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011.06.12 11:39:16 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl
[2011.06.12 11:39:16 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll
[2011.06.12 11:39:16 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2011.06.12 11:39:16 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntlanman.dll
[2011.06.12 11:39:16 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3cfg.dll
[2011.06.12 11:39:16 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2011.06.12 11:39:16 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftp.exe
[2011.06.12 11:39:15 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlcese30.dll
[2011.06.12 11:39:15 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shwebsvc.dll
[2011.06.12 11:39:15 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\intl.cpl
[2011.06.12 11:39:15 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
[2011.06.12 11:39:15 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iprtrmgr.dll
[2011.06.12 11:39:15 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\efscore.dll
[2011.06.12 11:39:15 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifsutil.dll
[2011.06.12 11:39:15 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UserAccountControlSettings.dll
[2011.06.12 11:39:15 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpd3d.dll
[2011.06.12 11:39:15 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2011.06.12 11:39:15 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2011.06.12 11:39:15 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sisbkup.dll
[2011.06.12 11:39:14 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenterCPL.dll
[2011.06.12 11:39:14 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ssText3d.scr
[2011.06.12 11:39:14 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011.06.12 11:39:14 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iTVData.dll
[2011.06.12 11:39:14 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011.06.12 11:39:13 | 000,781,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2011.06.12 11:39:13 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2011.06.12 11:39:13 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DeviceCenter.dll
[2011.06.12 11:39:13 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syncui.dll
[2011.06.12 11:39:13 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll
[2011.06.12 11:39:13 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srvcli.dll
[2011.06.12 11:39:13 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2011.06.12 11:39:12 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OobeFldr.dll
[2011.06.12 11:39:12 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2011.06.12 11:39:12 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2011.06.12 11:39:12 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll
[2011.06.12 11:39:12 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll
[2011.06.12 11:39:12 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll
[2011.06.12 11:39:12 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wavemsp.dll
[2011.06.12 11:39:12 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingFolder.dll
[2011.06.12 11:39:12 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dskquoui.dll
[2011.06.12 11:39:12 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.cpl
[2011.06.12 11:39:12 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2011.06.12 11:39:12 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPHLPR.DLL
[2011.06.12 11:39:12 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nslookup.exe
[2011.06.12 11:39:12 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntlanman.dll
[2011.06.12 11:39:12 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSTPager.ax
[2011.06.12 11:39:12 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acppage.dll
[2011.06.12 11:39:12 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2011.06.12 11:39:11 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2011.06.12 11:39:11 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\riched20.dll
[2011.06.12 11:39:11 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srrstr.dll
[2011.06.12 11:39:11 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sethc.exe
[2011.06.12 11:39:11 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksproxy.ax
[2011.06.12 11:39:11 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdboot.exe
[2011.06.12 11:39:10 | 001,672,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkexplorer.dll
[2011.06.12 11:39:10 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2011.06.12 11:39:10 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\activeds.dll
[2011.06.12 11:39:10 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpsrcwp.dll
[2011.06.12 11:39:10 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netplwiz.dll
[2011.06.12 11:39:10 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\remotepg.dll
[2011.06.12 11:39:10 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPHLPR.DLL
[2011.06.12 11:39:10 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppnp.dll
[2011.06.12 11:39:10 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\migisol.dll
[2011.06.12 11:39:10 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabinet.dll
[2011.06.12 11:39:10 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2011.06.12 11:39:10 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\httpapi.dll
[2011.06.12 11:39:09 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2011.06.12 11:39:09 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfrgui.exe
[2011.06.12 11:39:09 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2011.06.12 11:39:09 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshipsec.dll
[2011.06.12 11:39:09 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kstvtune.ax
[2011.06.12 11:39:09 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\isoburn.exe
[2011.06.12 11:39:09 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wkscli.dll
[2011.06.12 11:39:08 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsuiext.dll
[2011.06.12 11:39:08 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wvc.dll
[2011.06.12 11:39:08 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfrgui.exe
[2011.06.12 11:39:08 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2011.06.12 11:39:08 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpdxm.dll
[2011.06.12 11:39:08 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3ui.dll
[2011.06.12 11:39:08 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsqmcons.exe
[2011.06.12 11:39:08 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll
[2011.06.12 11:39:08 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wavemsp.dll
[2011.06.12 11:39:08 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll
[2011.06.12 11:39:08 | 000,178,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2011.06.12 11:39:08 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2011.06.12 11:39:08 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\net1.exe
[2011.06.12 11:39:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll
[2011.06.12 11:39:08 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftp.exe
[2011.06.12 11:39:08 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tzutil.exe
[2011.06.12 11:39:07 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2011.06.12 11:39:07 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmdev.dll
[2011.06.12 11:39:07 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc.dll
[2011.06.12 11:39:07 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimgapi.dll
[2011.06.12 11:39:07 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstask.dll
[2011.06.12 11:39:07 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2011.06.12 11:39:07 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetup.exe
[2011.06.12 11:39:07 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wtsapi32.dll
[2011.06.12 11:39:07 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFaultSecure.exe
[2011.06.12 11:39:06 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp
[2011.06.12 11:39:06 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.06.12 11:39:06 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twext.dll
[2011.06.12 11:39:06 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapistub.dll
[2011.06.12 11:39:06 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapi32.dll
[2011.06.12 11:39:05 | 001,911,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll
[2011.06.12 11:39:05 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Bubbles.scr
[2011.06.12 11:39:05 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qasf.dll
[2011.06.12 11:39:05 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qcap.dll
[2011.06.12 11:39:05 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2011.06.12 11:39:05 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupugc.exe
[2011.06.12 11:39:05 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdmat.dll
[2011.06.12 11:39:05 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2011.06.12 11:39:05 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2011.06.12 11:39:04 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\main.cpl
[2011.06.12 11:39:04 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskraid.exe
[2011.06.12 11:39:04 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifsutil.dll
[2011.06.12 11:39:04 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\uxlib.dll
[2011.06.12 11:39:04 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsium.dll
[2011.06.12 11:39:04 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2011.06.12 11:39:03 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ssText3d.scr
[2011.06.12 11:39:03 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\audiodev.dll
[2011.06.12 11:39:03 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mystify.scr
[2011.06.12 11:39:03 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Ribbons.scr
[2011.06.12 11:39:03 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll
[2011.06.12 11:39:03 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2011.06.12 11:39:02 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2011.06.12 11:39:02 | 000,573,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2011.06.12 11:39:02 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeResults.exe
[2011.06.12 11:39:02 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll
[2011.06.12 11:39:02 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfmon.exe
[2011.06.12 11:39:02 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpshell.dll
[2011.06.12 11:39:02 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nslookup.exe
[2011.06.12 11:39:02 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\muifontsetup.dll
[2011.06.12 11:39:01 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll
[2011.06.12 11:39:01 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingFolder.dll
[2011.06.12 11:38:59 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2011.06.12 11:38:59 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskraid.exe
[2011.06.12 11:38:59 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AzSqlExt.dll
[2011.06.12 11:38:58 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netutils.dll
[2011.06.12 11:38:57 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbghelp.dll
[2011.06.12 11:38:57 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSAPI.dll
[2011.06.12 11:38:57 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimserv.exe
[2011.06.12 11:38:57 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qasf.dll
[2011.06.12 11:38:57 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionQueue.dll
[2011.06.12 11:38:57 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll
[2011.06.12 11:38:57 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfmon.exe
[2011.06.12 11:38:57 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tlscsp.dll
[2011.06.12 11:38:57 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\umb.dll
[2011.06.12 11:38:57 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\runonce.exe
[2011.06.12 11:38:57 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPCRYPT.DLL
[2011.06.12 11:38:57 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\acppage.dll
[2011.06.12 11:38:56 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2011.06.12 11:38:56 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll
[2011.06.12 11:38:56 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
[2011.06.12 11:38:56 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\remotepg.dll
[2011.06.12 11:38:56 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2011.06.12 11:38:55 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL
[2011.06.12 11:38:55 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdwcn.dll
[2011.06.12 11:38:55 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
[2011.06.12 11:38:55 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetapi.dll
[2011.06.12 11:38:55 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MdSched.exe
[2011.06.12 11:38:55 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiavideo.dll
[2011.06.12 11:38:55 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011.06.12 11:38:55 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QUTIL.DLL
[2011.06.12 11:38:55 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UserAccountControlSettings.dll
[2011.06.12 11:38:55 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPCRYPT.DLL
[2011.06.12 11:38:55 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syssetup.dll
[2011.06.12 11:38:54 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onexui.dll
[2011.06.12 11:38:54 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL
[2011.06.12 11:38:54 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
[2011.06.12 11:38:54 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iTVData.dll
[2011.06.12 11:38:54 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdwcn.dll
[2011.06.12 11:38:54 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsbas.dll
[2011.06.12 11:38:54 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsbas.dll
[2011.06.12 11:38:54 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Kswdmcap.ax
[2011.06.12 11:38:54 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PrintIsolationProxy.dll
[2011.06.12 11:38:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vpnikeapi.dll
[2011.06.12 11:38:53 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nltest.exe
[2011.06.12 11:38:53 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstask.dll
[2011.06.12 11:38:53 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsadmin.exe
[2011.06.12 11:38:53 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll
[2011.06.12 11:38:53 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys
[2011.06.12 11:38:53 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
[2011.06.12 11:38:53 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\runonce.exe
[2011.06.12 11:38:52 | 000,527,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmnet.dll
[2011.06.12 11:38:52 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmdev.dll
[2011.06.12 11:38:52 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10level9.dll
[2011.06.12 11:38:52 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll
[2011.06.12 11:38:52 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFPlay.dll
[2011.06.12 11:38:52 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shacct.dll
[2011.06.12 11:38:52 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSVRMGMT.DLL
[2011.06.12 11:38:52 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shacct.dll
[2011.06.12 11:38:52 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tabcal.exe
[2011.06.12 11:38:52 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vss_ps.dll
[2011.06.12 11:38:52 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscapi.dll
[2011.06.12 11:38:51 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2011.06.12 11:38:51 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll
[2011.06.12 11:38:51 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2011.06.12 11:38:51 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlcese30.dll
[2011.06.12 11:38:51 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2011.06.12 11:38:51 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsadmin.exe
[2011.06.12 11:38:51 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qcap.dll
[2011.06.12 11:38:51 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2011.06.12 11:38:51 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpshell.dll
[2011.06.12 11:38:51 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe
[2011.06.12 11:38:51 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2011.06.12 11:38:51 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2011.06.12 11:38:51 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdmat.dll
[2011.06.12 11:38:51 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpd3d.dll
[2011.06.12 11:38:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsium.dll
[2011.06.12 11:38:51 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lsmproxy.dll
[2011.06.12 11:38:50 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll
[2011.06.12 11:38:50 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Bubbles.scr
[2011.06.12 11:38:50 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceStatus.dll
[2011.06.12 11:38:50 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceStatus.dll
[2011.06.12 11:38:50 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll
[2011.06.12 11:38:50 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2011.06.12 11:38:50 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3ui.dll
[2011.06.12 11:38:50 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdv.dll
[2011.06.12 11:38:50 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2011.06.12 11:38:50 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceSyncProvider.dll
[2011.06.12 11:38:50 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mystify.scr
[2011.06.12 11:38:50 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Ribbons.scr
[2011.06.12 11:38:50 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceSyncProvider.dll
[2011.06.12 11:38:50 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011.06.12 11:38:50 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll
[2011.06.12 11:38:50 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.cpl
[2011.06.12 11:38:50 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\desk.cpl
[2011.06.12 11:38:50 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2011.06.12 11:38:50 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fphc.dll
[2011.06.12 11:38:50 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSVRMGMT.DLL
[2011.06.12 11:38:50 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kstvtune.ax
[2011.06.12 11:38:50 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe
[2011.06.12 11:38:50 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spbcd.dll
[2011.06.12 11:38:50 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\olethk32.dll
[2011.06.12 11:38:50 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mapistub.dll
[2011.06.12 11:38:50 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mapi32.dll
[2011.06.12 11:38:50 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\takeown.exe
[2011.06.12 11:38:50 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPUnattend.exe
[2011.06.12 11:38:50 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptui.dll
[2011.06.12 11:38:50 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2011.06.12 11:38:49 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME
[2011.06.12 11:38:49 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL
[2011.06.12 11:38:49 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2011.06.12 11:38:49 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VBICodec.ax
[2011.06.12 11:38:49 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll
[2011.06.12 11:38:49 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3msm.dll
[2011.06.12 11:38:49 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiavideo.dll
[2011.06.12 11:38:49 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Kswdmcap.ax
[2011.06.12 11:38:49 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fphc.dll
[2011.06.12 11:38:49 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2011.06.12 11:38:49 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\amstream.dll
[2011.06.12 11:38:49 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax
[2011.06.12 11:38:49 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\takeown.exe
[2011.06.12 11:38:49 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\utildll.dll
[2011.06.12 11:38:48 | 000,681,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2011.06.12 11:38:48 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL
[2011.06.12 11:38:48 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmnet.dll
[2011.06.12 11:38:48 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdv.dll
[2011.06.12 11:38:48 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2011.06.12 11:38:48 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2011.06.12 11:38:48 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqmapi.dll
[2011.06.12 11:38:48 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imagehlp.dll
[2011.06.12 11:38:48 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EhStorAPI.dll
[2011.06.12 11:38:48 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppinst.dll
[2011.06.12 11:38:48 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmstp.exe
[2011.06.12 11:38:48 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QCLIPROV.DLL
[2011.06.12 11:38:48 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011.06.12 11:38:48 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax
[2011.06.12 11:38:48 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2011.06.12 11:38:48 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QCLIPROV.DLL
[2011.06.12 11:38:48 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertPolEng.dll
[2011.06.12 11:38:48 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WavDest.dll
[2011.06.12 11:38:48 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\djoin.exe
[2011.06.12 11:38:48 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shimgvw.dll
[2011.06.12 11:38:48 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\HotStartUserAgent.dll
[2011.06.12 11:38:48 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nrpsrv.dll
[2011.06.12 11:38:47 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2011.06.12 11:38:47 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msorcl32.dll
[2011.06.12 11:38:47 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskpart.exe
[2011.06.12 11:38:47 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsicli.exe
[2011.06.12 11:38:47 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mydocs.dll
[2011.06.12 11:38:47 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupcln.dll
[2011.06.12 11:38:47 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmstp.exe
[2011.06.12 11:38:47 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdProxy.dll
[2011.06.12 11:38:47 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MuiUnattend.exe
[2011.06.12 11:38:47 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cca.dll
[2011.06.12 11:38:47 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\g711codc.ax
[2011.06.12 11:38:47 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vfwwdm32.dll
[2011.06.12 11:38:47 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll
[2011.06.12 11:38:47 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MultiDigiMon.exe
[2011.06.12 11:38:47 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2011.06.12 11:38:47 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdhui.dll
[2011.06.12 11:38:47 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\relog.exe
[2011.06.12 11:38:47 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AzSqlExt.dll
[2011.06.12 11:38:47 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sscore.dll
[2011.06.12 11:38:46 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2011.06.12 11:38:46 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2011.06.12 11:38:46 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\itircl.dll
[2011.06.12 11:38:46 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsicli.exe
[2011.06.12 11:38:46 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mydocs.dll
[2011.06.12 11:38:46 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\desk.cpl
[2011.06.12 11:38:46 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3msm.dll
[2011.06.12 11:38:46 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mobsync.exe
[2011.06.12 11:38:46 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amstream.dll
[2011.06.12 11:38:46 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spbcd.dll
[2011.06.12 11:38:46 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2011.06.12 11:38:46 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wkscli.dll
[2011.06.12 11:38:46 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbisurf.ax
[2011.06.12 11:38:46 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\relog.exe
[2011.06.12 11:38:46 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdmo.dll
[2011.06.12 11:38:46 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiougc.exe
[2011.06.12 11:38:46 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BWUnpairElevated.dll
[2011.06.12 11:38:45 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\itircl.dll
[2011.06.12 11:38:45 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskpart.exe
[2011.06.12 11:38:45 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2011.06.12 11:38:45 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll
[2011.06.12 11:38:45 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll
[2011.06.12 11:38:45 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netbtugc.exe
[2011.06.12 11:38:43 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME
[2011.06.12 11:38:43 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSTIFF.dll
[2011.06.12 11:38:43 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpps.dll
[2011.06.12 11:38:43 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll
[2011.06.12 11:38:43 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2011.06.12 11:38:43 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\findstr.exe
[2011.06.12 11:38:43 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertPolEng.dll
[2011.06.12 11:38:43 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksxbar.ax
[2011.06.12 11:38:43 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciqtz32.dll
[2011.06.12 11:38:43 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2011.06.12 11:38:43 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\choice.exe
[2011.06.12 11:38:43 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011.06.12 11:38:43 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syssetup.dll
[2011.06.12 11:38:42 | 001,080,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onexui.dll
[2011.06.12 11:38:42 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2011.06.12 11:38:42 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2011.06.12 11:38:42 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppc.dll
[2011.06.12 11:38:42 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppc.dll
[2011.06.12 11:38:42 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mobsync.exe
[2011.06.12 11:38:42 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll
[2011.06.12 11:38:42 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2011.06.12 11:38:42 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\manage-bde.exe
[2011.06.12 11:38:42 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2011.06.12 11:38:42 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabinet.dll
[2011.06.12 11:38:42 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tlscsp.dll
[2011.06.12 11:38:42 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetmib1.dll
[2011.06.12 11:38:42 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\findstr.exe
[2011.06.12 11:38:42 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2011.06.12 11:38:42 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\repair-bde.exe
[2011.06.12 11:38:42 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\luainstall.dll
[2011.06.12 11:38:42 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdiasqmmodule.dll
[2011.06.12 11:38:42 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciqtz32.dll
[2011.06.12 11:38:42 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2011.06.12 11:38:42 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011.06.12 11:38:42 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFaultSecure.exe
[2011.06.12 11:38:42 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schedcli.dll
[2011.06.12 11:38:42 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgentc.exe
[2011.06.12 11:38:42 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spopk.dll
[2011.06.12 11:38:42 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spopk.dll
[2011.06.12 11:38:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\muifontsetup.dll
[2011.06.12 11:38:41 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RDPENCDD.dll
[2011.06.12 11:38:41 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll
[2011.06.12 11:38:41 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetmib1.dll
[2011.06.12 11:38:41 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\g711codc.ax
[2011.06.12 11:38:41 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2011.06.12 11:38:41 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\luainstall.dll
[2011.06.12 11:38:41 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shimgvw.dll
[2011.06.12 11:38:41 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unlodctr.exe
[2011.06.12 11:38:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbisurf.ax
[2011.06.12 11:38:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\profprov.dll
[2011.06.12 11:38:41 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdmo.dll
[2011.06.12 11:38:41 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdprefdrvapi.dll
[2011.06.12 11:38:41 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fixmapi.exe
[2011.06.12 11:38:40 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2011.06.12 11:38:40 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
[2011.06.12 11:38:40 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSMON.dll
[2011.06.12 11:38:40 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2011.06.12 11:38:40 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll
[2011.06.12 11:38:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elsTrans.dll
[2011.06.12 11:38:39 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsauth.dll
[2011.06.12 11:38:39 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2011.06.12 11:38:39 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LogonUI.exe
[2011.06.12 11:38:39 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys
[2011.06.12 11:38:39 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TRAPI.dll
[2011.06.12 11:38:39 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfts.dll
[2011.06.12 11:38:38 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\napdsnap.dll
[2011.06.12 11:38:38 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\napdsnap.dll
[2011.06.12 11:38:38 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys
[2011.06.12 11:38:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsauth.dll
[2011.06.12 11:38:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscdll.dll
[2011.06.12 11:38:38 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsperf.dll
[2011.06.12 11:38:38 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdprefdrvapi.dll
[2011.06.12 11:38:38 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elsTrans.dll
[2011.06.12 11:38:38 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TRAPI.dll
[2011.06.12 11:38:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsperf.dll
[2011.06.12 11:38:38 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSUNATD.exe
[2011.06.12 11:38:38 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schedcli.dll
[2011.06.12 11:38:37 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imkr80.ime
[2011.06.12 11:38:37 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2011.06.12 11:38:37 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsdchngr.dll
[2011.06.12 11:38:36 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imkr80.ime
[2011.06.12 11:38:36 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011.06.12 11:38:36 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2011.06.12 11:38:36 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys
[2011.06.12 11:38:36 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shgina.dll
[2011.06.12 11:38:36 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll
[2011.06.12 11:38:36 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shgina.dll
[2011.06.12 11:38:36 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshirda.dll
[2011.06.12 11:38:36 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011.06.12 11:38:36 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2011.06.12 11:38:36 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\riched32.dll
[2011.06.12 11:38:35 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshirda.dll
[2011.06.12 11:38:35 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcfgex.dll
[2011.06.12 11:38:31 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched32.dll
[2011.06.12 11:38:28 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2011.06.12 11:38:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\C_ISCII.DLL
[2011.06.12 11:38:26 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2011.06.12 11:38:23 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\C_ISCII.DLL
[2011.06.12 11:38:22 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2011.06.12 11:38:22 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2011.06.12 11:38:21 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shunimpl.dll
[2011.06.12 11:38:21 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shunimpl.dll
[2011.06.12 11:38:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2011.06.12 11:38:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2011.06.12 11:38:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-ums-l1-1-0.dll
[2011.06.12 11:38:20 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2011.06.12 11:38:20 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2011.06.12 11:38:20 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTUQ.DLL
[2011.06.12 11:38:20 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTUF.DLL
[2011.06.12 11:38:20 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDSG.DLL
[2011.06.12 11:38:20 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kbdlk41a.dll
[2011.06.12 11:38:20 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGKL.DLL
[2011.06.12 11:38:20 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDCZ1.DLL
[2011.06.12 11:38:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTUQ.DLL
[2011.06.12 11:38:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTUF.DLL
[2011.06.12 11:38:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDSG.DLL
[2011.06.12 11:38:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDSF.DLL
[2011.06.12 11:38:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDPO.DLL
[2011.06.12 11:38:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDNEPR.DLL
[2011.06.12 11:38:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbdlk41a.dll
[2011.06.12 11:38:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL
[2011.06.12 11:38:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL
[2011.06.12 11:38:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGR1.DLL
[2011.06.12 11:38:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGR1.DLL
[2011.06.12 11:38:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGKL.DLL
[2011.06.12 11:38:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDCZ1.DLL
[2011.06.12 11:38:20 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL
[2011.06.12 11:38:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDUS.DLL
[2011.06.12 11:38:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTURME.DLL
[2011.06.12 11:38:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAJIK.DLL
[2011.06.12 11:38:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDMON.DLL
[2011.06.12 11:38:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL
[2011.06.12 11:38:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGEO.DLL
[2011.06.12 11:38:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGEO.DLL
[2011.06.12 11:38:20 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBLR.DLL
[2011.06.12 11:38:19 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlsbres.dll
[2011.06.12 11:38:19 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlsbres.dll
[2011.06.12 11:38:19 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BlbEvents.dll
[2011.06.12 11:38:19 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pifmgr.dll
[2011.06.12 11:38:19 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pifmgr.dll
[2011.06.12 11:38:19 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizres.dll
[2011.06.12 11:38:19 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizres.dll
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDUS.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDUGHR1.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTURME.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAJIK.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDSF.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDPO.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDNEPR.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDMON.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDMAORI.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDLT1.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBULG.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBLR.DLL
[2011.06.12 11:38:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL
[2011.06.12 11:38:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDUGHR1.DLL
[2011.06.12 11:38:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDMAORI.DLL
[2011.06.12 11:38:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDLT1.DLL
[2011.06.12 11:38:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBULG.DLL
[2011.06.12 11:38:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL
[2011.06.12 11:38:19 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnaddr.dll
[2011.06.12 11:38:19 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnaddr.dll
[2011.06.12 11:36:34 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PkgMgr.exe
[2011.06.12 11:36:34 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdscore.dll
[2011.06.12 11:36:25 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll
[2011.06.12 11:36:25 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpx.dll
[2011.06.12 11:27:10 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wbemcomn.dll
[2011.06.12 11:27:10 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2011.06.12 11:26:39 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmiEngine.dll
[2011.06.12 11:26:06 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PkgMgr.exe
[2011.06.12 11:24:14 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll
[2011.06.12 11:24:10 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpx.dll
[2011.06.09 17:45:08 | 000,000,000 | ---D | C] -- C:\Users\Mike\Documents\ICQ
[2011.06.06 19:20:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2011.06.06 19:20:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
 
========== Files - Modified Within 30 Days ==========
 
[2011.07.05 10:21:52 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.05 10:21:52 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.05 10:19:35 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2011.07.05 10:18:50 | 001,487,130 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.07.05 10:18:50 | 000,649,238 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.07.05 10:18:50 | 000,611,996 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.07.05 10:18:50 | 000,128,198 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.07.05 10:18:50 | 000,105,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.07.05 10:14:34 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.05 10:14:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.05 10:14:21 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.05 08:55:03 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.04 21:57:53 | 1323,256,355 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.07.03 16:32:30 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.07.02 19:25:13 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011.07.02 19:24:53 | 001,508,156 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.07.02 09:30:15 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011.07.02 09:30:15 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.07.02 09:30:15 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.07.02 09:30:15 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.07.02 09:29:19 | 000,001,003 | ---- | M] () -- C:\Users\Public\Desktop\PS3 Media Server.lnk
[2011.07.01 19:56:53 | 000,001,122 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.07.01 16:49:02 | 000,000,096 | ---- | M] () -- C:\Users\Mike\.asadminpass
[2011.07.01 16:23:52 | 000,525,544 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2011.07.01 15:52:23 | 000,001,792 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.07.01 15:35:08 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011.07.01 15:35:08 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011.07.01 11:09:20 | 000,600,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.06.30 19:14:01 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.06.30 19:14:00 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011.06.30 19:14:00 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.06.30 19:14:00 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.06.30 19:14:00 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.06.30 19:14:00 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2011.06.30 19:14:00 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.06.30 19:14:00 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.06.30 19:14:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.06.30 19:14:00 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.06.30 19:14:00 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.06.30 19:14:00 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.06.30 19:14:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.06.30 19:13:59 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.06.30 19:13:59 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.06.30 19:13:59 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.06.30 19:13:59 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.06.30 19:13:59 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.06.30 19:13:59 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2011.06.30 19:13:59 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.06.30 19:13:59 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2011.06.30 19:13:59 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.06.30 19:13:59 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.06.30 19:13:59 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.06.30 19:13:59 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.06.30 19:13:59 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.06.30 19:13:59 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.06.30 19:13:59 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.06.30 19:13:59 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.06.30 19:13:59 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.06.30 19:13:59 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.06.30 19:13:59 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.06.30 19:13:59 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.06.30 19:13:58 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.06.30 19:13:58 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.06.30 19:13:58 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.06.30 19:13:58 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.06.30 19:13:58 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.06.30 19:13:58 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.06.30 19:13:58 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.06.30 19:13:58 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2011.06.30 19:13:57 | 002,303,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.06.30 19:13:57 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.06.30 19:13:57 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.06.30 19:13:57 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.06.30 19:13:57 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.06.30 19:13:57 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.06.30 19:13:57 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.06.30 19:13:57 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.06.30 19:13:57 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.06.30 19:13:57 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.06.30 19:13:57 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.06.30 19:13:57 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.06.30 19:13:57 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.06.30 19:13:57 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.06.30 19:13:57 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.06.30 19:13:57 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.06.30 19:13:57 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.06.30 19:13:57 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.06.30 19:13:57 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.06.30 19:13:56 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.06.30 19:13:56 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.06.30 19:13:56 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.06.30 19:13:56 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.06.30 19:13:56 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.06.30 19:13:56 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.06.30 19:13:56 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.06.30 19:13:56 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.06.30 19:13:56 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.06.30 19:13:56 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.06.30 19:13:56 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.06.30 19:13:56 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.06.30 19:13:56 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.06.30 19:13:56 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.06.30 19:13:56 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.06.30 19:13:56 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.06.30 19:13:56 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.06.30 19:13:56 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011.06.30 19:13:56 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.06.30 19:13:56 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.06.30 19:07:05 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2011.06.30 19:07:05 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2011.06.29 18:54:11 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.06.26 11:01:35 | 000,000,237 | ---- | M] () -- C:\Windows\RomeTW.ini
[2011.06.17 12:35:49 | 000,116,568 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.06.17 12:35:49 | 000,083,120 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.06.14 19:26:44 | 000,001,963 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011.06.13 21:00:00 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
 
========== Files Created - No Company Name ==========
 
[2011.07.03 16:32:30 | 000,002,079 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.07.02 19:25:13 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011.07.02 19:24:44 | 000,001,906 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011.07.02 09:29:19 | 000,001,003 | ---- | C] () -- C:\Users\Public\Desktop\PS3 Media Server.lnk
[2011.07.01 19:56:53 | 000,001,122 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.07.01 16:49:02 | 000,000,096 | ---- | C] () -- C:\Users\Mike\.asadminpass
[2011.07.01 15:52:23 | 000,001,792 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.07.01 15:26:57 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011.07.01 15:26:57 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2011.07.01 12:18:18 | 1323,256,355 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.07.01 11:15:41 | 000,001,452 | ---- | C] () -- C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.06.30 19:13:59 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.06.30 19:13:56 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.06.29 18:54:11 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.06.29 18:54:11 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.06.26 11:01:35 | 000,000,237 | ---- | C] () -- C:\Windows\RomeTW.ini
[2011.06.13 21:00:00 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.06.12 11:41:03 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2011.06.12 11:38:42 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2011.06.12 11:38:18 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2011.06.12 11:38:18 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2011.06.12 11:36:34 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2010.11.16 17:31:01 | 000,089,312 | ---- | C] () -- C:\Windows\SysWow64\acedrv09.dll
[2010.11.16 17:30:24 | 000,016,070 | ---- | C] () -- C:\Windows\German2.ini
[2010.11.16 17:11:30 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.11.14 14:10:01 | 000,221,134 | ---- | C] () -- C:\Windows\hpoins40.dat
[2010.11.14 14:10:01 | 000,000,918 | ---- | C] () -- C:\Windows\hpomdl40.dat
[2010.11.06 19:17:58 | 001,508,156 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.05 18:35:00 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009.07.13 23:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009.07.13 23:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009.07.13 23:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

< End of report >

kira 06.07.2011 06:44
1.
wird meistens ungefragt (mit)installiert. Wenn nicht benötigst bzw absichtlich installiert hast, kannst deinstallieren:
Code:
Conduit Engine
DVDVideoSoftTB Toolbar
Immer die benutzerdefinierte Installation wählen, nicht die Standardinstallation, weil dann oft Sachen mitinstalliert werden, die man nicht braucht oder nicht möchte.
Bei Installation die Lizenzbestimmungen immer lesen, und nicht sofort überall den Haken setzen, weil damit stimmt man nämlich zu, dass Adware (Werbe-Pop-ups) durch Partnerprogrammen, Sponsoren etc - mitinstalliert wird, weil sich Freeware damit finanziert.
meiste Toolbars bzw Browserhelper wollen sich doch nur wichtig machen;)

auch überlegenswert:
Zitat:
Google Toolbar
ICQ Toolbar
- BHO`s & Toolbars und Start bzw Suchseite die nicht absichtlich zugefügt wurden...:
Immer mehr Programme bringen eine Toolbar mit.(wie z.B. Google, Yaho,Messenger, Winamp, ICQ usw). Manche Zustimmung der User installiert, manche wieder ohne Wissen des Benutzers;) Viele davon sehr fehleranfällig und fressen eine Menge an Systemressourcen. Zur funktionstüchtigen Installation der jeweiligen Software ist Toolbar aber nicht notwendig, zudem die meisten modernen Browser mit vielen zusätzlichen Funktionen ausgestattet sind. Ausserdem die dazugehörigen Programme, funktionieren auch ohne...

2.
ohne zu bedenken:
Um dein System flotter machen, kannst Du es von unnötigen Aufgaben befreien...
unter Start> Zubehör> Systemprogramme> Aufgabenplaner
Zitat:
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
3.
Plugins für Firefox prüfen, ggf nicht benötigte deinstallieren

4.
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
:OTL
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c346baca-2648-11e0-a75c-4487fca8727b}\Shell - "" = AutoRun
O33 - MountPoints2\{c346baca-2648-11e0-a75c-4487fca8727b}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a

:Commands
[purity]
[emptytemp]

5.
reinige dein System mit Ccleaner:
  • "Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

6.
Im normalen Modus!
** Update Malwarebytes Anti-Malware, lass es nochmal anhand der folgenden Anleitung laufen:
  • per Doppelklick starten.
  • gleich mal die Datenbanken zu aktualisieren - online updaten
  • Vollständiger Suchlauf wählen (überall Haken setzen)
  • wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
  • alle Funde bis auf - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
  • Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"
eine bebilderte Anleitung findest Du hier: Anleitung

7.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

Mike1985 06.07.2011 07:39
Guten Morgen Kira,

bei Nr. 2 häng ich leider ein bissl. Kannst du mir bitte nochmal erklären was genau ich im Aufgabenplaner machen muss? Danke..

Code:
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
File C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ not found.
File C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
File C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c346baca-2648-11e0-a75c-4487fca8727b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c346baca-2648-11e0-a75c-4487fca8727b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c346baca-2648-11e0-a75c-4487fca8727b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c346baca-2648-11e0-a75c-4487fca8727b}\ not found.
File H:\LaunchU3.exe -a not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Mike
->Temp folder emptied: 17096839 bytes
->Temporary Internet Files folder emptied: 68820437 bytes
->Java cache emptied: 18465 bytes
->FireFox cache emptied: 83867226 bytes
->Flash cache emptied: 2580 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 262591850 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50501 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 751 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 412,00 mb
 
 
OTL by OldTimer - Version 3.2.26.0 log created on 07062011_083323

Files\Folders moved on Reboot...
C:\Users\Mike\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

kira 06.07.2011 07:44
einfach rauslöschen:
Zitat:
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

Mike1985 06.07.2011 07:52
Also ich mach gerade den vollscan im normalmodus mit malwarebytes, ich hoffe dass nun kein blue-screen kommt und abstürzt..

ich muss wohl zwischendurch in die arbeit :D

meld mich dann heute abend wieder..

danke

kira 06.07.2011 07:56
sollte jetzt eigentlich gehen...

Mike1985 06.07.2011 08:22
Es kam wieder!! :koch::koch:

Problemsignatur:
Problemereignisname: BlueScreen
Betriebsystemversion: 6.1.7601.2.1.0.768.3
Gebietsschema-ID: 1031

Zusatzinformationen zum Problem:
BCCode: 50
BCP1: FFFFF8A0125F9000
BCP2: 0000000000000000
BCP3: FFFFF880015D6C02
BCP4: 0000000000000000
OS Version: 6_1_7601
Service Pack: 1_0
Product: 768_1

Dateien, die bei der Beschreibung des Problems hilfreich sind:
C:\Windows\Minidump\070611-16832-01.dmp
C:\Users\Mike\AppData\Local\Temp\WER-29640-0.sysdata.xml

Das zeigt er mir nach neustart..

man man

kira 07.07.2011 05:45
TDSSKiller von Kaspersky
  • Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.
  • Vergewissere Dich, dass die TDSSKiller.exe direkt auf dem Desktop liegt (nicht in einem Ordner auf dem Desktop).
  • deaktiviere vorübergehend dein AntiVirus-Programm
  • Starte die TDSSKiller.exe durch Doppelklick.
  • Nach Beendigung der Arbeit schlägt das Tool vor, das System neu zu starten.
    Bestätige das ggfs. mit Y(es).
    Beim Hochfahren des Systems führt der Treiber alle geplanten Operationen aus löscht sich danach.
  • Poste mir den Inhalt von C:\TDSSKiller<random>.txt hier in den Thread.
Hier findest Du eine ausführlichere Anleitung.

Mike1985 07.07.2011 07:04
Guten Morgen Kira,

also es war jetzt nicht alles so 100%ig wie du es beschrieben hast, er hat einen neustart verlangt und ich hoffe dass das jetzt das richtige ist:

Code:
2011/07/07 07:54:05.0971 4012        TDSS rootkit removing tool 2.5.9.0 Jul  1 2011 18:45:21
2011/07/07 07:54:06.0177 4012        ================================================================================
2011/07/07 07:54:06.0177 4012        SystemInfo:
2011/07/07 07:54:06.0177 4012       
2011/07/07 07:54:06.0177 4012        OS Version: 6.1.7601 ServicePack: 1.0
2011/07/07 07:54:06.0177 4012        Product type: Workstation
2011/07/07 07:54:06.0177 4012        ComputerName: MIKE-PC
2011/07/07 07:54:06.0177 4012        UserName: Mike
2011/07/07 07:54:06.0177 4012        Windows directory: C:\Windows
2011/07/07 07:54:06.0177 4012        System windows directory: C:\Windows
2011/07/07 07:54:06.0177 4012        Running under WOW64
2011/07/07 07:54:06.0177 4012        Processor architecture: Intel x64
2011/07/07 07:54:06.0177 4012        Number of processors: 2
2011/07/07 07:54:06.0177 4012        Page size: 0x1000
2011/07/07 07:54:06.0177 4012        Boot type: Normal boot
2011/07/07 07:54:06.0177 4012        ================================================================================
2011/07/07 07:54:07.0242 4012        Initialize success
2011/07/07 07:54:19.0907 3444        ================================================================================
2011/07/07 07:54:19.0907 3444        Scan started
2011/07/07 07:54:19.0907 3444        Mode: Manual;
2011/07/07 07:54:19.0907 3444        ================================================================================
2011/07/07 07:54:20.0989 3444        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/07/07 07:54:21.0152 3444        acedrv09        (eae3d29874f8d26e3ec9886fe6d8fbf5) C:\Windows\system32\drivers\acedrv09.sys
2011/07/07 07:54:21.0193 3444        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/07/07 07:54:21.0229 3444        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/07/07 07:54:21.0265 3444        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/07/07 07:54:21.0289 3444        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/07/07 07:54:21.0315 3444        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/07/07 07:54:21.0375 3444        AFD            (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
2011/07/07 07:54:21.0405 3444        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/07/07 07:54:21.0437 3444        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/07/07 07:54:21.0466 3444        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/07/07 07:54:21.0489 3444        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/07/07 07:54:21.0510 3444        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/07/07 07:54:21.0546 3444        amdsata        (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
2011/07/07 07:54:21.0560 3444        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/07/07 07:54:21.0573 3444        amdxata        (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
2011/07/07 07:54:21.0641 3444        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/07/07 07:54:21.0680 3444        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/07/07 07:54:21.0696 3444        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/07/07 07:54:21.0717 3444        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/07 07:54:21.0745 3444        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/07/07 07:54:21.0797 3444        avgntflt        (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/07/07 07:54:21.0834 3444        avipbb          (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
2011/07/07 07:54:21.0865 3444        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/07/07 07:54:21.0892 3444        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/07/07 07:54:21.0915 3444        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/07/07 07:54:21.0968 3444        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/07/07 07:54:22.0014 3444        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/07 07:54:22.0033 3444        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/07/07 07:54:22.0052 3444        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/07/07 07:54:22.0080 3444        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/07/07 07:54:22.0094 3444        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/07/07 07:54:22.0108 3444        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/07/07 07:54:22.0123 3444        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/07/07 07:54:22.0143 3444        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/07/07 07:54:22.0172 3444        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/07 07:54:22.0200 3444        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
2011/07/07 07:54:22.0216 3444        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/07/07 07:54:22.0253 3444        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/07/07 07:54:22.0282 3444        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/07/07 07:54:22.0293 3444        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/07/07 07:54:22.0333 3444        CNG            (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/07/07 07:54:22.0358 3444        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/07/07 07:54:22.0394 3444        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/07/07 07:54:22.0494 3444        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/07/07 07:54:22.0573 3444        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/07/07 07:54:22.0599 3444        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/07/07 07:54:22.0614 3444        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/07/07 07:54:22.0652 3444        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/07/07 07:54:22.0701 3444        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/07 07:54:22.0772 3444        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/07/07 07:54:22.0849 3444        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/07/07 07:54:22.0869 3444        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/07/07 07:54:22.0901 3444        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/07/07 07:54:22.0931 3444        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/07/07 07:54:22.0959 3444        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/07 07:54:22.0990 3444        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/07/07 07:54:23.0011 3444        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/07/07 07:54:23.0023 3444        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/07 07:54:23.0061 3444        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/07/07 07:54:23.0097 3444        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/07/07 07:54:23.0109 3444        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/07 07:54:23.0154 3444        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/07/07 07:54:23.0197 3444        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/07/07 07:54:23.0315 3444        GearAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\drivers\GEARAspiWDM.sys
2011/07/07 07:54:23.0408 3444        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/07/07 07:54:23.0452 3444        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/07/07 07:54:23.0480 3444        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/07/07 07:54:23.0500 3444        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/07/07 07:54:23.0524 3444        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/07/07 07:54:23.0548 3444        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/07/07 07:54:23.0582 3444        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
2011/07/07 07:54:23.0629 3444        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/07/07 07:54:23.0674 3444        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/07/07 07:54:23.0715 3444        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/07/07 07:54:23.0758 3444        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/07/07 07:54:23.0781 3444        iaStorV        (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
2011/07/07 07:54:23.0893 3444        igfx            (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
2011/07/07 07:54:24.0004 3444        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/07/07 07:54:24.0072 3444        IntcAzAudAddService (450bec18b45bccfdc923e11f856dbda7) C:\Windows\system32\drivers\RTKVHD64.sys
2011/07/07 07:54:24.0104 3444        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/07/07 07:54:24.0128 3444        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/07 07:54:24.0176 3444        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/07 07:54:24.0199 3444        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/07/07 07:54:24.0216 3444        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/07/07 07:54:24.0258 3444        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/07/07 07:54:24.0270 3444        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/07/07 07:54:24.0296 3444        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/07/07 07:54:24.0320 3444        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
2011/07/07 07:54:24.0340 3444        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
2011/07/07 07:54:24.0367 3444        KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/07 07:54:24.0405 3444        KSecPkg        (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/07/07 07:54:24.0424 3444        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/07/07 07:54:24.0460 3444        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/07 07:54:24.0488 3444        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/07/07 07:54:24.0505 3444        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/07/07 07:54:24.0531 3444        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/07/07 07:54:24.0550 3444        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/07/07 07:54:24.0578 3444        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/07/07 07:54:24.0612 3444        MBAMProtector  (ed49fd1373de93617a1f6d128d98fe4d) C:\Windows\system32\drivers\mbam.sys
2011/07/07 07:54:24.0669 3444        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/07/07 07:54:24.0687 3444        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/07/07 07:54:24.0713 3444        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/07/07 07:54:24.0733 3444        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/07 07:54:24.0757 3444        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
2011/07/07 07:54:24.0769 3444        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/07/07 07:54:24.0818 3444        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/07/07 07:54:24.0839 3444        MpFilter        (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/07/07 07:54:24.0867 3444        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/07/07 07:54:24.0885 3444        MpNWMon        (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/07/07 07:54:24.0906 3444        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/07 07:54:24.0954 3444        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/07/07 07:54:24.0999 3444        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/07 07:54:25.0018 3444        mrxsmb10        (2086d463bd371d8a37d153897430916d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/07 07:54:25.0048 3444        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/07 07:54:25.0084 3444        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/07/07 07:54:25.0116 3444        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/07/07 07:54:25.0140 3444        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/07/07 07:54:25.0168 3444        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/07/07 07:54:25.0194 3444        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/07/07 07:54:25.0235 3444        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/07 07:54:25.0261 3444        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/07 07:54:25.0275 3444        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/07/07 07:54:25.0311 3444        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/07/07 07:54:25.0334 3444        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/07/07 07:54:25.0346 3444        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/07/07 07:54:25.0361 3444        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/07/07 07:54:25.0401 3444        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/07/07 07:54:25.0470 3444        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/07 07:54:25.0600 3444        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/07/07 07:54:25.0672 3444        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/07/07 07:54:25.0700 3444        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/07 07:54:25.0735 3444        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/07 07:54:25.0771 3444        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/07 07:54:25.0795 3444        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/07/07 07:54:25.0857 3444        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/07 07:54:25.0897 3444        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/07 07:54:25.0963 3444        netr28ux        (618c55b392238b9467f9113e13525c49) C:\Windows\system32\DRIVERS\netr28ux.sys
2011/07/07 07:54:25.0999 3444        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/07/07 07:54:26.0029 3444        NisDrv          (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/07/07 07:54:26.0058 3444        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/07/07 07:54:26.0080 3444        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/07 07:54:26.0139 3444        Ntfs            (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
2011/07/07 07:54:26.0179 3444        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/07/07 07:54:26.0216 3444        NVHDA          (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys
2011/07/07 07:54:26.0416 3444        nvlddmkm        (4628fa8f0cc0d509bc14a223e99d36f3) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/07/07 07:54:26.0499 3444        nvraid          (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
2011/07/07 07:54:26.0536 3444        nvstor          (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
2011/07/07 07:54:26.0570 3444        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/07/07 07:54:26.0592 3444        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/07/07 07:54:26.0635 3444        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/07/07 07:54:26.0656 3444        partmgr        (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/07/07 07:54:26.0693 3444        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/07/07 07:54:26.0724 3444        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/07/07 07:54:26.0749 3444        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/07/07 07:54:26.0769 3444        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/07/07 07:54:26.0801 3444        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/07/07 07:54:26.0914 3444        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/07 07:54:26.0935 3444        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/07/07 07:54:26.0989 3444        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/07 07:54:27.0032 3444        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/07/07 07:54:27.0064 3444        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/07/07 07:54:27.0085 3444        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/07 07:54:27.0110 3444        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/07 07:54:27.0135 3444        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/07/07 07:54:27.0178 3444        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/07 07:54:27.0195 3444        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/07 07:54:27.0212 3444        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/07 07:54:27.0254 3444        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/07 07:54:27.0283 3444        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/07/07 07:54:27.0295 3444        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/07 07:54:27.0317 3444        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/07 07:54:27.0344 3444        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/07/07 07:54:27.0384 3444        RDPWD          (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/07/07 07:54:27.0418 3444        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/07/07 07:54:27.0467 3444        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/07 07:54:27.0492 3444        RTL8167        (365ed58b47b46de8b1c5fa759b6fcd6e) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/07/07 07:54:27.0538 3444        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/07/07 07:54:27.0578 3444        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/07/07 07:54:27.0613 3444        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/07/07 07:54:27.0640 3444        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/07/07 07:54:27.0661 3444        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/07/07 07:54:27.0680 3444        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/07/07 07:54:27.0748 3444        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/07/07 07:54:27.0818 3444        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/07/07 07:54:27.0841 3444        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/07/07 07:54:27.0898 3444        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/07/07 07:54:27.0932 3444        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/07/07 07:54:27.0945 3444        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/07/07 07:54:27.0972 3444        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/07/07 07:54:28.0000 3444        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/07/07 07:54:28.0075 3444        sptd            (88e5162e58c8919cc873f5d8946197cf) C:\Windows\system32\Drivers\sptd.sys
2011/07/07 07:54:28.0075 3444        Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 88e5162e58c8919cc873f5d8946197cf
2011/07/07 07:54:28.0080 3444        sptd - detected LockedFile.Multi.Generic (1)
2011/07/07 07:54:28.0121 3444        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
2011/07/07 07:54:28.0183 3444        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/07 07:54:28.0208 3444        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/07 07:54:28.0250 3444        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/07/07 07:54:28.0294 3444        StillCam        (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
2011/07/07 07:54:28.0317 3444        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/07/07 07:54:28.0402 3444        Tcpip          (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\drivers\tcpip.sys
2011/07/07 07:54:28.0465 3444        TCPIP6          (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/07 07:54:28.0518 3444        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/07 07:54:28.0543 3444        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/07/07 07:54:28.0565 3444        TDTCP          (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/07/07 07:54:28.0600 3444        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/07 07:54:28.0619 3444        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/07/07 07:54:28.0678 3444        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/07 07:54:28.0741 3444        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/07/07 07:54:28.0794 3444        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/07 07:54:28.0820 3444        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/07/07 07:54:28.0855 3444        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/07 07:54:28.0892 3444        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/07/07 07:54:28.0919 3444        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2011/07/07 07:54:28.0946 3444        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/07/07 07:54:28.0987 3444        USBAAPL64      (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
2011/07/07 07:54:29.0004 3444        usbccgp        (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys
2011/07/07 07:54:29.0032 3444        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/07/07 07:54:29.0051 3444        usbehci        (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
2011/07/07 07:54:29.0075 3444        usbhub          (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
2011/07/07 07:54:29.0095 3444        usbohci        (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
2011/07/07 07:54:29.0108 3444        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/07 07:54:29.0133 3444        USBSTOR        (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\drivers\USBSTOR.SYS
2011/07/07 07:54:29.0157 3444        usbuhci        (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
2011/07/07 07:54:29.0183 3444        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/07/07 07:54:29.0213 3444        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/07 07:54:29.0237 3444        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/07/07 07:54:29.0257 3444        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/07/07 07:54:29.0282 3444        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/07/07 07:54:29.0307 3444        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/07/07 07:54:29.0349 3444        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/07/07 07:54:29.0379 3444        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/07/07 07:54:29.0400 3444        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/07/07 07:54:29.0421 3444        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/07/07 07:54:29.0455 3444        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/07/07 07:54:29.0491 3444        vwifimp        (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
2011/07/07 07:54:29.0512 3444        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/07/07 07:54:29.0531 3444        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/07 07:54:29.0541 3444        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/07 07:54:29.0580 3444        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/07/07 07:54:29.0607 3444        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/07 07:54:29.0647 3444        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/07/07 07:54:29.0667 3444        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/07/07 07:54:29.0717 3444        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/07/07 07:54:29.0741 3444        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/07/07 07:54:29.0776 3444        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/07 07:54:29.0819 3444        WSDPrintDevice  (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
2011/07/07 07:54:29.0866 3444        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/07/07 07:54:29.0888 3444        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/07 07:54:29.0979 3444        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/07/07 07:54:30.0014 3444        Boot (0x1200)  (1dc4b0aaa694c6ce6ed65b0a96727af5) \Device\Harddisk0\DR0\Partition0
2011/07/07 07:54:30.0049 3444        Boot (0x1200)  (28fe87ee5e48c7283b37a7b1a01aee4c) \Device\Harddisk0\DR0\Partition1
2011/07/07 07:54:30.0054 3444        ================================================================================
2011/07/07 07:54:30.0054 3444        Scan finished
2011/07/07 07:54:30.0054 3444        ================================================================================
2011/07/07 07:54:30.0063 4324        Detected object count: 1
2011/07/07 07:54:30.0063 4324        Actual detected object count: 1
2011/07/07 07:55:01.0323 4324        LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/07/07 07:56:24.0067 2992        ================================================================================
2011/07/07 07:56:24.0067 2992        Scan started
2011/07/07 07:56:24.0067 2992        Mode: Manual;
2011/07/07 07:56:24.0067 2992        ================================================================================
2011/07/07 07:56:24.0985 2992        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/07/07 07:56:25.0023 2992        acedrv09        (eae3d29874f8d26e3ec9886fe6d8fbf5) C:\Windows\system32\drivers\acedrv09.sys
2011/07/07 07:56:25.0089 2992        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/07/07 07:56:25.0136 2992        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/07/07 07:56:25.0195 2992        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/07/07 07:56:25.0219 2992        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/07/07 07:56:25.0275 2992        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/07/07 07:56:25.0338 2992        AFD            (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
2011/07/07 07:56:25.0368 2992        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/07/07 07:56:25.0433 2992        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/07/07 07:56:25.0456 2992        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/07/07 07:56:25.0485 2992        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/07/07 07:56:25.0573 2992        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/07/07 07:56:25.0620 2992        amdsata        (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
2011/07/07 07:56:25.0708 2992        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/07/07 07:56:25.0720 2992        amdxata        (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
2011/07/07 07:56:25.0838 2992        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/07/07 07:56:25.0865 2992        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/07/07 07:56:25.0882 2992        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/07/07 07:56:25.0925 2992        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/07 07:56:25.0974 2992        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/07/07 07:56:26.0060 2992        avgntflt        (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/07/07 07:56:26.0108 2992        avipbb          (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
2011/07/07 07:56:26.0150 2992        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/07/07 07:56:26.0194 2992        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/07/07 07:56:26.0241 2992        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/07/07 07:56:26.0275 2992        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/07/07 07:56:26.0321 2992        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/07 07:56:26.0352 2992        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/07/07 07:56:26.0371 2992        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/07/07 07:56:26.0476 2992        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/07/07 07:56:26.0528 2992        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/07/07 07:56:26.0542 2992        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/07/07 07:56:26.0556 2992        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/07/07 07:56:26.0606 2992        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/07/07 07:56:26.0635 2992        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/07 07:56:26.0718 2992        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
2011/07/07 07:56:26.0754 2992        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/07/07 07:56:26.0830 2992        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/07/07 07:56:26.0867 2992        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/07/07 07:56:26.0907 2992        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/07/07 07:56:26.0953 2992        CNG            (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/07/07 07:56:27.0066 2992        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/07/07 07:56:27.0146 2992        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/07/07 07:56:27.0370 2992        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/07/07 07:56:27.0470 2992        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/07/07 07:56:27.0518 2992        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/07/07 07:56:27.0533 2992        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/07/07 07:56:27.0576 2992        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/07/07 07:56:27.0694 2992        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/07 07:56:27.0792 2992        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/07/07 07:56:27.0890 2992        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/07/07 07:56:27.0913 2992        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/07/07 07:56:27.0976 2992        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/07/07 07:56:28.0017 2992        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/07/07 07:56:28.0045 2992        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/07 07:56:28.0153 2992        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/07/07 07:56:28.0175 2992        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/07/07 07:56:28.0312 2992        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/07 07:56:28.0400 2992        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/07/07 07:56:28.0460 2992        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/07/07 07:56:28.0537 2992        Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/07 07:56:28.0573 2992        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/07/07 07:56:28.0616 2992        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/07/07 07:56:28.0679 2992        GearAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\drivers\GEARAspiWDM.sys
2011/07/07 07:56:28.0949 2992        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/07/07 07:56:29.0027 2992        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/07/07 07:56:29.0055 2992        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/07/07 07:56:29.0186 2992        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/07/07 07:56:29.0221 2992        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/07/07 07:56:29.0232 2992        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/07/07 07:56:29.0264 2992        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
2011/07/07 07:56:29.0360 2992        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/07/07 07:56:29.0472 2992        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/07/07 07:56:29.0501 2992        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/07/07 07:56:29.0555 2992        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/07/07 07:56:29.0600 2992        iaStorV        (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
2011/07/07 07:56:29.0958 2992        igfx            (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
2011/07/07 07:56:30.0002 2992        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/07/07 07:56:30.0081 2992        IntcAzAudAddService (450bec18b45bccfdc923e11f856dbda7) C:\Windows\system32\drivers\RTKVHD64.sys
2011/07/07 07:56:30.0154 2992        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/07/07 07:56:30.0170 2992        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/07 07:56:30.0229 2992        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/07 07:56:30.0418 2992        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/07/07 07:56:30.0436 2992        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/07/07 07:56:30.0455 2992        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/07/07 07:56:30.0497 2992        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/07/07 07:56:30.0526 2992        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/07/07 07:56:30.0550 2992        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
2011/07/07 07:56:30.0580 2992        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
2011/07/07 07:56:30.0609 2992        KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/07 07:56:30.0653 2992        KSecPkg        (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/07/07 07:56:30.0699 2992        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/07/07 07:56:30.0735 2992        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/07 07:56:30.0763 2992        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/07/07 07:56:30.0779 2992        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/07/07 07:56:30.0828 2992        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/07/07 07:56:30.0847 2992        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/07/07 07:56:30.0941 2992        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/07/07 07:56:30.0987 2992        MBAMProtector  (ed49fd1373de93617a1f6d128d98fe4d) C:\Windows\system32\drivers\mbam.sys
2011/07/07 07:56:31.0022 2992        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/07/07 07:56:31.0040 2992        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/07/07 07:56:31.0133 2992        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/07/07 07:56:31.0153 2992        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/07 07:56:31.0209 2992        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
2011/07/07 07:56:31.0256 2992        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/07/07 07:56:31.0271 2992        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/07/07 07:56:31.0321 2992        MpFilter        (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/07/07 07:56:31.0376 2992        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/07/07 07:56:31.0393 2992        MpNWMon        (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/07/07 07:56:31.0414 2992        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/07 07:56:31.0461 2992        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/07/07 07:56:31.0528 2992        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/07 07:56:31.0648 2992        mrxsmb10        (2086d463bd371d8a37d153897430916d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/07 07:56:31.0666 2992        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/07 07:56:31.0725 2992        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/07/07 07:56:31.0745 2992        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/07/07 07:56:31.0780 2992        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/07/07 07:56:31.0797 2992        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/07/07 07:56:31.0890 2992        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/07/07 07:56:31.0995 2992        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/07 07:56:32.0029 2992        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/07 07:56:32.0052 2992        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/07/07 07:56:32.0084 2992        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/07/07 07:56:32.0108 2992        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/07/07 07:56:32.0120 2992        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/07/07 07:56:32.0169 2992        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/07/07 07:56:32.0197 2992        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/07/07 07:56:32.0244 2992        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/07 07:56:32.0380 2992        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/07/07 07:56:32.0424 2992        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/07/07 07:56:32.0463 2992        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/07 07:56:32.0498 2992        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/07 07:56:32.0578 2992        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/07 07:56:32.0594 2992        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/07/07 07:56:32.0619 2992        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/07 07:56:32.0660 2992        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/07 07:56:32.0759 2992        netr28ux        (618c55b392238b9467f9113e13525c49) C:\Windows\system32\DRIVERS\netr28ux.sys
2011/07/07 07:56:32.0784 2992        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/07/07 07:56:32.0814 2992        NisDrv          (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/07/07 07:56:32.0887 2992        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/07/07 07:56:32.0920 2992        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/07 07:56:32.0991 2992        Ntfs            (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
2011/07/07 07:56:33.0064 2992        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/07/07 07:56:33.0101 2992        NVHDA          (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys
2011/07/07 07:56:33.0449 2992        nvlddmkm        (4628fa8f0cc0d509bc14a223e99d36f3) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/07/07 07:56:33.0540 2992        nvraid          (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
2011/07/07 07:56:33.0570 2992        nvstor          (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
2011/07/07 07:56:33.0710 2992        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/07/07 07:56:33.0834 2992        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/07/07 07:56:33.0893 2992        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/07/07 07:56:33.0930 2992        partmgr        (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/07/07 07:56:33.0992 2992        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/07/07 07:56:34.0075 2992        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/07/07 07:56:34.0101 2992        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/07/07 07:56:34.0121 2992        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/07/07 07:56:34.0225 2992        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/07/07 07:56:34.0332 2992        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/07 07:56:34.0353 2992        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/07/07 07:56:34.0404 2992        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/07 07:56:34.0494 2992        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/07/07 07:56:34.0527 2992        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/07/07 07:56:34.0569 2992        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/07 07:56:34.0595 2992        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/07 07:56:34.0653 2992        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/07/07 07:56:34.0707 2992        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/07 07:56:34.0746 2992        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/07 07:56:34.0797 2992        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/07 07:56:34.0872 2992        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/07 07:56:34.0890 2992        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/07/07 07:56:34.0907 2992        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/07 07:56:34.0936 2992        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/07 07:56:35.0007 2992        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/07/07 07:56:35.0047 2992        RDPWD          (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/07/07 07:56:35.0081 2992        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/07/07 07:56:35.0140 2992        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/07 07:56:35.0222 2992        RTL8167        (365ed58b47b46de8b1c5fa759b6fcd6e) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/07/07 07:56:35.0301 2992        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/07/07 07:56:35.0352 2992        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/07/07 07:56:35.0387 2992        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/07/07 07:56:35.0410 2992        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/07/07 07:56:35.0457 2992        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/07/07 07:56:35.0475 2992        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/07/07 07:56:35.0544 2992        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/07/07 07:56:35.0557 2992        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/07/07 07:56:35.0575 2992        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/07/07 07:56:35.0586 2992        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/07/07 07:56:35.0628 2992        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/07/07 07:56:35.0649 2992        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/07/07 07:56:35.0679 2992        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/07/07 07:56:35.0740 2992        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/07/07 07:56:35.0838 2992        sptd            (88e5162e58c8919cc873f5d8946197cf) C:\Windows\system32\Drivers\sptd.sys
2011/07/07 07:56:35.0838 2992        Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 88e5162e58c8919cc873f5d8946197cf
2011/07/07 07:56:35.0844 2992        sptd - detected LockedFile.Multi.Generic (1)
2011/07/07 07:56:35.0970 2992        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
2011/07/07 07:56:36.0091 2992        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/07 07:56:36.0196 2992        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/07 07:56:36.0224 2992        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/07/07 07:56:36.0268 2992        StillCam        (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
2011/07/07 07:56:36.0369 2992        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/07/07 07:56:36.0533 2992        Tcpip          (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\drivers\tcpip.sys
2011/07/07 07:56:36.0644 2992        TCPIP6          (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/07 07:56:36.0703 2992        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/07 07:56:36.0739 2992        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/07/07 07:56:36.0849 2992        TDTCP          (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/07/07 07:56:36.0884 2992        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/07 07:56:36.0904 2992        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/07/07 07:56:36.0951 2992        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/07 07:56:37.0003 2992        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/07/07 07:56:37.0045 2992        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/07 07:56:37.0071 2992        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/07/07 07:56:37.0228 2992        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/07 07:56:37.0266 2992        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/07/07 07:56:37.0326 2992        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2011/07/07 07:56:37.0375 2992        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/07/07 07:56:37.0405 2992        USBAAPL64      (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
2011/07/07 07:56:37.0655 2992        usbccgp        (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys
2011/07/07 07:56:37.0716 2992        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/07/07 07:56:37.0736 2992        usbehci        (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
2011/07/07 07:56:37.0805 2992        usbhub          (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
2011/07/07 07:56:37.0847 2992        usbohci        (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
2011/07/07 07:56:37.0881 2992        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/07 07:56:37.0996 2992        USBSTOR        (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\drivers\USBSTOR.SYS
2011/07/07 07:56:38.0042 2992        usbuhci        (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
2011/07/07 07:56:38.0067 2992        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/07/07 07:56:38.0098 2992        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/07 07:56:38.0188 2992        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/07/07 07:56:38.0231 2992        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/07/07 07:56:38.0291 2992        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/07/07 07:56:38.0359 2992        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/07/07 07:56:38.0553 2992        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/07/07 07:56:38.0585 2992        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/07/07 07:56:38.0685 2992        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/07/07 07:56:38.0772 2992        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/07/07 07:56:38.0829 2992        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/07/07 07:56:38.0853 2992        vwifimp        (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
2011/07/07 07:56:38.0895 2992        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/07/07 07:56:38.0949 2992        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/07 07:56:38.0963 2992        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/07 07:56:39.0009 2992        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/07/07 07:56:39.0049 2992        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/07 07:56:39.0099 2992        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/07/07 07:56:39.0130 2992        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/07/07 07:56:39.0242 2992        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/07/07 07:56:39.0261 2992        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/07/07 07:56:39.0339 2992        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/07 07:56:39.0393 2992        WSDPrintDevice  (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
2011/07/07 07:56:39.0440 2992        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/07/07 07:56:39.0606 2992        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/07 07:56:39.0664 2992        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/07/07 07:56:39.0688 2992        Boot (0x1200)  (1dc4b0aaa694c6ce6ed65b0a96727af5) \Device\Harddisk0\DR0\Partition0
2011/07/07 07:56:39.0712 2992        Boot (0x1200)  (28fe87ee5e48c7283b37a7b1a01aee4c) \Device\Harddisk0\DR0\Partition1
2011/07/07 07:56:39.0716 2992        ================================================================================
2011/07/07 07:56:39.0716 2992        Scan finished
2011/07/07 07:56:39.0716 2992        ================================================================================
2011/07/07 07:56:39.0725 5020        Detected object count: 1
2011/07/07 07:56:39.0726 5020        Actual detected object count: 1
2011/07/07 07:57:29.0441 5020        HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted after reboot
2011/07/07 07:57:29.0470 5020        HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted after reboot
2011/07/07 07:57:29.0499 5020        C:\Windows\system32\Drivers\sptd.sys - will be deleted after reboot
2011/07/07 07:57:29.0499 5020        LockedFile.Multi.Generic(sptd) - User select action: Delete
2011/07/07 07:57:37.0353 4232        Deinitialize success

kira 08.07.2011 04:34
1.
  • lade Dir SUPERAntiSpyware FREE Edition herunter.
  • installiere das Programm und update online.
  • starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
  • setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
  • anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
  • auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
  • um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
  • drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

schauen wir mal, ob jetzt läuft:
2.
** den Quarantine-Inhalt löschen-> Update Malwarebytes Anti-Malware, lass es nochmal anhand der folgenden Anleitung laufen:
  • per Doppelklick starten.
  • gleich mal die Datenbanken zu aktualisieren - online updaten
  • Vollständiger Suchlauf wählen (überall Haken setzen)
  • wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
  • alle Funde bis auf - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
  • Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"
eine bebilderte Anleitung findest Du hier: Anleitung

Mike1985 08.07.2011 06:31
Guten Morgen!

Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 07/08/2011 at 07:23 AM

Application Version : 4.55.1000

Core Rules Database Version : 7386
Trace Rules Database Version: 5198

Scan type      : Complete Scan
Total Scan Time : 00:32:45

Memory items scanned      : 628
Memory threats detected  : 0
Registry items scanned    : 14364
Registry threats detected : 4
File items scanned        : 34818
File threats detected    : 0

Adware.Zango/ShoppingReport
        (x64) HKCR\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}
        (x64) HKCR\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}\ProxyStubClsid32
        (x64) HKCR\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}\TypeLib
        (x64) HKCR\Interface\{AEBF09E2-0C15-43C8-99BF-928C645D98A0}\TypeLib#Version
Den Rest mach ich heut abend nach der arbeit :)

Mike1985 08.07.2011 07:53
Keine Chance Kira!

Ist mir wieder abgestürzt, nach ca. einer halben Stunde.

Ich tret das Teil bald in die Tonne!

kira 09.07.2011 07:22
Ok, dann so geht`s weiter:

Lass noch einen Online-Scanner über deun System laufen:

- "Link:-> ESET Online Scanner
>>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.► [Sicherheit] Autorun Funktion für mehr Sicherheit auf allen Laufwerken deaktivieren /Avira Support Forum

-> Führe dann einen Komplett-Systemcheck mit Eset/Nod32 durch

- folgendes bitte anhaken > "Remove found threads" und "Scan archives"
- die Scanergebnis als *.txt Dateien speichern)
- meistens "C:\Programme\Eset\EsetOnlineScanner\log.txt"

Vor dem Scan Einstellungen im Internet Explorer:
- "Extras→ Internetoptionen→ Sicherheit":
- alles auf Standardstufe stellen
- Active X erlauben
- um den Scan zu starten: wenn du danach gefragt wirst (den Text in der Informationsleiste ) - ActiveX-Steuerelement installieren lassen

► Wie ist den aktuellen Zustand des Rechners? Auffälligkeiten, Probleme?

Mike1985 09.07.2011 18:36
Hallo Kira.

Hier das Ergebnis vom online scan!

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=7dbfe4cb66702e4c8e3d03b9670f6320
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-07-09 05:31:23
# local_time=2011-07-09 07:31:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1797 16775165 100 94 253224 46753636 249129 0
# compatibility_mode=4096 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776574 100 94 691600 61851623 0 0
# compatibility_mode=8192 67108863 100 0 106 106 0 0
# scanned=199312
# found=3
# cleaned=3
# scan_time=10910
C:\Users\Mike\Desktop\Eigene Dateien\Nero 8\Nero-8.3.6.0 de.exe        Win32/Toolbar.AskSBar Anwendung (gelöscht - in Quarantäne kopiert)        00000000000000000000000000000000        C
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\upgrade[5].cab        Variante von Win32/Adware.OneStep.AI Anwendung (gelöscht - in Quarantäne kopiert)        00000000000000000000000000000000        C
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\upgrade[4].cab        Variante von Win32/Adware.OneStep.AI Anwendung (gelöscht - in Quarantäne kopiert)        00000000000000000000000000000000        C
Der Rechner läuft besser als je zuvor, keine Probleme! Eben nur dass er malwarebytes immer nach der selben zeit mit nen blue screen abstürzt. Und einmal kam bisher ein blue screen gleich beim hochfahren mit dem selben angezeigten fehler.

evtl irgendwelche treiber die nicht funktionieren?

Teste es jetzt aber nochmal nach dem online scan..

kira 11.07.2011 07:29
warum das Malwarebytes abstürzt kann ich nicht erklären. ich würde es zunächst deinstallieren

Mike1985 11.07.2011 07:58
Hallo Kira.

ich will dir jetzt mal vielen Dank sagen dass du meinen Rechner von dem ganzen Pack befreit hast!
Ich find es ganz stark was ihr hier tut und wieviel Geduld und fachwissen ihr habt! :dankeschoen:

Werd auch versuchen irgendwie eurem Team beizutreten :applaus:

kira 12.07.2011 06:34
** Lass dein System in der nächste Zeit noch unter Beobachtung!
1.
Programme deinstallieren/entfernen, die wir verwendet haben und nicht brauchst, bis auf:
Code:
CCleaner
- Zeitweise laufen lassen:-> Anleitung

2.
Tool-Bereinigung mit OTL

Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
  • Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
  • Speichere es auf Deinem Desktop.
  • Doppelklick auf OTL.exe um das Programm auszuführen.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Klicke auf den Button "Bereinigung"
  • OTL fragt eventuell nach einem Neustart.
    Sollte es dies tun, so lasse dies bitte zu.
Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.

3.
Wenn alles gut verlaufen und dein System läuft stabil,mache folgendes:
Systemsteuerung/System und Sicherheit/System/Computerschutz/Systemeigenschaften poppt auf und dann einen Sicherungspunkt erstellen
Systemwiederherstellung deaktivieren: Windows 7 - einen manuellen Systemwiederherstellungspunkt erstellen
also zuerst deaktivieren-> dann aktivieren - am Ende soll wieder aktiviert sein!

4.
Ändere deine Passworte und Zugangsdaten! - von einem sauberen System aus
- Alle Passwörter, die auf dem kompromittierten System verwendet wurden (also z.B. Login-, Mail- oder Website-Passwörter, aber auch die PIN für das Online-Banking) sofort ändern (► am besten von einem anderen, nicht-infizierten Rechner aus! )
Tipps:
Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
auch noch hier unter: Sicheres Kennwort (Password)

Lesestoff Nr.1:
  • Wie erstelle ich ein eingeschränktes Benutzerkonto?
  • Software immer auf dem neuesten Stand halten!:
    ALLE auf dem System installierten Programme und Treiber, sollten regelmäßig upgedatet werden um Sicherheitslücken zu vermeiden und um das reibungslose Arbeitsabläufe zu erreichen!
  • Ein sicherer Browser als IE z.B. *Ein Wechsel des Standardbrowsers zu...von SETI@home* - Firefox - FirefoxWiki/Einstellungen - Erweiterungen für Firefox - Standardbrowser
  • Sichere eMail Clients z.B. Thunderbird-->Erweiterungen für Mozilla Thunderbird
  • Sichere Paswort - Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
    auch noch hier unter: Sicheres Kennwort (Password)
    Die fünf häufigsten Passwort-Fehler[/b[
  • "Never accept software from strangers" - Installiere grundsätzlich immer nur Programme, die Du auch wirklich benötigst und von denen Du überzeugt bist, dass sie seriös sind.
    Du hast die Wahl!, welche zusätzlichen Komponenten noch installiert werden sollen? -> Bei der Installation immer mitlesen, Sponsoren und Partnerprogramme, Toolbars oder eventuell noch andere extra angebotene Programme möglichst abwählen!
  • NICHT irgendwelche Programme aus dem Netz laden, wenn nicht zu 100% fest steht, dass es sich dabei um saubere Software handelt. Nette Versprechen der Hersteller garantieren noch lange keine einwandfreie Funktionsweise, also vorher blättere die Seiten bei GOOGLE, da kannst Du Dir wertvolle Informationen holen!!!
  • Vorsicht bei der Nutzung fremder Computer und anschliessbare Externe Speichermedien wie Festplatte, USB Sticks, Speicherkarten usw![/color] - IT-Betrüger machen keinen Urlaub!/bsi-fuer-buerger.de - auch zeitweise anschließen und scannen lassen (sehe unter `kostenlose Online-Viren-Scanner`)
  • Webseiten ohne Gültiges Impressum nicht besuchen
  • Lizenzkosten sparen? - Vorsicht bei Dateien/Programmen aus nicht vertrauenswürdigen Quellen! - "full Keygen, Crack, Serial, Warez, keygenerators" etc.
    Sind immer verseucht mit diverse Malware/Schadprogramme/Code, es gibt keine seite wo Viren frei ist. (Man sollte nicht absitlich der Teufel holen;)) Eine weitere höchst unsichere Quelle ist das File-Sharing der sog. (Musik-)Tauschbörsen.
    ► Ausserdem machst Du dich damit strafbar!
  • Nur eine Firewall sowie ein Antiviren Programm verwenden, welche sich immer auf dem aktuellsten Stand befinden sollten!
    Das Installieren von `zuviel` Software beeinträchtigt die Systemleistung und Sicherheit, verlangsamt den Start-Vorgang enorm und belastet den Arbeitsspeicher (weil laufen ja die Programme nebeneinander gleichzeitig, die viel Performance fressen, aber wenig Qualität bringen). Im Laufe der Zeit wird der rechner durch zu viel unnötigen Ballast immer langsamer, und unsicherer. Um so mehr Programme installiert sind, um so häufiger treten Probleme auf, die dann unter Umständen nur schwer lösen können. Dazu kommt noch, das einige Programme große Sicherheitsrisiken mit sich bringen;)
  • Virenscanner
  • BSI für Bürger
  • SETI@home - [Sicherheit] Sicherheitskonzept
  • Entwicklung schädlicher Websites/viruslist.com
  • Brennpunkt: Bilder und Töne
    Gefährliche Bilder, schräge Töne/BSI

** Der gesunde Menschenverstand, Windows und Internet-Software sicher konfigurieren ist der beste Weg zur Sicherheit im Webverkehr ist !!
Zitat:
Da der Bestand der Datenbank wird täglich ergänzt und erweitert bzw werden mit der aktuellen Virendefinition die Informationen über den betroffenen Virus aufgenommen, empfehle ich dir mindestens einmal pro Woche (später genügt es sicherlich einmal im Monat) dein System Online Scannen lassen (immer mit einen anderen Scanner), um eine zweite Meinung einzuholen - Die auf dem Speichermedium gesicherten Daten sollten auch mit einbezogen werden!
(benutzen meist ActiveX und/oder Java): Kostenlose Online Scanner -
Lesestoff Nr.2:
► Kann sich auf Dauer eine Menge Datenmüll ansammeln, sich Fehlermeldungen häufen, der PC ist wahrscheinlich nicht mehr so schnell, wie früher:wünsch Dir alles Gute:)

Mike1985 12.07.2011 11:19
Vielen dank nochmal Kira!

Das alles zieh ich mir am abend nach der arbeit in ruhe rein :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:35 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129