| |
| |||||||
Log-Analyse und Auswertung: Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen..Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.10.2011, 00:58
| #1 |
 |  Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen.. Soooooo liebe Leute, nachdem ich mich fast 2 Tage mit diesem Problem befasst habe muss ich mich leider verzweifelt an euch wenden. Also, ich schilder jetzt mal das Problem: Als ich vor paar Tagen im Internet surfte kamen aus dem nichts heraus etwa 15 Fehlermeldungen (dessen Inhalt ich nicht mehr kenne). Es kam die Meldung, dass ich einen Festplattendefekt hätte und dass ich meine Festplatte scannen lassen sollte. Dummerweise tat ich das auch, dafür wurde automatisch das Programm "Data Restore" oder so ähnlich zur Verfügung gestellt. Nach einem Neustart des PCs waren alle meine Dateien verschwunden. Mein Desktop ist komplett schwarz, die Festplatte beinhaltet nur noch einen Ordner auf den ich zugreifen kann, obwohl die Speicherbesetzung die selbe geblieben ist, also vom speicherplatz her. Im Startmenü kann ich auf nichts mehr zugreifen. Übrigens: Der Grund, dass ich auf all die Programme und Dateien nicht mehr zugreifen kann ist der, dass sich die Dateien quasi in "Luft aufgelöst" haben. Alles weg! Ich habe mich nun hier im Forum registriert und bin den vorgegeben Schritten gefolgt. Allerdings muss ich hinzufügen, dass beim Ausführen von OTL nur otl.txt erstellt wird und keine 2. datei! Und was ich auch noch vergessen habe zu erwähnen was als defekt aufgetreten ist: Ich nutze standartweise den firefox als browser, allerdings hab ich da kein Zugriff mehr auf das Internet. Die Seite lädt und lädt ohne Ende - Es hat eine Weile gedauert bis ich festgestellt habe, dass das mit dem Virus zusammenhängt und nicht mit dem Internetanbieter bzw mit dem Router. Binnn der 2 Tage hab ich natürlich auch jegliche Virenscanner etc laufen lassen und alles verdächtige reparieren lassen bzw löschen lassen. So ich poste jetzt zunächst die defogger_disable.log, auch wenn da glaub ich keine Fehlermeldung gezeigt wurde. Anschließend folgt der OTL.txt. defogger_disable.log: defogger_disable by jpshortstuff (23.02.10.1) Log created at 00:27 on 10/10/2011 (Red1) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- OTL.txt: OTL logfile created on: 10.10.2011 01:20:52 - Run 4 OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Red1\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,67 Gb Available Physical Memory | 66,77% Memory free 8,00 Gb Paging File | 6,42 Gb Available in Paging File | 80,30% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,76 Gb Total Space | 357,58 Gb Free Space | 76,77% Space Free | Partition Type: NTFS Drive E: | 372,52 Gb Total Space | 247,98 Gb Free Space | 66,57% Space Free | Partition Type: FAT32 Computer Name: RED1-PC | User Name: Red1 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.10.10 00:28:23 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Red1\Desktop\OTL.exe PRC - [2011.09.01 14:50:48 | 001,600,984 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Security\pctsGui.exe PRC - [2011.09.01 14:50:48 | 001,117,144 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe PRC - [2011.09.01 11:38:56 | 000,247,760 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe PRC - [2011.09.01 11:38:54 | 000,337,872 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe PRC - [2011.08.02 14:53:29 | 001,242,448 | -H-- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe PRC - [2011.07.05 19:51:36 | 000,269,480 | -H-- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.05.12 12:59:27 | 000,136,360 | -H-- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011.02.18 11:14:04 | 000,371,472 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe PRC - [2010.11.10 16:33:41 | 000,281,768 | -H-- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.07.09 16:09:52 | 000,248,936 | -H-- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe ========== Modules (No Company Name) ========== MOD - [2011.09.28 12:25:19 | 014,410,024 | -H-- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll MOD - [2011.09.28 12:25:19 | 000,914,216 | -H-- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll MOD - [2011.09.28 12:25:19 | 000,190,248 | -H-- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL MOD - [2011.09.28 12:25:19 | 000,155,432 | -H-- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll MOD - [2011.09.28 12:25:19 | 000,091,432 | -H-- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011.09.28 12:25:19 | 000,419,624 | -H-- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.09.01 14:50:48 | 001,117,144 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe -- (sdCoreService) SRV - [2011.09.01 11:38:54 | 000,337,872 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service) SRV - [2011.07.15 19:45:09 | 000,147,336 | -H-- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint) SRV - [2011.07.15 19:45:02 | 000,375,176 | -H-- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc) SRV - [2011.07.05 19:51:36 | 000,269,480 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.05.12 12:59:27 | 000,136,360 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.02.18 11:14:04 | 000,371,472 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe -- (sdAuxService) SRV - [2010.11.08 13:04:20 | 000,407,424 | -H-- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn) SRV - [2010.07.09 16:09:52 | 000,248,936 | -H-- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010.05.06 11:30:22 | 000,357,456 | -H-- | M] (Logitech, Inc.) [Disabled | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.08.23 11:45:06 | 000,360,696 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore) DRV:64bit: - [2011.08.18 09:31:02 | 000,228,392 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PCTSD64.sys -- (PCTSD) DRV:64bit: - [2011.08.01 17:53:47 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011.07.15 19:45:02 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP) DRV:64bit: - [2011.07.05 19:51:37 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011.07.05 19:51:37 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011.05.10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2010.09.17 16:40:06 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver) DRV:64bit: - [2010.09.17 16:39:58 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr) DRV:64bit: - [2010.07.16 14:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA) DRV:64bit: - [2010.06.29 10:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS) DRV:64bit: - [2010.03.18 11:00:40 | 000,041,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt) DRV:64bit: - [2010.03.18 11:00:16 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2010.03.18 11:00:00 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2009.02.17 19:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2007.02.16 02:57:06 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV - [2010.09.17 16:40:06 | 000,015,928 | -H-- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys -- (LMIInfo) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2007.02.16 02:57:06 | 000,040,648 | -H-- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "google.de" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4 FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.1.1&q=" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_10_3_162.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.07.12 21:53:23 | 000,000,000 | -H-D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools Security\BDT\Firefox\ [2011.10.09 14:57:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.10.07 15:58:20 | 000,000,000 | -H-D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.06.19 14:48:36 | 000,000,000 | -H-D | M] [2010.08.26 21:33:43 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Red1\AppData\Roaming\mozilla\Extensions [2011.09.28 23:28:00 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions [2011.09.28 23:28:00 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.09.23 23:12:40 | 000,000,000 | -H-D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.04.01 13:06:59 | 000,000,000 | -H-D | M] (German Dictionary) -- C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\de-DE@dictionaries.addons.mozilla.org [2011.10.06 12:22:26 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-1.xml [2011.08.16 18:46:44 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-10.xml [2011.08.22 20:49:56 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-11.xml [2011.09.07 13:01:30 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-12.xml [2011.09.14 23:35:17 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-13.xml [2011.09.29 18:41:41 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-14.xml [2010.12.12 02:50:31 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-2.xml [2011.03.03 15:01:57 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-3.xml [2011.03.06 12:06:29 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-4.xml [2011.03.06 18:49:00 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-5.xml [2011.04.29 23:56:07 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-6.xml [2011.04.30 00:18:30 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-7.xml [2011.06.28 09:03:03 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-8.xml [2011.07.31 13:05:37 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-9.xml [2011.09.25 14:49:54 | 000,000,168 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin.gif [2011.09.25 14:49:54 | 000,000,618 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin.src [2010.10.25 18:04:42 | 000,001,056 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin.xml [2011.04.30 00:18:07 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2010.08.26 23:48:53 | 000,000,000 | -H-D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} () (No name found) -- C:\USERS\RED1\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ITI6EJMZ.DEFAULT\EXTENSIONS\EXTENSION@HIDEMYASS.COM.XPI [2011.10.07 15:58:20 | 000,134,104 | -H-- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010.08.26 23:48:42 | 000,411,368 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011.10.07 15:58:18 | 000,001,392 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.10.07 15:58:18 | 000,002,252 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.10.07 15:58:18 | 000,001,153 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.10.07 15:58:18 | 000,006,805 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.07 15:58:18 | 000,001,178 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.10.07 15:58:18 | 000,001,105 | -H-- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [ISTray] C:\Program Files (x86)\PC Tools Security\pctsGui.exe (PC Tools) O4 - HKLM..\Run: [NWEReboot] File not found O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.) O4 - HKLM..\Run: [TaskTray] File not found O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\Red1\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm () O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Red1\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\Red1\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Red1\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36077CD6-F668-4907-9197-61697F531843}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSWOW64\Userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.10.09 06:04:54 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{0f596090-48f2-11e0-b91f-002511d6f3c2}\Shell - "" = AutoRun O33 - MountPoints2\{0f596090-48f2-11e0-b91f-002511d6f3c2}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O33 - MountPoints2\{29456b45-b144-11df-86c2-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{29456b45-b144-11df-86c2-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe O33 - MountPoints2\{ecc350c2-bc44-11e0-9e4f-002511d6f3c2}\Shell - "" = AutoRun O33 - MountPoints2\{ecc350c2-bc44-11e0-9e4f-002511d6f3c2}\Shell\AutoRun\command - "" = F:\Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.) MsConfig:64bit - StartUpReg: CloneCDTray - hkey= - key= - C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () MsConfig:64bit - StartUpReg: EvtMgr6 - hkey= - key= - C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) MsConfig:64bit - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: iPhone PC Suite - hkey= - key= - C:\Program Files (x86)\NetDragon\91 Mobile\iPhone\iPhone PC Suite.exe () MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig:64bit - StartUpReg: PlusService - hkey= - key= - C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software) MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.) MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) MsConfig:64bit - State: "services" - Reg Error: Key error. MsConfig:64bit - State: "startup" - Reg Error: Key error. CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.10.10 00:28:20 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Red1\Desktop\OTL.exe [2011.10.09 22:56:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.10.09 22:54:28 | 000,000,000 | ---D | C] -- C:\sh4ldr [2011.10.09 22:24:54 | 000,000,000 | ---D | C] -- C:\Users\Red1\AppData\Local\Threat Expert [2011.10.09 14:57:27 | 002,189,264 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll [2011.10.09 14:57:27 | 001,533,904 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll [2011.10.09 14:57:27 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll [2011.10.09 14:55:58 | 000,816,016 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctEFA64.sys [2011.10.09 14:55:58 | 000,452,872 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctDS64.sys [2011.10.09 14:55:57 | 000,336,512 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys [2011.10.09 14:55:57 | 000,143,384 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys [2011.10.09 14:55:55 | 000,360,696 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys [2011.10.09 14:55:54 | 000,228,392 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys [2011.10.09 14:55:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security [2011.10.09 14:55:51 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys [2011.10.09 14:55:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools [2011.10.09 14:55:32 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2011.10.09 14:55:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security [2011.10.09 06:04:27 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2011.10.09 06:03:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2011.10.09 05:52:40 | 000,000,000 | -H-D | C] -- C:\Users\Red1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Restore [2011.10.05 23:45:44 | 000,000,000 | -H-D | C] -- C:\Users\Red1\Desktop\Tim_Bendzko_-_Wenn_Worte_Meine_Sprache_Waeren-DE-2011-MOD [2011.09.21 13:40:35 | 000,000,000 | -H-D | C] -- C:\Users\Red1\Desktop\SMS [2011.09.21 12:54:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\91ÊÖ»úÖúÊÖ [2011.09.21 12:54:33 | 000,000,000 | -H-D | C] -- C:\Users\Red1\AppData\Roaming\InstallShield [2011.09.20 23:50:51 | 000,000,000 | -H-D | C] -- C:\Users\Red1\Documents\91 Mobile [2011.09.15 22:02:09 | 000,000,000 | -H-D | C] -- C:\Users\Red1\AppData\Local\Deployment [2011.09.15 22:02:09 | 000,000,000 | -H-D | C] -- C:\Users\Red1\AppData\Local\Apps [2011.09.15 00:42:00 | 000,000,000 | -H-D | C] -- C:\Users\Red1\Desktop\Drake & The Weeknd - OVOXO [www.RNB4U.in] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.10.10 01:25:21 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.10.10 01:25:21 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.10.10 01:17:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.10.10 01:17:45 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys [2011.10.10 00:28:23 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Red1\Desktop\OTL.exe [2011.10.10 00:27:27 | 000,000,000 | ---- | M] () -- C:\Users\Red1\defogger_reenable [2011.10.10 00:26:43 | 000,050,477 | ---- | M] () -- C:\Users\Red1\Desktop\Defogger.exe [2011.10.09 14:56:28 | 001,628,674 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB [2011.10.09 14:54:07 | 000,511,968 | -H-- | M] () -- C:\Users\Red1\Desktop\sdsetup2011.exe [2011.10.09 06:04:54 | 000,000,000 | ---- | M] () -- C:\autoexec.bat [2011.10.09 05:54:34 | 000,000,448 | -H-- | M] () -- C:\ProgramData\6DSS92c31Apgjk [2011.10.09 05:52:50 | 000,000,304 | -H-- | M] () -- C:\ProgramData\~6DSS92c31Apgjk [2011.10.09 05:52:50 | 000,000,208 | -H-- | M] () -- C:\ProgramData\~6DSS92c31Apgjkr [2011.09.30 01:34:35 | 000,064,320 | -H-- | M] () -- C:\Users\Red1\Desktop\beitrag uni WS 2011 2012.jpg [2011.09.28 23:41:22 | 000,073,664 | -H-- | M] () -- C:\Users\Red1\Desktop\Finanzbuchhaltung Essen falsch geparkt.jpg [2011.09.22 23:59:48 | 000,137,467 | -H-- | M] () -- C:\Users\Red1\Desktop\Foto(1).PNG [2011.09.16 18:02:35 | 000,204,804 | -H-- | M] () -- C:\Users\Red1\Desktop\Foto.PNG [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.10.10 00:27:27 | 000,000,000 | ---- | C] () -- C:\Users\Red1\defogger_reenable [2011.10.10 00:26:43 | 000,050,477 | ---- | C] () -- C:\Users\Red1\Desktop\Defogger.exe [2011.10.09 14:57:28 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll [2011.10.09 14:57:27 | 000,002,125 | ---- | C] () -- C:\Windows\UDB.zip [2011.10.09 14:57:27 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml [2011.10.09 14:57:27 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml [2011.10.09 14:57:27 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip [2011.10.09 14:56:00 | 001,628,674 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB [2011.10.09 14:54:18 | 000,511,968 | -H-- | C] () -- C:\Users\Red1\Desktop\sdsetup2011.exe [2011.10.09 06:04:54 | 000,000,000 | ---- | C] () -- C:\autoexec.bat [2011.10.09 05:52:50 | 000,000,304 | -H-- | C] () -- C:\ProgramData\~6DSS92c31Apgjk [2011.10.09 05:52:50 | 000,000,208 | -H-- | C] () -- C:\ProgramData\~6DSS92c31Apgjkr [2011.10.09 05:52:03 | 000,000,448 | -H-- | C] () -- C:\ProgramData\6DSS92c31Apgjk [2011.09.30 01:34:35 | 000,064,320 | -H-- | C] () -- C:\Users\Red1\Desktop\beitrag uni WS 2011 2012.jpg [2011.09.28 23:41:22 | 000,073,664 | -H-- | C] () -- C:\Users\Red1\Desktop\Finanzbuchhaltung Essen falsch geparkt.jpg [2011.09.22 23:57:19 | 000,137,467 | -H-- | C] () -- C:\Users\Red1\Desktop\Foto(1).PNG [2011.09.16 18:02:44 | 000,204,804 | -H-- | C] () -- C:\Users\Red1\Desktop\Foto.PNG [2011.04.12 16:32:20 | 000,000,126 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.11.06 03:48:36 | 000,139,432 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2010.08.26 21:28:53 | 000,000,000 | -H-- | C] () -- C:\Windows\nsreg.dat [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | -H-- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | -H-- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== LOP Check ========== [2011.08.01 18:00:09 | 000,000,000 | -H-D | M] -- C:\Users\Red1\AppData\Roaming\DAEMON Tools Lite [2011.08.26 02:39:17 | 000,000,000 | -H-D | M] -- C:\Users\Red1\AppData\Roaming\DVDVideoSoft [2011.08.26 02:38:48 | 000,000,000 | -H-D | M] -- C:\Users\Red1\AppData\Roaming\DVDVideoSoftIEHelpers [2011.10.09 16:39:30 | 000,000,000 | -H-D | M] -- C:\Users\Red1\AppData\Roaming\ICQ [2010.08.26 21:35:42 | 000,000,000 | -H-D | M] -- C:\Users\Red1\AppData\Roaming\Leadertech [2011.03.14 18:52:44 | 000,000,000 | -H-D | M] -- C:\Users\Red1\AppData\Roaming\TeamViewer [2011.10.08 19:33:37 | 000,032,632 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2010.10.14 12:40:40 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2010.08.26 21:30:40 | 000,000,000 | -H-D | M] -- C:\ATI [2011.06.18 17:58:47 | 000,000,000 | -HSD | M] -- C:\Boot [2011.10.09 23:18:45 | 000,000,000 | -HSD | M] -- C:\Config.Msi [2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2010.08.26 21:15:54 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2011.02.09 19:18:10 | 000,000,000 | -H-D | M] -- C:\iPhone Backup Switch [2010.08.26 22:55:07 | 000,000,000 | RH-D | M] -- C:\MSOCache [2010.08.26 21:39:14 | 000,000,000 | -H-D | M] -- C:\NVIDIA [2009.07.14 05:20:08 | 000,000,000 | -H-D | M] -- C:\PerfLogs [2011.10.09 06:04:27 | 000,000,000 | RH-D | M] -- C:\Program Files [2011.10.09 14:55:32 | 000,000,000 | RH-D | M] -- C:\Program Files (x86) [2011.10.09 18:27:56 | 000,000,000 | -H-D | M] -- C:\ProgramData [2010.08.26 21:15:54 | 000,000,000 | -HSD | M] -- C:\Programme [2010.08.26 21:15:54 | 000,000,000 | -HSD | M] -- C:\Recovery [2011.10.09 22:56:35 | 000,000,000 | ---D | M] -- C:\sh4ldr [2011.10.10 01:23:30 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2010.10.14 12:40:35 | 000,000,000 | RH-D | M] -- C:\Users [2011.10.10 01:17:57 | 000,000,000 | -H-D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.manifest /3 > < MD5 for: EXPLORER.EXE > [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe [2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe [2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: REGEDIT.EXE > [2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe [2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe [2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe [2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe < MD5 for: USERINIT.EXE > [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < > ========== Files - Unicode (All) ========== [2011.09.02 02:18:17 | 005,266,594 | -H-- | C] ()(C:\Users\Red1\Desktop\Unknown Artist - Unknown Album - 00 - » JayBee Feat. Harry - Nur Für Dich ?.mp3) -- C:\Users\Red1\Desktop\Unknown Artist - Unknown Album - 00 - » JayBee Feat. Harry - Nur Für Dich ♥.mp3 [2011.03.21 17:09:30 | 005,266,594 | -H-- | M] ()(C:\Users\Red1\Desktop\Unknown Artist - Unknown Album - 00 - » JayBee Feat. Harry - Nur Für Dich ?.mp3) -- C:\Users\Red1\Desktop\Unknown Artist - Unknown Album - 00 - » JayBee Feat. Harry - Nur Für Dich ♥.mp3 ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\Windows:6BEBF40A7D29732A @Alternate Data Stream - 192 bytes -> C:\ProgramData\TEMP  FC5A2B2@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84 < End of report > Im Übrigen: Mir ist nach ausführen der defogger.exe und einem neustart aufgefallen, dass ich wieder Zugriff auf meine Dateien habe. Wenn ich zum Beispiel auf die Festplatte C: zugreife, befinden sich dort alle Dateien! Auf dem Desktop sind ebenfalls alle Dateien wieder da, allerdings gilt für beide Fälle: Die Dateien sind abgeblichen dargestellt, also quasi als hätte ich eingestellt, dass sie unsichtbar sein sollen, aber dass dennoch alle unsichtbaren Dateien angezeigt werden sollen. Ich hoffe Ihr versteht was ich meine. Das Startmenü ist weiterhin leer. Der Desktop ist weiterhin schwarz. Und das worldwideweb kann weiterhin NICHT durch firefox geöffnet werden. Alternativ gebe ich immer den Ausführungsbefehl für den iexplore.exe ein und surfe jetzt gerade alternativ damit. Keine Ahnung warum es hier geht. So, ich hoffe ich habe nichts vergessen und ich hoffe natürlich, dass ich euch nicht mit unnötigen Informationen aufgehalten habe. Für Hilfen jeder Art und Weise bedanke ich mich schon mal tausendfach im Voraus. Mit den freundlichsten Grüßen Red1 |
|
10.10.2011, 14:04
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen.. Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
__________________Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
__________________ |
|
11.10.2011, 07:15
| #3 |
| | Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen.. okaaay
__________________ zunächst schonmal vielen dank für die befassung mit dem problem! hier ist die logdatei die sich nach dem vollscan mit malewarebytes automatisch geöffnet hat: Malwarebytes' Anti-Malware 1.51.2.1300 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: 7918 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 11.10.2011 01:29:26 mbam-log-2011-10-11 (01-29-26).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|F:\|) Durchsuchte Objekte: 427092 Laufzeit: 1 Stunde(n), 24 Minute(n), 35 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 3 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: e:\mozilla downloads\die downloads von mozilla\neuer ordner\wga_v1.5.716.0_patched\wga v1.5.716.0 patched\2. programme\keyfinder.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. c:\Users\Red1\AppData\Roaming\Adobe\shed\thr1.chm (Malware.Trace) -> Quarantined and deleted successfully. c:\Users\Red1\AppData\Roaming\Adobe\plugs\mmc185.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully. dann gibts unter dem reiter logdateien noch die datei "protection-log" dessen inhalt folgender ist: 00:03:49 Red1 MESSAGE Protection started successfully 00:03:53 Red1 MESSAGE IP Protection started successfully 00:24:42 Red1 IP-BLOCK 109.230.246.51 (Type: outgoing, Port: 37042, Process: skype.exe) 01:12:04 Red1 IP-BLOCK 84.16.242.42 (Type: outgoing, Port: 53383, Process: hl2.exe) 01:24:32 Red1 IP-BLOCK 188.243.231.170 (Type: outgoing, Port: 37042, Process: skype.exe) 01:24:32 Red1 IP-BLOCK 188.243.231.170 (Type: outgoing, Port: 37042, Process: skype.exe) 01:24:40 Red1 IP-BLOCK 188.243.231.170 (Type: outgoing, Port: 37042, Process: skype.exe) so.. jetzt hab ich auch den eset scanner laufen lassen und der inhalt des log.txts war folgender: ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK und nun? |
|
11.10.2011, 10:11
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen.. Downloade Dir bitte WVCheck von Artellos.com
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.10.2011, 16:24
| #5 |
| | Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen.. Windows Validation Check Version: 1.9.12.5 Log Created On: 1724_11-10-2011 ----------------------- Windows Information ----------------------- Windows Version: Windows 7 Service Pack 1 Windows Mode: Normal Systemroot Path: C:\Windows WVCheck's Auto Update Check ----------------------- Auto-Update Option: Download updates and install them automatically. ----------------------- Last Success Time for Update Detection: 2011-10-08 14:41:41 Last Success Time for Update Download: 2011-09-28 04:33:59 Last Success Time for Update Installation: 2011-09-28 05:21:46 WVCheck's Registry Check Check ----------------------- Antiwpa: Not Found ----------------------- Chew7Hale: Not Found ----------------------- WVCheck's File Dump ----------------------- WVCheck found no known bad files. WVCheck's Dir Dump ----------------------- WVCheck found no known bad directories. WVCheck's Missing File Check ----------------------- WVCheck found no missing Windows files. WVCheck's MBAM Quarantine Check ----------------------- There were no bad files quarantined by MBAM. WVCheck's HOSTS File Check ----------------------- WVCheck found no bad lines in the hosts file. WVCheck's MD5 Check EXPERIMENTAL!! ----------------------- user32.dll - 5e0db2d8b2750543cd2ebb9ea8e6cdd3 -------- End of File, program close at 1724_11-10-2011 -------- |
|
11.10.2011, 16:57
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen.. ESET hast du garantiert richtig ausgeführt? Browser gestartet per Rechtsklick => als Administrator ausführen?
__________________ --> Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen.. |
|
11.10.2011, 22:53
| #7 |
| | Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen.. also da ich ehrlich gesagt etwas unsicher war, hab ich den ESET scan nochmal ausgeführt unter beachtung der notwendigkeit dass der explorer als admin ausgeführt werden muss. und ich muss ehrlich gestehen: es sieht schon etwas anders aus also der log text! dieser war folgender: (p.s. entschuldige die tatsache, dass ich die groß und kleinschreibung sowie die grammatikalischen aspekte nicht zu 100% berücksichtigt habe) ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.7600.16385 (win7_rtm.090713-1255) # OnlineScanner.ocx=1.0.0.6528 # api_version=3.0.2 # EOSSerial=64ea08ba49022e43b4b6b88a07b6ef46 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2011-10-11 09:42:01 # local_time=2011-10-11 11:42:01 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1797 16775165 100 94 18831 54900530 66752 0 # compatibility_mode=5893 16776574 100 94 9963153 69993524 0 0 # compatibility_mode=8192 67108863 100 0 73776 73776 0 0 # scanned=243785 # found=10 # cleaned=0 # scan_time=5647 C:\Users\Red1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-1c7e191a a variant of Java/Agent.DT trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Red1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-26249e55 a variant of Java/Agent.DT trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Red1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-303c8f51 a variant of Java/Agent.DT trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Red1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-3750f3eb a variant of Java/Agent.DT trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Red1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-491207e3 a variant of Java/Agent.DT trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Red1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\78a7dab-73ef17b1 a variant of Java/Agent.DT trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Red1\Downloads\MsgPlusLive-485.exe a variant of Win32/MessengerPlus application (unable to clean) 00000000000000000000000000000000 I C:\Users\Red1\Downloads\SoftonicDownloader_fuer_intervideo-dvd-copy.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I E:\Mozilla Downloads\cryptload\cl08seCu9\plugins\tinyurl.com.dll MSIL/Dedem.T trojan (unable to clean) 00000000000000000000000000000000 I E:\Mozilla Downloads\cryptload\cl08seCu9\plugins\won-site.biz.dll MSIL/Dedem.W trojan (unable to clean) 00000000000000000000000000000000 I |
|
12.10.2011, 16:32
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen.. Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.1.1&q="
[2011.09.28 23:28:00 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.10.06 12:22:26 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-1.xml
[2011.08.16 18:46:44 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-10.xml
[2011.08.22 20:49:56 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-11.xml
[2011.09.07 13:01:30 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-12.xml
[2011.09.14 23:35:17 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-13.xml
[2011.09.29 18:41:41 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-14.xml
[2010.12.12 02:50:31 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-2.xml
[2011.03.03 15:01:57 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-3.xml
[2011.03.06 12:06:29 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-4.xml
[2011.03.06 18:49:00 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-5.xml
[2011.04.29 23:56:07 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-6.xml
[2011.04.30 00:18:30 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-7.xml
[2011.06.28 09:03:03 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-8.xml
[2011.07.31 13:05:37 | 000,000,950 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-9.xml
[2011.09.25 14:49:54 | 000,000,168 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin.gif
[2011.09.25 14:49:54 | 000,000,618 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin.src
[2010.10.25 18:04:42 | 000,001,056 | -H-- | M] () -- C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin.xml
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [TaskTray] File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.10.09 06:04:54 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0f596090-48f2-11e0-b91f-002511d6f3c2}\Shell - "" = AutoRun
O33 - MountPoints2\{0f596090-48f2-11e0-b91f-002511d6f3c2}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{29456b45-b144-11df-86c2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{29456b45-b144-11df-86c2-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe
O33 - MountPoints2\{ecc350c2-bc44-11e0-9e4f-002511d6f3c2}\Shell - "" = AutoRun
O33 - MountPoints2\{ecc350c2-bc44-11e0-9e4f-002511d6f3c2}\Shell\AutoRun\command - "" = F:\Setup.exe
[2011.10.09 22:54:28 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2011.10.09 14:55:32 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011.10.09 05:52:40 | 000,000,000 | -H-D | C] -- C:\Users\Red1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Restore
@Alternate Data Stream - 24 bytes -> C:\Windows:6BEBF40A7D29732A
@Alternate Data Stream - 192 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
:Files
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\91*
C:\ProgramData\~*
C:\ProgramData\6*
C:\Users\Red1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43
C:\Users\Red1\Downloads\MsgPlusLive-485.exe
C:\Users\Red1\Downloads\SoftonicDownloader_fuer_intervideo-dvd-copy.exe
E:\Mozilla Downloads\cryptload\cl08seCu9\plugins\tinyurl.com.dll
E:\Mozilla Downloads\cryptload\cl08seCu9\plugins\won-site.biz.dll
:Commands
[emptytemp]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.10.2011, 17:33
| #9 |
| | Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen.. hab ich alles gemacht! allerdings sind die dateien von meinem desktop wieder verschwunden! sind also auch nich mehr abgebleicht dargestellt... auf dem datenträger c: finde ich NUR noch den ordner OTL, alles andere ist eben weg. weiß jetzt nicht ob das notwendig war das zu erwähnen. hier der inhalt von der logfile: All processes killed ========== OTL ========== Prefs.js: "ICQ Search" removed from browser.search.defaultenginename Prefs.js: "ICQ Search" removed from browser.search.selectedEngine Prefs.js: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.1.1&q=" removed from keyword.URL C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\sites folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin\favicon folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully. C:\Users\Red1\AppData\Roaming\mozilla\Firefox\Profiles\iti6ejmz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully. C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-1.xml moved successfully. C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-10.xml moved successfully. C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-11.xml moved successfully. C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-12.xml moved successfully. C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-13.xml moved successfully. C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-14.xml moved successfully. C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-2.xml moved successfully. C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-3.xml moved successfully. C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-4.xml moved successfully. C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-5.xml moved successfully. C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-6.xml moved successfully. C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-7.xml moved successfully. C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-8.xml moved successfully. C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin-9.xml moved successfully. C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin.gif moved successfully. C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin.src moved successfully. C:\Users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\searchplugins\icqplugin.xml moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NWEReboot deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TaskTray deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! C:\autoexec.bat moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f596090-48f2-11e0-b91f-002511d6f3c2}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f596090-48f2-11e0-b91f-002511d6f3c2}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f596090-48f2-11e0-b91f-002511d6f3c2}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f596090-48f2-11e0-b91f-002511d6f3c2}\ not found. File F:\LaunchU3.exe -a not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{29456b45-b144-11df-86c2-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{29456b45-b144-11df-86c2-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{29456b45-b144-11df-86c2-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{29456b45-b144-11df-86c2-806e6f6e6963}\ not found. File D:\setup.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ecc350c2-bc44-11e0-9e4f-002511d6f3c2}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecc350c2-bc44-11e0-9e4f-002511d6f3c2}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ecc350c2-bc44-11e0-9e4f-002511d6f3c2}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecc350c2-bc44-11e0-9e4f-002511d6f3c2}\ not found. File F:\Setup.exe not found. C:\sh4ldr folder moved successfully. C:\ProgramData\TEMP folder moved successfully. C:\Users\Red1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Restore folder moved successfully. ADS C:\Windows:6BEBF40A7D29732A deleted successfully. Unable to delete ADS C:\ProgramData\TEMP FC5A2B2 .Unable to delete ADS C:\ProgramData\TEMP:430C6D84 . ========== FILES ========== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\91ÊÖ»úÖúÊÖ folder moved successfully. C:\ProgramData\~6DSS92c31Apgjk moved successfully. C:\ProgramData\~6DSS92c31Apgjkr moved successfully. C:\ProgramData\6DSS92c31Apgjk moved successfully. C:\Users\Red1\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully. C:\Users\Red1\Downloads\MsgPlusLive-485.exe moved successfully. C:\Users\Red1\Downloads\SoftonicDownloader_fuer_intervideo-dvd-copy.exe moved successfully. E:\Mozilla Downloads\cryptload\cl08seCu9\plugins\tinyurl.com.dll moved successfully. E:\Mozilla Downloads\cryptload\cl08seCu9\plugins\won-site.biz.dll moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Gast ->Temp folder emptied: 6598446 bytes ->Temporary Internet Files folder emptied: 47690771 bytes ->Java cache emptied: 1286953 bytes User: Public User: Red1 ->Temp folder emptied: 3806560934 bytes ->Temporary Internet Files folder emptied: 99545127 bytes ->Java cache emptied: 6770464 bytes ->FireFox cache emptied: 92398508 bytes ->Flash cache emptied: 98094 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 1892892 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 102872828 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes RecycleBin emptied: 260009341 bytes Total Files Cleaned = 4.221,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.29.1 log created on 10122011_182636 Files\Folders moved on Reboot... C:\Users\Red1\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Red1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SK0RZ7TJ\ads[1].htm moved successfully. C:\Users\Red1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SK0RZ7TJ\ads[2].htm moved successfully. C:\Users\Red1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SK0RZ7TJ\cm[1].htm moved successfully. C:\Users\Red1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PLROEFDY\104012-desktop-schwarz-kein-zugriff-mehr-auf-dateien-programme-lassen-sich-nur-durch-befehle-oeffnen[2].html moved successfully. C:\Users\Red1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PLROEFDY\ads[4].htm moved successfully. C:\Users\Red1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully. C:\Users\Red1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully. Registry entries deleted on Reboot... und auf meiner festplatte e: finde ich ebenfalls nur noch diesen ordner: "sh4ldr" |
|
12.10.2011, 17:41
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen.. Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.  Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )  Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.10.2011, 23:32
| #11 |
| | Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen.. hab den scan mehr oder weniger versehentlich 2x laufen lassen! deswegen ist der report auch "doppelt" so lang... hier der inhalt: 00:21:20.0481 2376 TDSS rootkit removing tool 2.6.8.0 Oct 12 2011 07:30:54 00:21:20.0528 2376 ============================================================ 00:21:20.0528 2376 Current date / time: 2011/10/13 00:21:20.0528 00:21:20.0528 2376 SystemInfo: 00:21:20.0528 2376 00:21:20.0528 2376 OS Version: 6.1.7601 ServicePack: 1.0 00:21:20.0528 2376 Product type: Workstation 00:21:20.0528 2376 ComputerName: RED1-PC 00:21:20.0528 2376 UserName: Red1 00:21:20.0528 2376 Windows directory: C:\Windows 00:21:20.0528 2376 System windows directory: C:\Windows 00:21:20.0528 2376 Running under WOW64 00:21:20.0528 2376 Processor architecture: Intel x64 00:21:20.0528 2376 Number of processors: 4 00:21:20.0528 2376 Page size: 0x1000 00:21:20.0528 2376 Boot type: Normal boot 00:21:20.0528 2376 ============================================================ 00:21:21.0354 2376 Initialize success 00:21:43.0101 1236 ============================================================ 00:21:43.0101 1236 Scan started 00:21:43.0101 1236 Mode: Manual; SigCheck; TDLFS; 00:21:43.0101 1236 ============================================================ 00:21:45.0066 1236 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 00:21:45.0238 1236 1394ohci - ok 00:21:45.0316 1236 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 00:21:45.0347 1236 ACPI - ok 00:21:45.0378 1236 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 00:21:45.0472 1236 AcpiPmi - ok 00:21:45.0503 1236 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 00:21:45.0534 1236 adp94xx - ok 00:21:45.0550 1236 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 00:21:45.0566 1236 adpahci - ok 00:21:45.0566 1236 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 00:21:45.0581 1236 adpu320 - ok 00:21:45.0675 1236 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 00:21:45.0753 1236 AFD - ok 00:21:45.0784 1236 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 00:21:45.0815 1236 agp440 - ok 00:21:45.0862 1236 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 00:21:45.0893 1236 aliide - ok 00:21:45.0893 1236 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 00:21:45.0924 1236 amdide - ok 00:21:45.0940 1236 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 00:21:45.0987 1236 AmdK8 - ok 00:21:46.0018 1236 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 00:21:46.0049 1236 AmdPPM - ok 00:21:46.0080 1236 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys 00:21:46.0127 1236 amdsata - ok 00:21:46.0158 1236 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 00:21:46.0190 1236 amdsbs - ok 00:21:46.0205 1236 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys 00:21:46.0221 1236 amdxata - ok 00:21:46.0283 1236 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 00:21:46.0439 1236 AppID - ok 00:21:46.0517 1236 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 00:21:46.0564 1236 arc - ok 00:21:46.0580 1236 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 00:21:46.0611 1236 arcsas - ok 00:21:46.0626 1236 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 00:21:46.0736 1236 AsyncMac - ok 00:21:46.0798 1236 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 00:21:46.0814 1236 atapi - ok 00:21:46.0876 1236 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys 00:21:46.0923 1236 avgntflt - ok 00:21:46.0954 1236 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys 00:21:46.0970 1236 avipbb - ok 00:21:47.0016 1236 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 00:21:47.0063 1236 b06bdrv - ok 00:21:47.0094 1236 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 00:21:47.0141 1236 b57nd60a - ok 00:21:47.0172 1236 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 00:21:47.0235 1236 Beep - ok 00:21:47.0266 1236 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 00:21:47.0282 1236 blbdrive - ok 00:21:47.0360 1236 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 00:21:47.0406 1236 bowser - ok 00:21:47.0422 1236 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 00:21:47.0500 1236 BrFiltLo - ok 00:21:47.0516 1236 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 00:21:47.0531 1236 BrFiltUp - ok 00:21:47.0562 1236 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 00:21:47.0609 1236 Brserid - ok 00:21:47.0625 1236 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 00:21:47.0672 1236 BrSerWdm - ok 00:21:47.0687 1236 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 00:21:47.0718 1236 BrUsbMdm - ok 00:21:47.0734 1236 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 00:21:47.0765 1236 BrUsbSer - ok 00:21:47.0781 1236 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 00:21:47.0812 1236 BTHMODEM - ok 00:21:47.0843 1236 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 00:21:47.0874 1236 cdfs - ok 00:21:47.0921 1236 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 00:21:47.0952 1236 cdrom - ok 00:21:47.0984 1236 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 00:21:47.0999 1236 circlass - ok 00:21:48.0093 1236 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 00:21:48.0140 1236 CLFS - ok 00:21:48.0155 1236 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 00:21:48.0171 1236 CmBatt - ok 00:21:48.0186 1236 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 00:21:48.0202 1236 cmdide - ok 00:21:48.0280 1236 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 00:21:48.0311 1236 CNG - ok 00:21:48.0327 1236 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 00:21:48.0342 1236 Compbatt - ok 00:21:48.0389 1236 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 00:21:48.0530 1236 CompositeBus - ok 00:21:48.0545 1236 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 00:21:48.0561 1236 crcdisk - ok 00:21:48.0608 1236 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 00:21:48.0670 1236 CSC - ok 00:21:48.0717 1236 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 00:21:48.0764 1236 DfsC - ok 00:21:48.0810 1236 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 00:21:48.0873 1236 discache - ok 00:21:48.0888 1236 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 00:21:48.0904 1236 Disk - ok 00:21:48.0951 1236 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 00:21:48.0966 1236 drmkaud - ok 00:21:48.0998 1236 dtsoftbus01 (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys 00:21:49.0029 1236 dtsoftbus01 - ok 00:21:49.0091 1236 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 00:21:49.0122 1236 DXGKrnl - ok 00:21:49.0232 1236 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 00:21:49.0372 1236 ebdrv - ok 00:21:49.0434 1236 ElbyCDFL (9387a484d31209d7fc3f795a787294db) C:\Windows\system32\Drivers\ElbyCDFL.sys 00:21:49.0466 1236 ElbyCDFL - ok 00:21:49.0497 1236 ElbyCDIO (702d5606cf2199e0edea6f0e0d27cd10) C:\Windows\system32\Drivers\ElbyCDIO.sys 00:21:49.0497 1236 ElbyCDIO - ok 00:21:49.0575 1236 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 00:21:49.0668 1236 elxstor - ok 00:21:49.0700 1236 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 00:21:49.0778 1236 ErrDev - ok 00:21:49.0840 1236 esgiguard - ok 00:21:49.0934 1236 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 00:21:49.0996 1236 exfat - ok 00:21:50.0058 1236 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 00:21:50.0152 1236 fastfat - ok 00:21:50.0183 1236 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 00:21:50.0199 1236 fdc - ok 00:21:50.0230 1236 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 00:21:50.0277 1236 FileInfo - ok 00:21:50.0324 1236 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 00:21:50.0370 1236 Filetrace - ok 00:21:50.0417 1236 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 00:21:50.0433 1236 flpydisk - ok 00:21:50.0495 1236 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 00:21:50.0558 1236 FltMgr - ok 00:21:50.0589 1236 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 00:21:50.0604 1236 FsDepends - ok 00:21:50.0604 1236 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 00:21:50.0620 1236 Fs_Rec - ok 00:21:50.0667 1236 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 00:21:50.0698 1236 fvevol - ok 00:21:50.0714 1236 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 00:21:50.0729 1236 gagp30kx - ok 00:21:50.0760 1236 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 00:21:50.0776 1236 GEARAspiWDM - ok 00:21:50.0823 1236 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys 00:21:50.0838 1236 hamachi - ok 00:21:50.0885 1236 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 00:21:50.0948 1236 hcw85cir - ok 00:21:50.0994 1236 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 00:21:51.0057 1236 HdAudAddService - ok 00:21:51.0135 1236 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 00:21:51.0166 1236 HDAudBus - ok 00:21:51.0182 1236 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 00:21:51.0228 1236 HidBatt - ok 00:21:51.0244 1236 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 00:21:51.0275 1236 HidBth - ok 00:21:51.0291 1236 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 00:21:51.0322 1236 HidIr - ok 00:21:51.0384 1236 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 00:21:51.0416 1236 HidUsb - ok 00:21:51.0431 1236 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 00:21:51.0447 1236 HpSAMD - ok 00:21:51.0540 1236 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 00:21:51.0603 1236 HTTP - ok 00:21:51.0650 1236 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 00:21:51.0650 1236 hwpolicy - ok 00:21:51.0681 1236 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 00:21:51.0696 1236 i8042prt - ok 00:21:51.0712 1236 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys 00:21:51.0728 1236 iaStorV - ok 00:21:51.0759 1236 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 00:21:51.0774 1236 iirsp - ok 00:21:51.0821 1236 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 00:21:51.0837 1236 intelide - ok 00:21:51.0868 1236 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 00:21:51.0884 1236 intelppm - ok 00:21:51.0930 1236 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 00:21:52.0040 1236 IpFilterDriver - ok 00:21:52.0071 1236 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 00:21:52.0086 1236 IPMIDRV - ok 00:21:52.0118 1236 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 00:21:52.0258 1236 IPNAT - ok 00:21:52.0289 1236 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 00:21:52.0336 1236 IRENUM - ok 00:21:52.0352 1236 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 00:21:52.0367 1236 isapnp - ok 00:21:52.0398 1236 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 00:21:52.0414 1236 iScsiPrt - ok 00:21:52.0445 1236 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 00:21:52.0461 1236 kbdclass - ok 00:21:52.0461 1236 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 00:21:52.0492 1236 kbdhid - ok 00:21:52.0523 1236 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 00:21:52.0539 1236 KSecDD - ok 00:21:52.0570 1236 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 00:21:52.0601 1236 KSecPkg - ok 00:21:52.0617 1236 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 00:21:52.0679 1236 ksthunk - ok 00:21:52.0742 1236 LHidFilt (0a7d6ed578d85f0c35353424ee3f5245) C:\Windows\system32\DRIVERS\LHidFilt.Sys 00:21:52.0757 1236 LHidFilt - ok 00:21:52.0773 1236 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 00:21:52.0820 1236 lltdio - ok 00:21:52.0960 1236 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys 00:21:53.0022 1236 LMIInfo - ok 00:21:53.0069 1236 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys 00:21:53.0085 1236 lmimirr - ok 00:21:53.0116 1236 LMIRfsClientNP - ok 00:21:53.0147 1236 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys 00:21:53.0147 1236 LMIRfsDriver - ok 00:21:53.0210 1236 LMouFilt (6542e2e6db58118fbb1b82a68ce3aff9) C:\Windows\system32\DRIVERS\LMouFilt.Sys 00:21:53.0210 1236 LMouFilt - ok 00:21:53.0256 1236 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 00:21:53.0272 1236 LSI_FC - ok 00:21:53.0288 1236 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 00:21:53.0303 1236 LSI_SAS - ok 00:21:53.0334 1236 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 00:21:53.0350 1236 LSI_SAS2 - ok 00:21:53.0366 1236 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 00:21:53.0381 1236 LSI_SCSI - ok 00:21:53.0397 1236 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 00:21:53.0459 1236 luafv - ok 00:21:53.0490 1236 LUsbFilt (da3494df01c62d821911ed91ce5e1642) C:\Windows\system32\Drivers\LUsbFilt.Sys 00:21:53.0522 1236 LUsbFilt - ok 00:21:53.0568 1236 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys 00:21:53.0584 1236 MBAMProtector - ok 00:21:53.0615 1236 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 00:21:53.0631 1236 megasas - ok 00:21:53.0662 1236 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 00:21:53.0678 1236 MegaSR - ok 00:21:53.0709 1236 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 00:21:53.0740 1236 Modem - ok 00:21:53.0771 1236 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 00:21:53.0818 1236 monitor - ok 00:21:53.0880 1236 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 00:21:53.0927 1236 mouclass - ok 00:21:53.0943 1236 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 00:21:54.0036 1236 mouhid - ok 00:21:54.0068 1236 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 00:21:54.0083 1236 mountmgr - ok 00:21:54.0114 1236 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 00:21:54.0130 1236 mpio - ok 00:21:54.0177 1236 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 00:21:54.0255 1236 mpsdrv - ok 00:21:54.0317 1236 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 00:21:54.0426 1236 MRxDAV - ok 00:21:54.0473 1236 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 00:21:54.0536 1236 mrxsmb - ok 00:21:54.0582 1236 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 00:21:54.0660 1236 mrxsmb10 - ok 00:21:54.0676 1236 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 00:21:54.0692 1236 mrxsmb20 - ok 00:21:54.0754 1236 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 00:21:54.0785 1236 msahci - ok 00:21:54.0832 1236 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 00:21:54.0879 1236 msdsm - ok 00:21:54.0926 1236 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 00:21:54.0988 1236 Msfs - ok 00:21:55.0019 1236 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 00:21:55.0066 1236 mshidkmdf - ok 00:21:55.0066 1236 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 00:21:55.0082 1236 msisadrv - ok 00:21:55.0144 1236 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 00:21:55.0175 1236 MSKSSRV - ok 00:21:55.0206 1236 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 00:21:55.0269 1236 MSPCLOCK - ok 00:21:55.0284 1236 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 00:21:55.0347 1236 MSPQM - ok 00:21:55.0378 1236 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 00:21:55.0425 1236 MsRPC - ok 00:21:55.0472 1236 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 00:21:55.0472 1236 mssmbios - ok 00:21:55.0487 1236 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 00:21:55.0550 1236 MSTEE - ok 00:21:55.0550 1236 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 00:21:55.0596 1236 MTConfig - ok 00:21:55.0612 1236 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 00:21:55.0628 1236 Mup - ok 00:21:55.0659 1236 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 00:21:55.0690 1236 NativeWifiP - ok 00:21:55.0768 1236 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 00:21:55.0815 1236 NDIS - ok 00:21:55.0830 1236 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 00:21:55.0862 1236 NdisCap - ok 00:21:55.0893 1236 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 00:21:55.0924 1236 NdisTapi - ok 00:21:55.0955 1236 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 00:21:56.0018 1236 Ndisuio - ok 00:21:56.0064 1236 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 00:21:56.0189 1236 NdisWan - ok 00:21:56.0220 1236 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 00:21:56.0298 1236 NDProxy - ok 00:21:56.0376 1236 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 00:21:56.0423 1236 NetBIOS - ok 00:21:56.0501 1236 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 00:21:56.0564 1236 NetBT - ok 00:21:56.0595 1236 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 00:21:56.0610 1236 nfrd960 - ok 00:21:56.0657 1236 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 00:21:56.0688 1236 Npfs - ok 00:21:56.0720 1236 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 00:21:56.0751 1236 nsiproxy - ok 00:21:56.0844 1236 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys 00:21:56.0907 1236 Ntfs - ok 00:21:56.0954 1236 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 00:21:57.0000 1236 Null - ok 00:21:57.0063 1236 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys 00:21:57.0110 1236 NVENETFD - ok 00:21:57.0141 1236 NVHDA - ok 00:21:57.0609 1236 nvlddmkm (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys 00:21:57.0780 1236 nvlddmkm - ok 00:21:57.0921 1236 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys 00:21:57.0968 1236 nvraid - ok 00:21:57.0983 1236 nvsmu (e58d81fb8616d0cb55c1e36aa0b213c9) C:\Windows\system32\DRIVERS\nvsmu.sys 00:21:57.0999 1236 nvsmu - ok 00:21:58.0030 1236 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys 00:21:58.0046 1236 nvstor - ok 00:21:58.0077 1236 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 00:21:58.0124 1236 nv_agp - ok 00:21:58.0139 1236 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 00:21:58.0202 1236 ohci1394 - ok 00:21:58.0233 1236 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 00:21:58.0280 1236 Parport - ok 00:21:58.0326 1236 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 00:21:58.0358 1236 partmgr - ok 00:21:58.0404 1236 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 00:21:58.0436 1236 pci - ok 00:21:58.0451 1236 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 00:21:58.0467 1236 pciide - ok 00:21:58.0498 1236 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 00:21:58.0514 1236 pcmcia - ok 00:21:58.0529 1236 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 00:21:58.0545 1236 pcw - ok 00:21:58.0576 1236 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 00:21:58.0654 1236 PEAUTH - ok 00:21:58.0732 1236 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 00:21:58.0779 1236 PptpMiniport - ok 00:21:58.0779 1236 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 00:21:58.0810 1236 Processor - ok 00:21:58.0857 1236 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 00:21:58.0904 1236 Psched - ok 00:21:58.0950 1236 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 00:21:59.0013 1236 ql2300 - ok 00:21:59.0044 1236 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 00:21:59.0060 1236 ql40xx - ok 00:21:59.0075 1236 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 00:21:59.0106 1236 QWAVEdrv - ok 00:21:59.0122 1236 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 00:21:59.0184 1236 RasAcd - ok 00:21:59.0231 1236 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 00:21:59.0262 1236 RasAgileVpn - ok 00:21:59.0294 1236 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 00:21:59.0387 1236 Rasl2tp - ok 00:21:59.0418 1236 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 00:21:59.0465 1236 RasPppoe - ok 00:21:59.0481 1236 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 00:21:59.0528 1236 RasSstp - ok 00:21:59.0559 1236 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 00:21:59.0637 1236 rdbss - ok 00:21:59.0652 1236 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 00:21:59.0668 1236 rdpbus - ok 00:21:59.0699 1236 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 00:21:59.0746 1236 RDPCDD - ok 00:21:59.0793 1236 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 00:21:59.0824 1236 RDPDR - ok 00:21:59.0855 1236 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 00:21:59.0902 1236 RDPENCDD - ok 00:21:59.0918 1236 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 00:21:59.0933 1236 RDPREFMP - ok 00:21:59.0980 1236 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 00:22:00.0011 1236 RdpVideoMiniport - ok 00:22:00.0042 1236 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 00:22:00.0105 1236 RDPWD - ok 00:22:00.0152 1236 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 00:22:00.0183 1236 rdyboost - ok 00:22:00.0230 1236 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 00:22:00.0292 1236 rspndr - ok 00:22:00.0308 1236 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 00:22:00.0354 1236 s3cap - ok 00:22:00.0370 1236 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 00:22:00.0401 1236 sbp2port - ok 00:22:00.0448 1236 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 00:22:00.0495 1236 scfilter - ok 00:22:00.0510 1236 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 00:22:00.0542 1236 secdrv - ok 00:22:00.0573 1236 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 00:22:00.0588 1236 Serenum - ok 00:22:00.0604 1236 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 00:22:00.0620 1236 Serial - ok 00:22:00.0651 1236 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 00:22:00.0666 1236 sermouse - ok 00:22:00.0698 1236 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 00:22:00.0729 1236 sffdisk - ok 00:22:00.0744 1236 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 00:22:00.0760 1236 sffp_mmc - ok 00:22:00.0776 1236 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 00:22:00.0807 1236 sffp_sd - ok 00:22:00.0822 1236 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 00:22:00.0838 1236 sfloppy - ok 00:22:00.0869 1236 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 00:22:00.0885 1236 SiSRaid2 - ok 00:22:00.0900 1236 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 00:22:00.0916 1236 SiSRaid4 - ok 00:22:00.0932 1236 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 00:22:00.0994 1236 Smb - ok 00:22:01.0056 1236 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 00:22:01.0088 1236 spldr - ok 00:22:01.0134 1236 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 00:22:01.0181 1236 srv - ok 00:22:01.0212 1236 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 00:22:01.0259 1236 srv2 - ok 00:22:01.0275 1236 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 00:22:01.0322 1236 srvnet - ok 00:22:01.0353 1236 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 00:22:01.0368 1236 stexstor - ok 00:22:01.0431 1236 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 00:22:01.0478 1236 storflt - ok 00:22:01.0524 1236 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 00:22:01.0540 1236 storvsc - ok 00:22:01.0571 1236 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 00:22:01.0587 1236 swenum - ok 00:22:01.0602 1236 Synth3dVsc - ok 00:22:01.0680 1236 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys 00:22:01.0743 1236 Tcpip - ok 00:22:01.0774 1236 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys 00:22:01.0805 1236 TCPIP6 - ok 00:22:01.0852 1236 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 00:22:01.0914 1236 tcpipreg - ok 00:22:01.0930 1236 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 00:22:01.0977 1236 TDPIPE - ok 00:22:01.0992 1236 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 00:22:02.0039 1236 TDTCP - ok 00:22:02.0086 1236 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 00:22:02.0180 1236 tdx - ok 00:22:02.0226 1236 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 00:22:02.0258 1236 TermDD - ok 00:22:02.0304 1236 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 00:22:02.0351 1236 tssecsrv - ok 00:22:02.0382 1236 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 00:22:02.0445 1236 TsUsbFlt - ok 00:22:02.0460 1236 tsusbhub - ok 00:22:02.0507 1236 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 00:22:02.0554 1236 tunnel - ok 00:22:02.0616 1236 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 00:22:02.0632 1236 uagp35 - ok 00:22:02.0694 1236 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 00:22:02.0741 1236 udfs - ok 00:22:02.0819 1236 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 00:22:02.0850 1236 uliagpkx - ok 00:22:02.0897 1236 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 00:22:02.0928 1236 umbus - ok 00:22:02.0944 1236 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 00:22:02.0975 1236 UmPass - ok 00:22:03.0006 1236 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 00:22:03.0069 1236 USBAAPL64 - ok 00:22:03.0100 1236 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys 00:22:03.0131 1236 usbccgp - ok 00:22:03.0178 1236 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 00:22:03.0225 1236 usbcir - ok 00:22:03.0240 1236 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys 00:22:03.0256 1236 usbehci - ok 00:22:03.0287 1236 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys 00:22:03.0318 1236 usbhub - ok 00:22:03.0334 1236 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys 00:22:03.0350 1236 usbohci - ok 00:22:03.0428 1236 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 00:22:03.0459 1236 usbprint - ok 00:22:03.0474 1236 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\drivers\USBSTOR.SYS 00:22:03.0521 1236 USBSTOR - ok 00:22:03.0568 1236 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys 00:22:03.0646 1236 usbuhci - ok 00:22:03.0693 1236 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 00:22:03.0708 1236 vdrvroot - ok 00:22:03.0740 1236 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 00:22:03.0818 1236 vga - ok 00:22:03.0849 1236 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 00:22:03.0911 1236 VgaSave - ok 00:22:03.0942 1236 VGPU - ok 00:22:04.0005 1236 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 00:22:04.0052 1236 vhdmp - ok 00:22:04.0098 1236 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 00:22:04.0114 1236 viaide - ok 00:22:04.0161 1236 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 00:22:04.0192 1236 vmbus - ok 00:22:04.0223 1236 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 00:22:04.0286 1236 VMBusHID - ok 00:22:04.0317 1236 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 00:22:04.0364 1236 volmgr - ok 00:22:04.0410 1236 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 00:22:04.0442 1236 volmgrx - ok 00:22:04.0473 1236 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 00:22:04.0488 1236 volsnap - ok 00:22:04.0520 1236 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 00:22:04.0535 1236 vsmraid - ok 00:22:04.0551 1236 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 00:22:04.0566 1236 vwifibus - ok 00:22:04.0582 1236 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 00:22:04.0613 1236 WacomPen - ok 00:22:04.0644 1236 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 00:22:04.0676 1236 WANARP - ok 00:22:04.0691 1236 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 00:22:04.0722 1236 Wanarpv6 - ok 00:22:04.0754 1236 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 00:22:04.0769 1236 Wd - ok 00:22:04.0785 1236 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 00:22:04.0816 1236 Wdf01000 - ok 00:22:04.0863 1236 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 00:22:04.0894 1236 WfpLwf - ok 00:22:04.0894 1236 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 00:22:04.0910 1236 WIMMount - ok 00:22:04.0972 1236 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 00:22:05.0019 1236 WinUsb - ok 00:22:05.0050 1236 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 00:22:05.0066 1236 WmiAcpi - ok 00:22:05.0112 1236 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 00:22:05.0144 1236 ws2ifsl - ok 00:22:05.0237 1236 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 00:22:05.0346 1236 WudfPf - ok 00:22:05.0393 1236 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 00:22:05.0471 1236 WUDFRd - ok 00:22:05.0502 1236 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 00:22:05.0658 1236 \Device\Harddisk0\DR0 - ok 00:22:05.0658 1236 MBR (0x1B8) (4c54042f5b2569c9ddcf173120d730f9) \Device\Harddisk1\DR1 00:22:05.0768 1236 \Device\Harddisk1\DR1 - ok 00:22:05.0783 1236 Boot (0x1200) (0ecbd1e45d17e88e933f46f50d8e5ae6) \Device\Harddisk0\DR0\Partition0 00:22:05.0783 1236 \Device\Harddisk0\DR0\Partition0 - ok 00:22:05.0783 1236 Boot (0x1200) (0c3cc9ddf6b7d6c6599fbfe4347f854d) \Device\Harddisk1\DR1\Partition0 00:22:05.0783 1236 \Device\Harddisk1\DR1\Partition0 - ok 00:22:05.0799 1236 ============================================================ 00:22:05.0799 1236 Scan finished 00:22:05.0799 1236 ============================================================ 00:22:05.0814 2768 Detected object count: 0 00:22:05.0814 2768 Actual detected object count: 0 00:23:40.0023 3640 ============================================================ 00:23:40.0023 3640 Scan started 00:23:40.0023 3640 Mode: Manual; SigCheck; TDLFS; 00:23:40.0023 3640 ============================================================ 00:23:40.0974 3640 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 00:23:41.0021 3640 1394ohci - ok 00:23:41.0146 3640 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 00:23:41.0177 3640 ACPI - ok 00:23:41.0255 3640 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 00:23:41.0271 3640 AcpiPmi - ok 00:23:41.0349 3640 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 00:23:41.0380 3640 adp94xx - ok 00:23:41.0489 3640 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 00:23:41.0536 3640 adpahci - ok 00:23:41.0630 3640 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 00:23:41.0661 3640 adpu320 - ok 00:23:41.0692 3640 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys 00:23:41.0723 3640 AFD - ok 00:23:41.0754 3640 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 00:23:41.0770 3640 agp440 - ok 00:23:41.0786 3640 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 00:23:41.0801 3640 aliide - ok 00:23:41.0801 3640 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 00:23:41.0817 3640 amdide - ok 00:23:41.0864 3640 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 00:23:41.0879 3640 AmdK8 - ok 00:23:41.0942 3640 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 00:23:41.0957 3640 AmdPPM - ok 00:23:42.0066 3640 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys 00:23:42.0098 3640 amdsata - ok 00:23:42.0129 3640 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 00:23:42.0160 3640 amdsbs - ok 00:23:42.0176 3640 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys 00:23:42.0191 3640 amdxata - ok 00:23:42.0222 3640 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 00:23:42.0269 3640 AppID - ok 00:23:42.0347 3640 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 00:23:42.0363 3640 arc - ok 00:23:42.0378 3640 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 00:23:42.0394 3640 arcsas - ok 00:23:42.0410 3640 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 00:23:42.0441 3640 AsyncMac - ok 00:23:42.0488 3640 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 00:23:42.0503 3640 atapi - ok 00:23:42.0534 3640 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys 00:23:42.0534 3640 avgntflt - ok 00:23:42.0581 3640 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys 00:23:42.0581 3640 avipbb - ok 00:23:42.0612 3640 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 00:23:42.0612 3640 b06bdrv - ok 00:23:42.0675 3640 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 00:23:42.0690 3640 b57nd60a - ok 00:23:42.0737 3640 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 00:23:42.0800 3640 Beep - ok 00:23:42.0846 3640 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 00:23:42.0862 3640 blbdrive - ok 00:23:42.0940 3640 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 00:23:42.0956 3640 bowser - ok 00:23:42.0971 3640 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 00:23:42.0987 3640 BrFiltLo - ok 00:23:43.0034 3640 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 00:23:43.0049 3640 BrFiltUp - ok 00:23:43.0127 3640 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 00:23:43.0158 3640 Brserid - ok 00:23:43.0283 3640 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 00:23:43.0314 3640 BrSerWdm - ok 00:23:43.0330 3640 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 00:23:43.0346 3640 BrUsbMdm - ok 00:23:43.0346 3640 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 00:23:43.0361 3640 BrUsbSer - ok 00:23:43.0392 3640 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 00:23:43.0408 3640 BTHMODEM - ok 00:23:43.0626 3640 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 00:23:43.0689 3640 cdfs - ok 00:23:43.0751 3640 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 00:23:43.0782 3640 cdrom - ok 00:23:43.0892 3640 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 00:23:43.0923 3640 circlass - ok 00:23:44.0063 3640 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 00:23:44.0063 3640 CLFS - ok 00:23:44.0157 3640 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 00:23:44.0188 3640 CmBatt - ok 00:23:44.0219 3640 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 00:23:44.0219 3640 cmdide - ok 00:23:44.0282 3640 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys 00:23:44.0297 3640 CNG - ok 00:23:44.0406 3640 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 00:23:44.0422 3640 Compbatt - ok 00:23:44.0469 3640 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 00:23:44.0500 3640 CompositeBus - ok 00:23:44.0516 3640 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 00:23:44.0531 3640 crcdisk - ok 00:23:44.0578 3640 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 00:23:44.0594 3640 CSC - ok 00:23:44.0625 3640 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 00:23:44.0656 3640 DfsC - ok 00:23:44.0672 3640 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 00:23:44.0703 3640 discache - ok 00:23:44.0750 3640 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 00:23:44.0781 3640 Disk - ok 00:23:44.0828 3640 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 00:23:44.0843 3640 drmkaud - ok 00:23:44.0874 3640 dtsoftbus01 (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys 00:23:44.0906 3640 dtsoftbus01 - ok 00:23:44.0952 3640 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 00:23:44.0984 3640 DXGKrnl - ok 00:23:45.0062 3640 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 00:23:45.0093 3640 ebdrv - ok 00:23:45.0140 3640 ElbyCDFL (9387a484d31209d7fc3f795a787294db) C:\Windows\system32\Drivers\ElbyCDFL.sys 00:23:45.0140 3640 ElbyCDFL - ok 00:23:45.0155 3640 ElbyCDIO (702d5606cf2199e0edea6f0e0d27cd10) C:\Windows\system32\Drivers\ElbyCDIO.sys 00:23:45.0155 3640 ElbyCDIO - ok 00:23:45.0233 3640 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 00:23:45.0249 3640 elxstor - ok 00:23:45.0280 3640 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 00:23:45.0296 3640 ErrDev - ok 00:23:45.0374 3640 esgiguard - ok 00:23:45.0405 3640 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 00:23:45.0436 3640 exfat - ok 00:23:45.0483 3640 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 00:23:45.0514 3640 fastfat - ok 00:23:45.0561 3640 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 00:23:45.0561 3640 fdc - ok 00:23:45.0592 3640 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 00:23:45.0592 3640 FileInfo - ok 00:23:45.0608 3640 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 00:23:45.0639 3640 Filetrace - ok 00:23:45.0670 3640 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 00:23:45.0670 3640 flpydisk - ok 00:23:45.0717 3640 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 00:23:45.0732 3640 FltMgr - ok 00:23:45.0764 3640 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 00:23:45.0779 3640 FsDepends - ok 00:23:45.0795 3640 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 00:23:45.0795 3640 Fs_Rec - ok 00:23:45.0842 3640 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 00:23:45.0857 3640 fvevol - ok 00:23:45.0873 3640 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 00:23:45.0888 3640 gagp30kx - ok 00:23:45.0904 3640 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 00:23:45.0920 3640 GEARAspiWDM - ok 00:23:46.0013 3640 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys 00:23:46.0029 3640 hamachi - ok 00:23:46.0060 3640 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 00:23:46.0076 3640 hcw85cir - ok 00:23:46.0200 3640 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 00:23:46.0247 3640 HdAudAddService - ok 00:23:46.0341 3640 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 00:23:46.0372 3640 HDAudBus - ok 00:23:46.0388 3640 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 00:23:46.0388 3640 HidBatt - ok 00:23:46.0419 3640 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 00:23:46.0434 3640 HidBth - ok 00:23:46.0466 3640 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 00:23:46.0466 3640 HidIr - ok 00:23:46.0481 3640 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 00:23:46.0497 3640 HidUsb - ok 00:23:46.0512 3640 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 00:23:46.0528 3640 HpSAMD - ok 00:23:46.0575 3640 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 00:23:46.0606 3640 HTTP - ok 00:23:46.0668 3640 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 00:23:46.0668 3640 hwpolicy - ok 00:23:46.0684 3640 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 00:23:46.0700 3640 i8042prt - ok 00:23:46.0746 3640 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys 00:23:46.0746 3640 iaStorV - ok 00:23:46.0793 3640 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 00:23:46.0809 3640 iirsp - ok 00:23:46.0840 3640 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 00:23:46.0840 3640 intelide - ok 00:23:46.0871 3640 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 00:23:46.0871 3640 intelppm - ok 00:23:46.0934 3640 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 00:23:46.0965 3640 IpFilterDriver - ok 00:23:46.0980 3640 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 00:23:46.0996 3640 IPMIDRV - ok 00:23:47.0012 3640 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 00:23:47.0027 3640 IPNAT - ok 00:23:47.0043 3640 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 00:23:47.0058 3640 IRENUM - ok 00:23:47.0074 3640 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 00:23:47.0090 3640 isapnp - ok 00:23:47.0105 3640 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 00:23:47.0105 3640 iScsiPrt - ok 00:23:47.0152 3640 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 00:23:47.0168 3640 kbdclass - ok 00:23:47.0214 3640 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 00:23:47.0230 3640 kbdhid - ok 00:23:47.0277 3640 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys 00:23:47.0308 3640 KSecDD - ok 00:23:47.0402 3640 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys 00:23:47.0433 3640 KSecPkg - ok 00:23:47.0464 3640 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 00:23:47.0511 3640 ksthunk - ok 00:23:47.0604 3640 LHidFilt (0a7d6ed578d85f0c35353424ee3f5245) C:\Windows\system32\DRIVERS\LHidFilt.Sys 00:23:47.0604 3640 LHidFilt - ok 00:23:47.0620 3640 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 00:23:47.0651 3640 lltdio - ok 00:23:47.0714 3640 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys 00:23:47.0729 3640 LMIInfo - ok 00:23:47.0760 3640 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys 00:23:47.0760 3640 lmimirr - ok 00:23:47.0776 3640 LMIRfsClientNP - ok 00:23:47.0792 3640 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys 00:23:47.0807 3640 LMIRfsDriver - ok 00:23:47.0823 3640 LMouFilt (6542e2e6db58118fbb1b82a68ce3aff9) C:\Windows\system32\DRIVERS\LMouFilt.Sys 00:23:47.0838 3640 LMouFilt - ok 00:23:47.0854 3640 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 00:23:47.0870 3640 LSI_FC - ok 00:23:47.0885 3640 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 00:23:47.0885 3640 LSI_SAS - ok 00:23:47.0901 3640 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 00:23:47.0916 3640 LSI_SAS2 - ok 00:23:47.0916 3640 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 00:23:47.0932 3640 LSI_SCSI - ok 00:23:47.0948 3640 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 00:23:47.0979 3640 luafv - ok 00:23:47.0994 3640 LUsbFilt (da3494df01c62d821911ed91ce5e1642) C:\Windows\system32\Drivers\LUsbFilt.Sys 00:23:47.0994 3640 LUsbFilt - ok 00:23:48.0041 3640 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys 00:23:48.0041 3640 MBAMProtector - ok 00:23:48.0057 3640 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 00:23:48.0072 3640 megasas - ok 00:23:48.0088 3640 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 00:23:48.0088 3640 MegaSR - ok 00:23:48.0104 3640 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 00:23:48.0135 3640 Modem - ok 00:23:48.0150 3640 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 00:23:48.0166 3640 monitor - ok 00:23:48.0182 3640 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 00:23:48.0197 3640 mouclass - ok 00:23:48.0197 3640 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 00:23:48.0213 3640 mouhid - ok 00:23:48.0228 3640 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 00:23:48.0244 3640 mountmgr - ok 00:23:48.0275 3640 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 00:23:48.0275 3640 mpio - ok 00:23:48.0291 3640 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 00:23:48.0322 3640 mpsdrv - ok 00:23:48.0384 3640 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 00:23:48.0400 3640 MRxDAV - ok 00:23:48.0494 3640 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 00:23:48.0525 3640 mrxsmb - ok 00:23:48.0618 3640 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 00:23:48.0650 3640 mrxsmb10 - ok 00:23:48.0728 3640 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 00:23:48.0759 3640 mrxsmb20 - ok 00:23:48.0790 3640 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 00:23:48.0806 3640 msahci - ok 00:23:48.0868 3640 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 00:23:48.0884 3640 msdsm - ok 00:23:48.0930 3640 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 00:23:48.0977 3640 Msfs - ok 00:23:49.0040 3640 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 00:23:49.0071 3640 mshidkmdf - ok 00:23:49.0133 3640 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 00:23:49.0164 3640 msisadrv - ok 00:23:49.0227 3640 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 00:23:49.0258 3640 MSKSSRV - ok 00:23:49.0320 3640 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 00:23:49.0367 3640 MSPCLOCK - ok 00:23:49.0383 3640 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 00:23:49.0414 3640 MSPQM - ok 00:23:49.0554 3640 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 00:23:49.0586 3640 MsRPC - ok 00:23:49.0679 3640 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 00:23:49.0695 3640 mssmbios - ok 00:23:49.0726 3640 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 00:23:49.0773 3640 MSTEE - ok 00:23:49.0788 3640 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 00:23:49.0804 3640 MTConfig - ok 00:23:49.0882 3640 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 00:23:49.0913 3640 Mup - ok 00:23:49.0944 3640 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 00:23:49.0976 3640 NativeWifiP - ok 00:23:50.0038 3640 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 00:23:50.0069 3640 NDIS - ok 00:23:50.0085 3640 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 00:23:50.0100 3640 NdisCap - ok 00:23:50.0116 3640 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 00:23:50.0147 3640 NdisTapi - ok 00:23:50.0272 3640 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 00:23:50.0319 3640 Ndisuio - ok 00:23:50.0444 3640 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 00:23:50.0490 3640 NdisWan - ok 00:23:50.0584 3640 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 00:23:50.0646 3640 NDProxy - ok 00:23:50.0678 3640 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 00:23:50.0709 3640 NetBIOS - ok 00:23:50.0740 3640 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 00:23:50.0802 3640 NetBT - ok 00:23:50.0896 3640 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 00:23:50.0912 3640 nfrd960 - ok 00:23:50.0974 3640 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 00:23:51.0021 3640 Npfs - ok 00:23:51.0099 3640 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 00:23:51.0146 3640 nsiproxy - ok 00:23:51.0317 3640 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys 00:23:51.0395 3640 Ntfs - ok 00:23:51.0426 3640 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 00:23:51.0473 3640 Null - ok 00:23:51.0551 3640 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys 00:23:51.0582 3640 NVENETFD - ok 00:23:51.0598 3640 NVHDA - ok 00:23:52.0035 3640 nvlddmkm (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys 00:23:52.0206 3640 nvlddmkm - ok 00:23:52.0394 3640 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys 00:23:52.0425 3640 nvraid - ok 00:23:52.0487 3640 nvsmu (e58d81fb8616d0cb55c1e36aa0b213c9) C:\Windows\system32\DRIVERS\nvsmu.sys 00:23:52.0487 3640 nvsmu - ok 00:23:52.0503 3640 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys 00:23:52.0518 3640 nvstor - ok 00:23:52.0550 3640 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 00:23:52.0565 3640 nv_agp - ok 00:23:52.0628 3640 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 00:23:52.0659 3640 ohci1394 - ok 00:23:52.0737 3640 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 00:23:52.0768 3640 Parport - ok 00:23:52.0815 3640 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 00:23:52.0815 3640 partmgr - ok 00:23:52.0893 3640 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 00:23:52.0924 3640 pci - ok 00:23:53.0018 3640 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 00:23:53.0049 3640 pciide - ok 00:23:53.0127 3640 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 00:23:53.0158 3640 pcmcia - ok 00:23:53.0205 3640 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 00:23:53.0220 3640 pcw - ok 00:23:53.0252 3640 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 00:23:53.0283 3640 PEAUTH - ok 00:23:53.0392 3640 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 00:23:53.0439 3640 PptpMiniport - ok 00:23:53.0454 3640 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 00:23:53.0470 3640 Processor - ok 00:23:53.0517 3640 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 00:23:53.0548 3640 Psched - ok 00:23:53.0688 3640 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 00:23:53.0735 3640 ql2300 - ok 00:23:53.0751 3640 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 00:23:53.0751 3640 ql40xx - ok 00:23:53.0782 3640 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 00:23:53.0798 3640 QWAVEdrv - ok 00:23:53.0813 3640 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 00:23:53.0844 3640 RasAcd - ok 00:23:53.0891 3640 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 00:23:53.0922 3640 RasAgileVpn - ok 00:23:53.0954 3640 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 00:23:53.0985 3640 Rasl2tp - ok 00:23:54.0032 3640 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 00:23:54.0063 3640 RasPppoe - ok 00:23:54.0078 3640 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 00:23:54.0110 3640 RasSstp - ok 00:23:54.0188 3640 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 00:23:54.0219 3640 rdbss - ok 00:23:54.0250 3640 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 00:23:54.0250 3640 rdpbus - ok 00:23:54.0266 3640 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 00:23:54.0297 3640 RDPCDD - ok 00:23:54.0328 3640 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 00:23:54.0359 3640 RDPDR - ok 00:23:54.0422 3640 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 00:23:54.0453 3640 RDPENCDD - ok 00:23:54.0468 3640 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 00:23:54.0500 3640 RDPREFMP - ok 00:23:54.0531 3640 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys 00:23:54.0546 3640 RdpVideoMiniport - ok 00:23:54.0640 3640 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys 00:23:54.0702 3640 RDPWD - ok 00:23:54.0749 3640 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 00:23:54.0780 3640 rdyboost - ok 00:23:54.0858 3640 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 00:23:54.0890 3640 rspndr - ok 00:23:54.0983 3640 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 00:23:54.0999 3640 s3cap - ok 00:23:55.0124 3640 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 00:23:55.0139 3640 sbp2port - ok 00:23:55.0170 3640 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 00:23:55.0202 3640 scfilter - ok 00:23:55.0233 3640 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 00:23:55.0264 3640 secdrv - ok 00:23:55.0311 3640 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 00:23:55.0342 3640 Serenum - ok 00:23:55.0467 3640 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 00:23:55.0498 3640 Serial - ok 00:23:55.0545 3640 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 00:23:55.0560 3640 sermouse - ok 00:23:55.0685 3640 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 00:23:55.0716 3640 sffdisk - ok 00:23:55.0748 3640 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 00:23:55.0763 3640 sffp_mmc - ok 00:23:55.0763 3640 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 00:23:55.0779 3640 sffp_sd - ok 00:23:55.0810 3640 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 00:23:55.0810 3640 sfloppy - ok 00:23:55.0841 3640 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 00:23:55.0841 3640 SiSRaid2 - ok 00:23:56.0075 3640 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 00:23:56.0106 3640 SiSRaid4 - ok 00:23:56.0153 3640 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 00:23:56.0184 3640 Smb - ok 00:23:56.0216 3640 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 00:23:56.0216 3640 spldr - ok 00:23:56.0294 3640 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 00:23:56.0325 3640 srv - ok 00:23:56.0403 3640 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 00:23:56.0418 3640 srv2 - ok 00:23:56.0434 3640 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 00:23:56.0450 3640 srvnet - ok 00:23:56.0481 3640 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 00:23:56.0481 3640 stexstor - ok 00:23:56.0621 3640 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 00:23:56.0637 3640 storflt - ok 00:23:56.0871 3640 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 00:23:56.0871 3640 storvsc - ok 00:23:56.0886 3640 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 00:23:56.0902 3640 swenum - ok 00:23:56.0902 3640 Synth3dVsc - ok 00:23:57.0089 3640 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys 00:23:57.0120 3640 Tcpip - ok 00:23:57.0276 3640 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys 00:23:57.0323 3640 TCPIP6 - ok 00:23:57.0464 3640 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 00:23:57.0495 3640 tcpipreg - ok 00:23:57.0588 3640 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 00:23:57.0635 3640 TDPIPE - ok 00:23:57.0760 3640 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 00:23:57.0807 3640 TDTCP - ok 00:23:57.0854 3640 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 00:23:57.0869 3640 tdx - ok 00:23:58.0010 3640 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 00:23:58.0025 3640 TermDD - ok 00:23:58.0150 3640 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 00:23:58.0212 3640 tssecsrv - ok 00:23:58.0259 3640 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 00:23:58.0259 3640 TsUsbFlt - ok 00:23:58.0275 3640 tsusbhub - ok 00:23:58.0431 3640 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 00:23:58.0478 3640 tunnel - ok 00:23:58.0509 3640 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 00:23:58.0509 3640 uagp35 - ok 00:23:58.0618 3640 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 00:23:58.0665 3640 udfs - ok 00:23:58.0774 3640 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 00:23:58.0790 3640 uliagpkx - ok 00:23:58.0852 3640 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 00:23:58.0883 3640 umbus - ok 00:23:58.0930 3640 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 00:23:58.0946 3640 UmPass - ok 00:23:59.0055 3640 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys 00:23:59.0086 3640 USBAAPL64 - ok 00:23:59.0117 3640 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys 00:23:59.0133 3640 usbccgp - ok 00:23:59.0180 3640 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 00:23:59.0195 3640 usbcir - ok 00:23:59.0211 3640 usbehci (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys 00:23:59.0211 3640 usbehci - ok 00:23:59.0320 3640 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys 00:23:59.0351 3640 usbhub - ok 00:23:59.0382 3640 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys 00:23:59.0382 3640 usbohci - ok 00:23:59.0429 3640 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 00:23:59.0445 3640 usbprint - ok 00:23:59.0507 3640 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\drivers\USBSTOR.SYS 00:23:59.0523 3640 USBSTOR - ok 00:23:59.0554 3640 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys 00:23:59.0570 3640 usbuhci - ok 00:23:59.0616 3640 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 00:23:59.0616 3640 vdrvroot - ok 00:23:59.0648 3640 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 00:23:59.0648 3640 vga - ok 00:23:59.0679 3640 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 00:23:59.0694 3640 VgaSave - ok 00:23:59.0726 3640 VGPU - ok 00:23:59.0757 3640 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 00:23:59.0757 3640 vhdmp - ok 00:23:59.0772 3640 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 00:23:59.0788 3640 viaide - ok 00:23:59.0835 3640 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 00:23:59.0835 3640 vmbus - ok 00:23:59.0850 3640 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 00:23:59.0850 3640 VMBusHID - ok 00:23:59.0882 3640 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 00:23:59.0882 3640 volmgr - ok 00:24:00.0038 3640 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 00:24:00.0084 3640 volmgrx - ok 00:24:00.0100 3640 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 00:24:00.0116 3640 volsnap - ok 00:24:00.0131 3640 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 00:24:00.0147 3640 vsmraid - ok 00:24:00.0162 3640 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 00:24:00.0162 3640 vwifibus - ok 00:24:00.0240 3640 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 00:24:00.0272 3640 WacomPen - ok 00:24:00.0428 3640 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 00:24:00.0490 3640 WANARP - ok 00:24:00.0490 3640 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 00:24:00.0521 3640 Wanarpv6 - ok 00:24:00.0662 3640 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 00:24:00.0693 3640 Wd - ok 00:24:00.0771 3640 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 00:24:00.0786 3640 Wdf01000 - ok 00:24:00.0896 3640 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 00:24:00.0958 3640 WfpLwf - ok 00:24:00.0974 3640 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 00:24:00.0974 3640 WIMMount - ok 00:24:01.0036 3640 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 00:24:01.0036 3640 WinUsb - ok 00:24:01.0067 3640 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 00:24:01.0067 3640 WmiAcpi - ok 00:24:01.0098 3640 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 00:24:01.0130 3640 ws2ifsl - ok 00:24:01.0254 3640 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 00:24:01.0317 3640 WudfPf - ok 00:24:01.0364 3640 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 00:24:01.0395 3640 WUDFRd - ok 00:24:01.0426 3640 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 00:24:01.0878 3640 \Device\Harddisk0\DR0 - ok 00:24:01.0878 3640 MBR (0x1B8) (4c54042f5b2569c9ddcf173120d730f9) \Device\Harddisk1\DR1 00:24:01.0972 3640 \Device\Harddisk1\DR1 - ok 00:24:01.0972 3640 Boot (0x1200) (0ecbd1e45d17e88e933f46f50d8e5ae6) \Device\Harddisk0\DR0\Partition0 00:24:01.0988 3640 \Device\Harddisk0\DR0\Partition0 - ok 00:24:01.0988 3640 Boot (0x1200) (0c3cc9ddf6b7d6c6599fbfe4347f854d) \Device\Harddisk1\DR1\Partition0 00:24:01.0988 3640 \Device\Harddisk1\DR1\Partition0 - ok 00:24:01.0988 3640 ============================================================ 00:24:01.0988 3640 Scan finished 00:24:01.0988 3640 ============================================================ 00:24:02.0003 2368 Detected object count: 0 00:24:02.0003 2368 Actual detected object count: 0 das mit der hide.exe hat super geklappt dateien sind wieder sichtbar vielen dank wie gehts nun weiter? |
|
14.10.2011, 00:38
| #12 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen.. Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.10.2011, 15:45
| #13 |
| | Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen.. tatsächlich kam die fehlermeldung und ich musste meinen pc zunächst manuell neustarten, jetzt erscheint sie nicht mehr! logdatei-inhalt: Combofix Logfile: Code:
ATTFilter ComboFix 11-10-14.02 - Red1 14.10.2011 15:50:37.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.4095.2829 [GMT 2:00]
ausgeführt von:: c:\users\Red1\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Red1\AppData\Roaming\Adobe\plugs
c:\users\Red1\AppData\Roaming\Adobe\shed
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-09-14 bis 2011-10-14 ))))))))))))))))))))))))))))))
.
.
2011-10-12 16:26 . 2011-10-12 16:26 -------- d-----w- C:\_OTL
2011-10-10 23:38 . 2011-10-10 23:38 -------- d-----w- c:\program files (x86)\ESET
2011-10-10 21:56 . 2011-10-10 21:56 -------- d-----w- c:\users\Red1\AppData\Roaming\Malwarebytes
2011-10-10 21:56 . 2011-10-10 21:56 -------- d-----w- c:\programdata\Malwarebytes
2011-10-10 21:56 . 2011-10-10 21:56 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-10-10 21:56 . 2011-08-31 15:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-09 20:24 . 2011-10-09 20:24 -------- d-----w- c:\users\Red1\AppData\Local\Threat Expert
2011-10-09 04:04 . 2011-10-09 04:04 -------- d-----w- c:\program files\Enigma Software Group
2011-10-09 04:03 . 2011-10-09 04:03 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-09-21 10:54 . 2011-09-21 10:54 -------- d-----w- c:\users\Red1\AppData\Roaming\InstallShield
2011-09-15 20:02 . 2011-09-15 20:19 -------- d-----w- c:\users\Red1\AppData\Local\Deployment
2011-09-15 20:02 . 2011-09-15 20:02 -------- d-----w- c:\users\Red1\AppData\Local\Apps
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-04 18:50 . 2011-08-04 18:45 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-01 15:53 . 2011-08-01 15:53 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-07-22 05:22 . 2011-08-10 15:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-22 04:54 . 2011-08-10 15:54 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-08-02 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-11-10 281768]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-05-14 2426368]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-12 136360]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-07-15 375176]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2010-09-17 15928]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2010-09-17 57928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to iPhone Converter - c:\users\Red1\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm
IE: Free YouTube to Mp3 Converter - c:\users\Red1\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-iPhone_Backup_Switch_1.0 - c:\windows\iun6002.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-10-14 16:00:53 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-10-14 14:00
.
Vor Suchlauf: 12 Verzeichnis(se), 383.081.271.296 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 382.606.508.032 Bytes frei
.
- - End Of File - - AE8B4CFF427D36F221500733C5B8F0E5
|
|
16.10.2011, 12:50
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen.. Combofix - Scripten 1. Starte das Notepad (Start / Ausführen / notepad[Enter]) 2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein. Code:
ATTFilter File::
c:\windows\system32\drivers\rdvgkmd.sys
Driver::
VGPU
4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall. (Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !) 5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.  6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien: Combofix.txt Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.10.2011, 14:45
| #15 |
| | Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen.. werde im folgennden die logfile posten. Combofix Logfile: Code:
ATTFilter ComboFix 11-10-15.04 - Red1 16.10.2011 15:04:37.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.4095.2834 [GMT 2:00]
ausgeführt von:: c:\users\Red1\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Red1\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
FILE ::
"c:\windows\system32\drivers\rdvgkmd.sys"
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_VGPU
.
.
((((((((((((((((((((((( Dateien erstellt von 2011-09-16 bis 2011-10-16 ))))))))))))))))))))))))))))))
.
.
2011-10-14 12:11 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-14 12:11 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-14 12:11 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-10-14 12:11 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-10-14 12:11 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-14 12:11 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-10-14 12:11 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-10-14 12:11 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-10-12 16:26 . 2011-10-12 16:26 -------- d-----w- C:\_OTL
2011-10-10 23:38 . 2011-10-10 23:38 -------- d-----w- c:\program files (x86)\ESET
2011-10-10 21:56 . 2011-10-10 21:56 -------- d-----w- c:\users\Red1\AppData\Roaming\Malwarebytes
2011-10-10 21:56 . 2011-10-10 21:56 -------- d-----w- c:\programdata\Malwarebytes
2011-10-10 21:56 . 2011-10-10 21:56 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-10-10 21:56 . 2011-08-31 15:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-09 20:24 . 2011-10-09 20:24 -------- d-----w- c:\users\Red1\AppData\Local\Threat Expert
2011-10-09 04:04 . 2011-10-09 04:04 -------- d-----w- c:\program files\Enigma Software Group
2011-10-09 04:03 . 2011-10-09 04:03 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-09-21 10:54 . 2011-09-21 10:54 -------- d-----w- c:\users\Red1\AppData\Roaming\InstallShield
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-04 18:50 . 2011-08-04 18:45 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-01 15:53 . 2011-08-01 15:53 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-14_13.57.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-14 12:12 . 2011-08-20 04:27 67072 c:\windows\SysWOW64\mshtmled.dll
- 2011-08-10 15:54 . 2011-06-21 05:26 67072 c:\windows\SysWOW64\mshtmled.dll
- 2011-08-10 15:54 . 2011-06-21 05:28 68608 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2011-10-14 12:12 . 2011-08-20 04:31 68608 c:\windows\SysWOW64\migration\WininetPlugin.dll
+ 2011-10-14 12:12 . 2011-08-20 04:27 48128 c:\windows\SysWOW64\jsproxy.dll
- 2011-08-10 15:54 . 2011-06-21 05:26 48128 c:\windows\SysWOW64\jsproxy.dll
+ 2010-08-26 19:42 . 2011-10-16 12:58 39276 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-10-16 12:58 30250 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-10-14 12:06 30250 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-08-26 19:20 . 2011-10-16 12:58 15430 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1962787696-2579934246-4068855734-1001_UserData.bin
+ 2011-10-14 12:12 . 2011-08-20 05:34 97280 c:\windows\system32\mshtmled.dll
- 2011-08-10 15:54 . 2011-06-21 06:19 97280 c:\windows\system32\mshtmled.dll
- 2011-08-10 15:54 . 2011-06-21 06:20 95232 c:\windows\system32\migration\WininetPlugin.dll
+ 2011-10-14 12:12 . 2011-08-20 05:37 95232 c:\windows\system32\migration\WininetPlugin.dll
- 2011-08-10 15:54 . 2011-06-21 06:18 64512 c:\windows\system32\jsproxy.dll
+ 2011-10-14 12:12 . 2011-08-20 05:33 64512 c:\windows\system32\jsproxy.dll
- 2010-08-26 19:04 . 2011-10-14 13:30 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-08-26 19:04 . 2011-10-16 13:11 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-10-12 16:30 . 2011-10-14 13:30 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-10-12 16:30 . 2011-10-16 13:11 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-10-14 13:30 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-10-16 13:11 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-08-26 19:19 . 2011-10-16 13:13 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-08-26 19:19 . 2011-10-14 12:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:46 . 2011-10-15 15:41 87696 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-08-26 19:19 . 2011-10-16 13:13 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-08-26 19:19 . 2011-10-14 12:05 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-08-26 19:19 . 2011-10-14 12:05 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-08-26 19:19 . 2011-10-16 13:13 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-08-26 19:19 . 2011-10-16 13:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-08-26 19:19 . 2011-10-14 13:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-08-26 19:19 . 2011-10-14 13:05 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-08-26 19:19 . 2011-10-16 13:13 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-08-26 21:01 . 2011-10-14 15:12 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-08-26 21:01 . 2011-09-14 19:01 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-08-26 21:01 . 2011-10-14 15:12 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2010-08-26 21:01 . 2011-09-14 19:01 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2010-08-26 21:01 . 2011-09-14 19:01 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-08-26 21:01 . 2011-10-14 15:12 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-10-15 13:07 . 2011-10-15 13:07 60416 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Pres#\0d036f215cfdf37305d84ac680e19413\System.Windows.Presentation.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 54784 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\c4a4564925c5fa6d43dac830cfb294bd\System.Web.DynamicData.Design.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 90624 c:\windows\assembly\NativeImages_v2.0.50727_64\stdole\968c30c131b94a1b5e834fbc333b177b\stdole.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 72192 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFontCac#\3a5529f1de05952773c725a6ff2e07fb\PresentationFontCache.ni.exe
+ 2011-10-15 12:50 . 2011-10-15 12:50 61952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCFFRast#\c066431266a5b4c8326779d12542161c\PresentationCFFRasterizer.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 33792 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Run#\621b2f176909228deae402a6031e7420\Microsoft.WSMan.Runtime.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 45056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\ecd29eb2eda46acfda1229f8362f60e9\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 43520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\d77eafc89b58f5466b7555d89a293c50\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 36864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\c1e58a266d600248f08dca600457e346\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 40448 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\9f1ca68fbcefac4ef4f13e5f5604ad82\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 59904 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\8260ae5a7d4a7e7cd907c958858da284\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 70144 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\371120a0816ba5ce909b8e1341da376f\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2011-10-15 12:47 . 2011-10-15 12:47 32256 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualC\e6aabbfb38a14559712fdf51064ff3a1\Microsoft.VisualC.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 66048 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\a9a494047cfbd13fd4a155c77a258a0a\Microsoft.Security.ApplicationId.PolicyManagement.XmlHelper.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 64000 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\90b3ba2f1de795690641228b63586965\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 65536 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\866c57c6e58cbe8249b36f21ec8ac18a\Microsoft.MediaCenter.iTv.Hosting.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 40960 c:\windows\assembly\NativeImages_v2.0.50727_64\LoadMxf\584f193ae53236bf55cd78b246214d83\LoadMxf.ni.exe
+ 2011-10-15 13:02 . 2011-10-15 13:02 49664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUPnP\50cda8ab4cd566b222342c3da14302d3\ehiUPnP.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 93184 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiTVMSMusic\fae9950502b5464108feda9d64ebea78\ehiTVMSMusic.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 28672 c:\windows\assembly\NativeImages_v2.0.50727_64\dfsvc\7de9a8137a33d06dad01c8405d960037\dfsvc.ni.exe
+ 2011-10-15 13:01 . 2011-10-15 13:01 33280 c:\windows\assembly\NativeImages_v2.0.50727_64\AuditPolicyGPManage#\320d4f45d6463976ce238f654e706926\AuditPolicyGPManagedStubs.Interop.ni.dll
+ 2011-10-15 12:50 . 2011-10-15 12:50 78848 c:\windows\assembly\NativeImages_v2.0.50727_64\Accessibility\d301e1d96d4f39f15482db09206f1fb1\Accessibility.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\bb1d36ae26e7cadf563061596682e747\UIAutomationProvider.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\de6cc37afc2bb3ea973c29211f0b21d8\System.Windows.Presentation.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\813e44ed9fb1cc60fa0ddc7a8d790a0a\System.Web.DynamicData.Design.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\d0ed41e7dcb1be4a43a76e47de276d94\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\32d21563937263ee3ae9eecfa59fdc3d\System.AddIn.Contract.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 44032 c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\17b4308b0e6d35c1230135ed25fffbfe\stdole.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\af072bb984952ba5e573ca93cc0cad44\PresentationFontCache.ni.exe
+ 2011-10-15 12:52 . 2011-10-15 12:52 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\7681b87de3ecee06390331f0fab14c93\PresentationCFFRasterizer.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\a38f8e60cdbca2d158d8daaea9577934\napcrypt.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 17920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\0067507e3305266a72358b51bdd5dd86\Microsoft.WSMan.Runtime.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 23040 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\f7a51d8e344dda4d7f38e1b824cd83ad\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 32256 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ed12245481e36d8cc238876bd79b1e6c\Microsoft.Windows.Diagnosis.SDHost.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 27136 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\e5e22edbc2a34b9d9a166dbbaf7379ff\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 19968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\ca1daccfdb3f0bff3bd0062644a539bf\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 25088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\afe4d94d07a22c70106c859139cb314a\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\62e68252fc137a55d2d39fe0d5093599\Microsoft.Windows.Diagnosis.SDEngine.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 86528 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Windows.D#\508857b730c4edea8eca42b3d435ef82\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5011901c735997d46243e3a90e8bd736\Microsoft.Vsa.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\3cb6023aa6ab962babcee9c0ec8991de\Microsoft.VisualC.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\cf3cab157883d19e2fb460518c26f6e7\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 39936 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\4879f5496d8e920dc19c97e53db253d2\Microsoft.Security.ApplicationId.PolicyManagement.XmlHelper.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\aac5bc888c15c2630ea22e517e4e19f8\Microsoft.Build.Framework.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4ee55572f0f54a71e24fe3fec094968b\Microsoft.Build.Framework.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 60416 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\e6e4bd9a47848b93cd2dd8a688968741\ehiUserXp.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\94a173b39fa90956937b41c775ac66d7\dfsvc.ni.exe
+ 2011-10-15 12:58 . 2011-10-15 12:58 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\AuditPolicyGPManage#\06b63c6e22871790da6705df56a896dc\AuditPolicyGPManagedStubs.Interop.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\31fce331fded94dd06627603f6fe4562\Accessibility.ni.dll
+ 2010-08-28 01:03 . 2011-10-14 14:41 3266 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2011-10-16 13:11 . 2011-10-16 13:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-10-14 13:56 . 2011-10-14 13:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-10-14 13:56 . 2011-10-14 13:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-10-16 13:11 . 2011-10-16 13:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-10-14 12:12 . 2011-08-20 04:31 981504 c:\windows\SysWOW64\wininet.dll
- 2011-08-10 15:54 . 2011-06-21 05:28 981504 c:\windows\SysWOW64\wininet.dll
+ 2011-10-14 12:12 . 2011-08-20 04:30 132096 c:\windows\SysWOW64\url.dll
- 2011-08-10 15:54 . 2011-06-21 05:28 132096 c:\windows\SysWOW64\url.dll
+ 2011-10-14 12:12 . 2011-08-20 04:27 599552 c:\windows\SysWOW64\msfeeds.dll
- 2011-08-10 15:54 . 2011-06-21 05:26 599552 c:\windows\SysWOW64\msfeeds.dll
- 2011-08-10 15:54 . 2011-06-21 05:26 176640 c:\windows\SysWOW64\ieui.dll
+ 2011-10-14 12:12 . 2011-08-20 04:26 176640 c:\windows\SysWOW64\ieui.dll
+ 2011-10-14 12:12 . 2011-08-20 05:37 134144 c:\windows\system32\url.dll
- 2011-08-10 15:54 . 2011-06-21 06:20 134144 c:\windows\system32\url.dll
- 2011-08-10 15:54 . 2011-06-21 06:19 702464 c:\windows\system32\msfeeds.dll
+ 2011-10-14 12:12 . 2011-08-20 05:34 702464 c:\windows\system32\msfeeds.dll
+ 2011-10-14 12:12 . 2011-08-20 05:33 247808 c:\windows\system32\ieui.dll
- 2011-08-10 15:54 . 2011-06-21 06:18 247808 c:\windows\system32\ieui.dll
+ 2009-07-14 04:45 . 2011-10-15 12:46 413624 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 04:45 . 2011-07-13 23:08 413624 c:\windows\system32\FNTCACHE.DAT
- 2009-07-14 05:12 . 2011-10-14 13:30 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2011-10-16 12:57 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:01 . 2011-10-16 13:10 387416 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-10-14 13:55 387416 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-08-27 02:08 . 2011-10-16 13:10 819280 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1962787696-2579934246-4068855734-1001-8192.dat
+ 2011-10-14 12:11 . 2011-07-08 22:31 485192 c:\windows\Microsoft.NET\Framework64\v2.0.50727\SOS.dll
- 2011-06-28 07:07 . 2011-03-29 22:32 485192 c:\windows\Microsoft.NET\Framework64\v2.0.50727\SOS.dll
- 2011-06-28 07:07 . 2011-03-29 22:33 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2011-10-14 12:11 . 2011-07-08 22:33 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
- 2011-06-28 07:07 . 2011-03-29 22:33 995672 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2011-10-14 12:11 . 2011-07-08 22:33 995672 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-08-26 21:01 . 2011-10-14 15:12 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2010-08-26 21:01 . 2011-09-14 19:01 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2010-08-26 21:01 . 2011-09-14 19:01 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-08-26 21:01 . 2011-10-14 15:12 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2010-08-26 21:01 . 2011-09-14 19:01 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2010-08-26 21:01 . 2011-10-14 15:12 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2010-08-26 21:01 . 2011-10-14 15:12 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2010-08-26 21:01 . 2011-09-14 19:01 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2010-08-26 21:01 . 2011-09-14 19:01 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2010-08-26 21:01 . 2011-10-14 15:12 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2010-08-26 21:01 . 2011-10-14 15:12 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2010-08-26 21:01 . 2011-09-14 19:01 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2010-08-26 21:01 . 2011-09-14 19:01 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2010-08-26 21:01 . 2011-10-14 15:12 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2011-05-26 07:57 . 2010-11-20 13:44 315392 c:\windows\ehome\Microsoft.MediaCenter.Interop.dll
+ 2011-10-14 12:11 . 2011-08-17 05:28 315392 c:\windows\ehome\Microsoft.MediaCenter.Interop.dll
+ 2011-10-15 13:07 . 2011-10-15 13:07 468992 c:\windows\assembly\NativeImages_v2.0.50727_64\WsatConfig\756011e2290f779331336b1659d804e9\WsatConfig.ni.exe
+ 2011-10-15 13:07 . 2011-10-15 13:07 329216 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\bdf567eb555bffe4d9f4383b6b97832b\WindowsFormsIntegration.ni.dll
+ 2011-10-15 12:50 . 2011-10-15 12:50 253952 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationTypes\344ac206baaadddc6f7c5fb8ae189b1a\UIAutomationTypes.ni.dll
+ 2011-10-15 12:50 . 2011-10-15 12:50 120832 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationProvider\7a61dc7e8c606d1ed2c703cbeae2f8ef\UIAutomationProvider.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 653312 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClient\93585639099b0e1b8280eb528fb12c0b\UIAutomationClient.ni.dll
+ 2011-10-15 13:07 . 2011-10-15 13:07 304128 c:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\da4abebb1b165f2d27c5fe5bc6e9ed71\TaskScheduler.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 529920 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\2b9253e5a2818152f9f1a3b9d7c7ee60\System.Xml.Linq.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 187392 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\5e59963a99fe6b3dfc07b6ecb375b42b\System.Web.Routing.ni.dll
+ 2011-10-15 12:50 . 2011-10-15 12:50 261120 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.RegularE#\d78f9ad8894e441f38d96697bee1d6fa\System.Web.RegularExpressions.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 449024 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\550cf8623da60ebdaf41be0d472886cf\System.Web.Entity.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 398848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\e97615ac42a73803dbb72feb560dc3f8\System.Web.Entity.Design.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 753664 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\469736b242d26e3a0df5dea6da3679f4\System.Web.DynamicData.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 204800 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\de14c74ae9ddfaae3ecf50a7e4a1f1b0\System.Web.Abstractions.ni.dll
+ 2011-10-15 12:49 . 2011-10-15 12:49 921600 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\f15a8af412d84b1fd14fc735fb5834f5\System.Transactions.ni.dll
+ 2011-10-15 12:50 . 2011-10-15 12:50 295424 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\8428a82fd82a1ef1d3dab07be67dd78f\System.ServiceProcess.ni.dll
+ 2011-10-15 12:48 . 2011-10-15 12:48 928768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Security\a3202e5eeb5c84ca6d5453b50c28e1af\System.Security.ni.dll
+ 2011-10-15 12:49 . 2011-10-15 12:49 396288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b3b42692707c0f555807def0c4acefe3\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 916480 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Net\1d7d8aef36a4181c824e7b19a5717181\System.Net.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 783360 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\7b701647e76dc015ef7574b789abac7b\System.Messaging.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 534016 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.I#\515b6d806d49ee9f3a0c4777c313c5a9\System.Management.Instrumentation.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 569856 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IO.Log\09e99130b92146abae3d4c9b5c8bb116\System.IO.Log.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 294400 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityMode#\ab72e394c92f57172be9a9d29be90e90\System.IdentityModel.Selectors.ni.dll
+ 2011-10-15 12:49 . 2011-10-15 12:49 446464 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\4b0fd98f11e1e243efcfb810c170decf\System.EnterpriseServices.Wrapper.dll
+ 2011-10-15 12:50 . 2011-10-15 12:50 288768 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\4026f724cc80f1beb4450d3286d93c0d\System.Drawing.Design.ni.dll
+ 2011-10-15 12:50 . 2011-10-15 12:50 649728 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\ea326d1e49d4824358eb5826fe52921a\System.DirectoryServices.Protocols.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 629760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\a342b0087027682df86caa73cf0dc223\System.Data.Services.Design.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 194560 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.DataSet#\0749a52124e604d5104322fd60606810\System.Data.DataSetExtensions.ni.dll
+ 2011-10-15 12:50 . 2011-10-15 12:50 192000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuratio#\7d99138fb23b6c17aa205d49c6bfce9e\System.Configuration.Install.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 132096 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ComponentMod#\63c8a0af333eb6fa7d73d5b30c9acb38\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 889344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn\3867b72f0fdef0241a18f0c6767ecf05\System.AddIn.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\System.AddIn.Contra#\edf038eef2dc9f21b13da8bdc046a834\System.AddIn.Contract.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 297984 c:\windows\assembly\NativeImages_v2.0.50727_64\sysglobl\0ba53d547dabd039b0cfc9ce52fa6c57\sysglobl.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 525824 c:\windows\assembly\NativeImages_v2.0.50727_64\SMSvcHost\ce64633f4e4ba6f3c45ad5ad6a35d736\SMSvcHost.ni.exe
+ 2011-10-15 13:02 . 2011-10-15 13:02 349184 c:\windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\d912b15f4aaac2455b690f6e477a67b1\SMDiagnostics.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 376832 c:\windows\assembly\NativeImages_v2.0.50727_64\SecurityAuditPolici#\66eee769d42b67224d5ca71d24bb5ed5\SecurityAuditPoliciesSnapIn.ni.dll
+ 2011-10-15 12:51 . 2011-10-15 12:51 317440 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\a4757ccc20fa4dac96856aaaea05ffaa\PresentationFramework.Royale.ni.dll
+ 2011-10-15 12:51 . 2011-10-15 12:51 620544 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\9ab2ddfc6ccc7d84144aa45fc86969a1\PresentationFramework.Luna.ni.dll
+ 2011-10-15 12:51 . 2011-10-15 12:51 463360 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\631667d5c4e1f0beee46c82e316ed0cb\PresentationFramework.Aero.ni.dll
+ 2011-10-15 12:51 . 2011-10-15 12:51 282624 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\2de40f08930236c079d2653ade704bfc\PresentationFramework.Classic.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 855040 c:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\d1f466e30784f97cdb0df13554276dd5\napsnap.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 162816 c:\windows\assembly\NativeImages_v2.0.50727_64\napinit\864f48b66cc44fcc43b7a40bc2ccb3cd\napinit.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 175104 c:\windows\assembly\NativeImages_v2.0.50727_64\naphlpr\fd2464358cddfa04f46d55b9153249e3\naphlpr.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 127488 c:\windows\assembly\NativeImages_v2.0.50727_64\napcrypt\717cc07bafa8f50a6f87be383fa9018b\napcrypt.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 184320 c:\windows\assembly\NativeImages_v2.0.50727_64\MSBuild\1b9e231c729d1e59a4610531e0314c6d\MSBuild.ni.exe
+ 2011-10-15 13:03 . 2011-10-15 13:03 417792 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\091f53e39941f5371814cc96d71729a3\MMCFxCommon.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 681984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.WSMan.Man#\8f7d31b01ed5d655fd5c48117453f960\Microsoft.WSMan.Management.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 122368 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Windows.D#\520f7ea348d330647c204acc32afadae\Microsoft.Windows.Diagnosis.TroubleshootingPack.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 105984 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Vsa\3c37f454edf0064bb10747920ae0be9d\Microsoft.Vsa.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 584192 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\3bdebcf5831c9f66c55e7b650713b2e9\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 318976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\d0f8400be8cc4b7cea8e2b036ee75d23\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 937472 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\c7a13491e86eb21258a1b0e778115e10\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 235008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\b4c1eaad859fe1c90ce29bc671c22890\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 275456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Security.#\92b61d50825667d08b6c563f35666920\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 416768 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\f616652a9327d4f41f9adc33aedd8feb\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 713216 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\9e3b197d73893a55ec7bf4d4dda692e2\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 237056 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\7bba925a067b6efc53e6e4ea3c458dc0\Microsoft.PowerShell.Security.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 999936 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\608d7a44baf1367d7f4b8aa8e96e3d82\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 370176 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\c9b6a9b9a26ac6d9d3575cda488172ce\Microsoft.MediaCenter.Playback.ni.dll
+ 2011-10-15 12:48 . 2011-10-15 12:48 522240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\c0673b635e9f01e3084c383e1cc689e5\Microsoft.MediaCenter.Interop.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 152576 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\a743124afb874ab00d713ab50a7d850d\Microsoft.MediaCenter.ITVVM.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 312320 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\a4bde939b3d8da9baf5939b9e62d9ef7\Microsoft.MediaCenter.iTv.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 219648 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\7de5318ee2be8e2b8fcffde83c79ab7c\Microsoft.MediaCenter.iTv.Media.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 164864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\53074205d60375dc33155586a27d07eb\Microsoft.MediaCenter.Mheg.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 965632 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\377d824dde728ce28d61ef522c3be808\Microsoft.MediaCenter.Sports.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 798720 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\e1b7ce3acfe6f344c39e96d33637c4af\Microsoft.ManagementConsole.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 618496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.GroupPoli#\a28de069a345eb9fa468b65e8a0352b8\Microsoft.GroupPolicy.AdmTmplEditor.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 399360 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.GroupPoli#\98ea8003b7a453f2239669a432bf090e\Microsoft.GroupPolicy.Interop.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 198656 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\a1a7ca0c475f607d60d4c8c17b5049af\Microsoft.Build.Utilities.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 244736 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Uti#\8eda32beeba1d8dff2848edce97f15b3\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 142336 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\9f5bcff6a0b169efa6b607efd8789ea9\Microsoft.Build.Framework.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 121344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Fra#\0ef8fa5e835e9ae9fd9a20e5d5058460\Microsoft.Build.Framework.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 294912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Con#\0c7a36fa5c4a99e157201a67c10ba344\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 727040 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Applicati#\5236edad06d28858a9c582c2c772be41\Microsoft.ApplicationId.RuleWizard.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 423424 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Applicati#\137a78131ad522e618ac4d1ac9107c39\Microsoft.ApplicationId.Framework.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 107520 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft-Windows-H#\348c58da6c217fb9a1a6f33b19bc1501\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 380928 c:\windows\assembly\NativeImages_v2.0.50727_64\Mcx2Dvcs\a37f126e2b6bbb6f476c0d14399949b0\Mcx2Dvcs.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 547328 c:\windows\assembly\NativeImages_v2.0.50727_64\mcupdate\99229f50cf34d755c07c74f5d7e88803\mcupdate.ni.exe
+ 2011-10-15 13:02 . 2011-10-15 13:02 533504 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstoredb\22e35c0c53328cbd317a395f81ce7122\mcstoredb.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 549376 c:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\4dce2da44e40d021caecb8243667718e\mcplayerinterop.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 696320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\9376158dbb6294a55db5b75cf78a06a4\mcGlidHostObj.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 156672 c:\windows\assembly\NativeImages_v2.0.50727_64\MCESidebarCtrl\b8735694a594d872e3b89050c3883f5c\MCESidebarCtrl.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 659456 c:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\e96db8294b247cffcbd2df3cde0ece40\EventViewer.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 969216 c:\windows\assembly\NativeImages_v2.0.50727_64\ehRecObj\d8fcbbc454183dbd4883686dce6fb198\ehRecObj.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 661504 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiWUapi\87f11d95ab10469f888fd76c45f9fceb\ehiWUapi.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 933888 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiwmp\a24c79d19a6d2a3e8ca587ecddd3e735\ehiwmp.ni.dll
+ 2011-10-15 12:47 . 2011-10-15 12:47 145408 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiUserXp\0de7a02857c6041bc2c86c1db3ca8c23\ehiUserXp.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 196096 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiiTv\421eb174f94249cf6a3b9e517baa82f8\ehiiTv.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 397824 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiExtens\d5bf6f8e9e3d08d407ed68b714c268ae\ehiExtens.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 110080 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiBmlDataCarousel\b55c3bb24dda0acda2bc332cc3016f75\ehiBmlDataCarousel.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 126976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiActivScp\cbebce3e616f8fa475427e94a5f607de\ehiActivScp.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 389120 c:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\88c5012f9a84d220dc4d413c7935dd07\ehExtHost.ni.exe
+ 2011-10-15 13:02 . 2011-10-15 13:02 313856 c:\windows\assembly\NativeImages_v2.0.50727_64\ehCIR\574c597861e298e143212535dc1e19ec\ehCIR.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 348672 c:\windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\1e040217cf674c6cf528fbfe18c4c2f8\CustomMarshalers.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 640000 c:\windows\assembly\NativeImages_v2.0.50727_64\ComSvcConfig\6ccad398816b1569afb2a7fcbd49bf42\ComSvcConfig.ni.exe
+ 2011-10-15 13:01 . 2011-10-15 13:01 971264 c:\windows\assembly\NativeImages_v2.0.50727_64\BDATunePIA\e938d38129512db210e2bc77214849d5\BDATunePIA.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\0f0e4119556b49e8e2adcd3a441753fc\WsatConfig.ni.exe
+ 2011-10-15 13:01 . 2011-10-15 13:01 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\273292e88c7b60ecbae9d85e94cd097e\WindowsFormsIntegration.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 185344 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\93df5ea9646ad11a21517e4ab1d803d9\UIAutomationTypes.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 452096 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\6eadd2ec3f027920eb71e6e9fed30ff2\UIAutomationClient.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 245248 c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\8c9f15092dab9a5f36d9f160b69d108c\TaskScheduler.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 401408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\88f32d62a8df469e8b9f12a8d3093627\System.Xml.Linq.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\3829b51abaacbeb5c4d871ab288f4fc2\System.Web.Routing.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\54aff110093134e12558e26c7a038eb7\System.Web.RegularExpressions.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 860160 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\74181cc1641ef6eef960185a8295f481\System.Web.Extensions.Design.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\2b4a2e72bcd57347b5c94f0e8d9a1895\System.Web.Entity.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 301568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\636d522ccf1f6956ba7be9ee79749c14\System.Web.Entity.Design.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\812d09cd97db4c0d689522d35b783990\System.Web.DynamicData.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\99615ea47ed1a1ffb696b035c922f1eb\System.Web.Abstractions.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f5659a792c1f6832d9a45c1509d03497\System.Transactions.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6f2de1cb69aef1946760a70f355a3075\System.ServiceProcess.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 680448 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\ccba14fc93de40f4f53d401f07b9bcb8\System.Security.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 310784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\680689b01ddb7fbe11478caf8cb71d3c\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 624128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\573003889d88b6c133de7360960c9da0\System.Net.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 593408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\4ede0fecbdb3795efa9dca6b77c2031b\System.Messaging.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 330240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\2e7668ad46be53fe98c5fbe4b3bf733e\System.Management.Instrumentation.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\ebd645cff62cef59eaf1ef8e3b3c5127\System.IO.Log.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\8a7d8a1bed270870c645ff47913f062a\System.IdentityModel.Selectors.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\dfe859829abd7f108aa5d82382251690\System.EnterpriseServices.Wrapper.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 628224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\dfe859829abd7f108aa5d82382251690\System.EnterpriseServices.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\8aa064c925a6b6bc885c3bd5bb1f4149\System.Drawing.Design.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\a5df8714e91f2e7d0f76081b6581d071\System.DirectoryServices.Protocols.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 888320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7c86a11e96b7e798d5db164c22ea0268\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 462336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\50da9308aea01ad914cc87509dd968ec\System.Data.Services.Design.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 763392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\6b2585c0630f7a9411ef5730f3558139\System.Data.Entity.Design.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\c523aa7f545394a1ed7f9a6358cf18e3\System.Data.DataSetExtensions.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\66a5094e521e34aecd51e4bae30ac266\System.Configuration.Install.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 633344 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\55b239388c36e25bb9af84a8827df8c2\System.AddIn.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 232448 c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\571bcd3c57411a09469a58c7462a4c8b\sysglobl.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\2a25182592e8c63ea14d0935b0580b9d\SMSvcHost.ni.exe
+ 2011-10-15 12:59 . 2011-10-15 12:59 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6294f61f25c953212b92b7e13a0fd9c1\SMDiagnostics.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 294912 c:\windows\assembly\NativeImages_v2.0.50727_32\SecurityAuditPolici#\da273b9f6a5cb6438f5779e5a03b6441\SecurityAuditPoliciesSnapIn.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\aae0c17e133300ab45fb897647cdd8d7\PresentationFramework.Luna.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9ad023d8c5d5925e50b96c0d63da0235\PresentationFramework.Royale.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 226816 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b57fb7ab01951581394186c32cd278b\PresentationFramework.Classic.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 723456 c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\a41437397e3b33ebc5d2652d5d840667\napsnap.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 117760 c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\c2030859672edc6a6f938650d64c42fc\napinit.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 114176 c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\6c31aace1d7b39145fe0ef94f1530e8a\naphlpr.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\027cfb46a54d640ce0170818510f55cb\MSBuild.ni.exe
+ 2011-10-15 12:59 . 2011-10-15 12:59 287232 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\6bc5509877a8e98672c09d8279aa93f0\MMCFxCommon.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 531968 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\d2895e306d1273b26f21b2e236a8fa29\Microsoft.WSMan.Management.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\ce29d5de8d4f6f1b2216f7f17ae66c80\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 187392 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\e34191abf1bb565270cf4a8cda9f7726\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 157184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\6d2877875d3e610806b8e3a0c312b945\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\657d937db9f0b5a65714b9d2a99570ab\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 210944 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Security.#\547f0d2298367b51bd1c70a7d3365563\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 291328 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\75da06cfbcab0c1e87d570e1f89e57a9\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 729088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\53ef826acbbf946830301f1fcc0361d2\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 786432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\3ba895a97f175c7b84165998badb814e\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 167424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\38b928a3c5a4ddbe616983989bae6487\Microsoft.PowerShell.Security.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 515584 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\162342556ee7cad6282e99be346b8651\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 561664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\189ddbba16fb3c5b7f2250b3286ad0fa\Microsoft.ManagementConsole.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 455168 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\c92fc33c0cb945ea773911cd0fbb3df9\Microsoft.GroupPolicy.AdmTmplEditor.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 286208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\a391ba9657040ba0711807cc4e117289\Microsoft.GroupPolicy.Interop.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\547d1806b410977e2d3d5c05e5114d1a\Microsoft.Build.Utilities.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4153cdd9b2d16edd1bba53bea09614a2\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\88cf4cd59af3b638ca7b1e82fab428b5\Microsoft.Build.Engine.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\86c1ebc6968927a4ec60d3f14f3fb44e\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 316928 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\5b07981ed0dbb690ccf9c4078a3041e5\Microsoft.ApplicationId.Framework.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 587776 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Applicati#\38dc2628747f2f2c80a329c0eef42971\Microsoft.ApplicationId.RuleWizard.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 364032 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\2d30f32b6ca585235fada8fb050f2be5\mcstoredb.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 553472 c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\88e8c62f1004f6f07e591df9723f57bd\EventViewer.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 693248 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\0bde53bae85a8d27007dc0f7d418df41\ehRecObj.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 875520 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\fbec5a519a2c5005d43b04b6386406b2\ehiVidCtl.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 442880 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\832b98f0578e73e8693fea7067c3d2ab\ehiProxy.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 161280 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\fa383760dc46e586ae40374129164b4e\ehiExtens.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 254464 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\c52cbd60b414e74e81e2d2445f36208a\ehExtHost32.ni.exe
+ 2011-10-15 12:59 . 2011-10-15 12:59 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\2c2215e99c21daeec6bf697cf7bcf103\CustomMarshalers.ni.dll
+ 2011-10-15 12:58 . 2011-10-15 12:58 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\ca2d56fdb2662c94353b2eba49d47725\ComSvcConfig.ni.exe
+ 2011-10-15 12:58 . 2011-10-15 12:58 621568 c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\91855551ad544c05d076b476f2e25002\BDATunePIA.ni.dll
- 2011-05-26 07:57 . 2010-11-20 13:44 315392 c:\windows\assembly\GAC_64\Microsoft.MediaCenter.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Interop.dll
+ 2011-10-14 12:11 . 2011-08-17 05:28 315392 c:\windows\assembly\GAC_64\Microsoft.MediaCenter.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Interop.dll
+ 2011-10-14 12:12 . 2011-08-20 04:30 1231360 c:\windows\SysWOW64\urlmon.dll
- 2011-08-10 15:54 . 2011-06-21 05:28 1231360 c:\windows\SysWOW64\urlmon.dll
+ 2011-10-14 12:12 . 2011-10-01 04:34 5990400 c:\windows\SysWOW64\mshtml.dll
- 2011-08-10 15:54 . 2011-06-21 05:26 2073600 c:\windows\SysWOW64\iertutil.dll
+ 2011-10-14 12:12 . 2011-08-20 04:26 2073600 c:\windows\SysWOW64\iertutil.dll
+ 2011-10-14 12:12 . 2011-08-20 05:37 1188864 c:\windows\system32\wininet.dll
- 2011-08-10 15:54 . 2011-06-21 06:20 1188864 c:\windows\system32\wininet.dll
+ 2011-10-14 12:12 . 2011-09-06 03:03 3138048 c:\windows\system32\win32k.sys
+ 2011-10-14 12:12 . 2011-08-20 05:37 1494016 c:\windows\system32\urlmon.dll
+ 2011-10-14 12:12 . 2011-10-01 05:41 9011200 c:\windows\system32\mshtml.dll
- 2011-08-10 15:54 . 2011-06-21 06:18 2454528 c:\windows\system32\iertutil.dll
+ 2011-10-14 12:12 . 2011-08-20 05:33 2454528 c:\windows\system32\iertutil.dll
- 2009-07-14 04:45 . 2011-09-14 21:34 5980419 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2011-10-15 12:49 5980419 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2011-10-14 12:11 . 2011-07-08 22:31 9990992 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
- 2011-06-28 07:07 . 2011-03-29 22:32 4567040 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll
+ 2011-10-14 12:11 . 2011-07-08 22:31 4567040 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll
- 2011-06-28 07:07 . 2011-03-29 22:32 1755480 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscordacwks.dll
+ 2011-10-14 12:11 . 2011-07-08 22:31 1755480 c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscordacwks.dll
- 2011-06-28 07:07 . 2011-03-29 22:33 5924176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2011-10-14 12:11 . 2011-07-08 22:33 5924176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
- 2011-06-28 07:07 . 2011-03-29 22:33 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-10-14 12:11 . 2011-07-08 22:33 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2011-09-21 14:18 . 2011-09-21 14:18 4985856 c:\windows\Installer\1aff1a.msp
- 2010-08-26 21:01 . 2011-09-14 19:01 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-08-26 21:01 . 2011-10-14 15:12 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2010-08-26 21:01 . 2011-09-14 19:01 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-08-26 21:01 . 2011-10-14 15:12 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-10-15 12:50 . 2011-10-15 12:50 4962816 c:\windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\bb70e6c85f728c359f1853e2d994dbae\WindowsBase.ni.dll
+ 2011-10-15 13:07 . 2011-10-15 13:07 1459712 c:\windows\assembly\NativeImages_v2.0.50727_64\UIAutomationClients#\888e738b2d4904fc2193ea2237acb01e\UIAutomationClientsideProviders.ni.dll
+ 2011-10-15 12:48 . 2011-10-15 12:48 6948864 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Xml\372dfe1a5b9ed9217b0f491ba07745d2\System.Xml.ni.dll
+ 2011-10-15 13:07 . 2011-10-15 13:07 1818112 c:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\5e18a0dbf5fa5e5ebb20127e46fb5e39\System.WorkflowServices.ni.dll
+ 2011-10-15 12:51 . 2011-10-15 12:51 2711040 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\4dff7cd87ca3c2b4766898d8ab2b701e\System.Workflow.Runtime.ni.dll
+ 2011-10-15 12:51 . 2011-10-15 12:51 5957632 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\7575dfd3d615f498728448fe8e8571b6\System.Workflow.ComponentModel.ni.dll
+ 2011-10-15 12:51 . 2011-10-15 12:51 3895296 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\8f3e0e38f4edce4c92b35942dac4ad17\System.Workflow.Activities.ni.dll
+ 2011-10-15 12:49 . 2011-10-15 12:49 2292224 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\fca39e613dab0ed1907ed299c66af60c\System.Web.Services.ni.dll
+ 2011-10-15 13:07 . 2011-10-15 13:07 3336704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\0710a4905ff11c5534814f8d42e0e477\System.Web.Mobile.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 1155072 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\940213c7e46d21b9f040b617716acd6e\System.Web.Extensions.Design.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 3042304 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\045bff7a31fe725d20809c49e3d022fd\System.Web.Extensions.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 2727936 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Speech\8e2d63ddf8223dab939bbdf5a9a51185\System.Speech.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 2312704 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel#\b2b78a61c8c7b8cb0739c3bad67ed756\System.ServiceModel.Web.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 3073536 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\1377c29b871c7eb768769b5f4bdbb15d\System.Runtime.Serialization.ni.dll
+ 2011-10-15 12:49 . 2011-10-15 12:49 1022976 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\c0d09348275441e052c0ffbac86ce961\System.Runtime.Remoting.ni.dll
+ 2011-10-15 12:51 . 2011-10-15 12:51 1463808 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\ea01287229d87b63089ee4fa545d70a3\System.Printing.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 1472000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management\2fb0402632ad5e804276ac653a95ef80\System.Management.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 1444352 c:\windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\4b0d5f66812e9eba4c647e5441016675\System.IdentityModel.ni.dll
+ 2011-10-15 12:49 . 2011-10-15 12:49 1081344 c:\windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\4b0fd98f11e1e243efcfb810c170decf\System.EnterpriseServices.ni.dll
+ 2011-10-15 12:48 . 2011-10-15 12:48 2311168 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\7913f5c6b6fc7a75b2b8f558bb7b5568\System.Drawing.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 1230848 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\ece506e2c1e0a1bde755dd7d652b5325\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-10-15 12:49 . 2011-10-15 12:49 1640448 c:\windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\3623e2ad193bcccf00ac1107d4f62236\System.DirectoryServices.ni.dll
+ 2011-10-15 12:50 . 2011-10-15 12:50 2444288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\9c394336e3ce35330907d1c51c47951c\System.Deployment.ni.dll
+ 2011-10-15 12:49 . 2011-10-15 12:49 8681472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data\4cfb4616eb3af7f91c1ea7113465860b\System.Data.ni.dll
+ 2011-10-15 12:48 . 2011-10-15 12:48 3463680 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.SqlXml\32cf78868a7f90ad05525253a2540e1f\System.Data.SqlXml.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 2805760 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Services\fe0d1dca499f1ccdee15400593b37cd3\System.Data.Services.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 1868288 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Service#\55c030c014a9cd3ce63b1ce30722b6d7\System.Data.Services.Client.ni.dll
+ 2011-10-15 12:50 . 2011-10-15 12:50 1506816 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.OracleC#\03c0fa3f53e9ddf45a7dce06ae740de8\System.Data.OracleClient.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 3480576 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Linq\6d2a8c2d751cb29ecdbc8a20aac2dd1e\System.Data.Linq.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 1080320 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity.#\2e1600551586106df9abd6ede3dd57df\System.Data.Entity.Design.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 3315200 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Core\eed0dd8cdc46206a76e8c23872fc0787\System.Core.ni.dll
+ 2011-10-15 12:48 . 2011-10-15 12:48 1308160 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\fe860189c078d45125ca6366495fd414\System.Configuration.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 1530368 c:\windows\assembly\NativeImages_v2.0.50727_64\SrpUxSnapIn\6bb26fbae8283643f986174a6b0029c5\SrpUxSnapIn.ni.dll
+ 2011-10-15 12:51 . 2011-10-15 12:51 3116032 c:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\c9ead0d73ee0c798c1509479797611d8\ReachFramework.ni.dll
+ 2011-10-15 12:51 . 2011-10-15 12:51 2109952 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\fd07cec48ab260c1a27c19b37466369f\PresentationUI.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 1884160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationBuildTa#\efa575767e695618224d140941250d8b\PresentationBuildTasks.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 3601920 c:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\8eb00c2e6ad95f84704a73c15934ad64\Narrator.ni.exe
+ 2011-10-15 13:05 . 2011-10-15 13:05 2327552 c:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\487581cba0779ee130e354096f40edd1\MMCEx.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 7970304 c:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\304a3a2c6d63d1ec93f6bcb9397f3078\MIGUIControls.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 2131968 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\f26be213e57cd2abecbcf0d25f2f7954\Microsoft.VisualBasic.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 1598976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Transacti#\014c1c5365a633b4202b23ed09f7599c\Microsoft.Transactions.Bridge.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 2105344 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\d980c42341a396f0980115c80d18ab57\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 1131008 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\6f0bbc912ec21fad139214ca4578a7ed\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 2176512 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\3ee5d92f3782e7d9a59323caeb58e0ca\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2011-10-15 13:05 . 2011-10-15 13:05 5350912 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\0bffc2eeaf9544a9ea24691e9d572438\Microsoft.PowerShell.Editor.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 1516544 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\df43c4f0ad6dbabce22089e305fa2a46\Microsoft.MediaCenter.ni.dll
+ 2011-10-15 12:48 . 2011-10-15 12:48 8979456 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\de245e928d08b5c295917878e23b252c\Microsoft.MediaCenter.UI.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 1170432 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\ae64957bd11cb42df95fb949e690980c\Microsoft.MediaCenter.TV.Tuners.Interop.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 1142784 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\70a990f97a3295782d195bcb052eb69f\Microsoft.MediaCenter.Shell.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 1508864 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\5387155d434c05c803a99ccc94aef146\Microsoft.MediaCenter.Bml.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 3213312 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.JScript\b733f33cc6a07e4cd5bed494cf536af1\Microsoft.JScript.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 2365952 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\ea8f48f12613578b64bd9077bdae4c31\Microsoft.Ink.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 5054976 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.GroupPoli#\93f7b40cef6cafd3ac72d38d64ce4667\Microsoft.GroupPolicy.Reporting.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 2218496 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\f298e576c8e06073fe2310ccf0756396\Microsoft.Build.Tasks.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 2682880 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\9f6d2a67a43f90c37d475d9eb433e98b\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 1137152 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\c8205ffff2cc4dea7093b8c59c3b5a3a\Microsoft.Build.Engine.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 2544640 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Eng#\a288688a887e392b713bb459110507c1\Microsoft.Build.Engine.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 2801664 c:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\9fb794b6ac9dc760681ba3b485996b97\mcstore.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 4088320 c:\windows\assembly\NativeImages_v2.0.50727_64\mcepg\2980298bb4b3f3c844523562d74b0854\mcepg.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 2184192 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiVidCtl\f61f677c8d3ba5191da2d0809bb35fe1\ehiVidCtl.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 1201664 c:\windows\assembly\NativeImages_v2.0.50727_64\ehiProxy\17d0b71391bf67c5a663b140b9a7a936\ehiProxy.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 3347968 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 1047552 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\650f98b105afd8e1f75baaf6bd53050e\UIAutomationClientsideProviders.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 7963648 c:\windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 5453312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 1358336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\613ca3fba5bbcf6e9346170c9c2e4e65\System.WorkflowServices.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\25c595befc09535789e253bc3303a0a1\System.Workflow.Runtime.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 4515840 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\5180b502a692be127171633d9c9f139f\System.Workflow.ComponentModel.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 2995200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\b3b0f81b0a7bd437fa2d65fac020d732\System.Workflow.Activities.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\a512243ee9900e621fb8cd990a9c679d\System.Web.Services.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 2209792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\91df75c9067c079446d43c7a7ff3c4cb\System.Web.Mobile.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\338825754fc0f7046339859ca3ea6da5\System.Web.Extensions.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\0b5017932511872e37f6da04ef4f44b3\System.Speech.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 1707008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\01a1449b79d76e7cf39438cdd55cefbf\System.ServiceModel.Web.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 2347008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\76692f411b404f1db0c95d81dd537c37\System.Runtime.Serialization.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 1044480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\a18184c1609b655455395c522bd9054f\System.Printing.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 1051136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\1049a76b3de293df726d380932215c91\System.Management.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 8872960 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\aaffd889b1ac972c5faf72442e92e6f3\System.Management.Automation.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 1083392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\92422bb40324d57ccd11c1cd9d50d8cf\System.IdentityModel.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 1117184 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f78fa584bb78607b65e8872d925a96af\System.DirectoryServices.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 1806848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\dd2070ee8e6e28ac8dc658404c50ebde\System.Deployment.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 6611456 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f8196c3588c2229e84516af4b6a0ee60\System.Data.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 2508288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\7bfd55df5c38d128885251b92e392943\System.Data.SqlXml.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 2029568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\078dc6604411139bb526d452033ff1d3\System.Data.Services.ni.dll
+ 2011-10-15 13:01 . 2011-10-15 13:01 1378816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\91ee2a5b20d39be70a1d4e39ca9e23bf\System.Data.Services.Client.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\1171b168dc6db0132146d8e26ae00d22\System.Data.OracleClient.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 2516992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\9d9e419b7157083a5a246768b29dd92f\System.Data.Linq.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 9921536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\de785592a16c949cfb67da6781acd156\System.Data.Entity.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 2297856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 1351168 c:\windows\assembly\NativeImages_v2.0.50727_32\SrpUxSnapIn\3e1c46e0d7b52efcaa091e9e5cfad7bf\SrpUxSnapIn.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\eb6d83d30262cb6d1b6f2a47dcf8a37d\ReachFramework.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 1658368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\79f71b891de1584cdcce378e22f047ee\PresentationUI.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 1451520 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\d34f41676aed9e84ef18852d371359e1\PresentationBuildTasks.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 2623488 c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\060646580ce5113ef5e11d3523cbe883\Narrator.ni.exe
+ 2011-10-15 13:00 . 2011-10-15 13:00 1545216 c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\09856e5c68686a53563775f9359e07ac\MMCEx.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 6438912 c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\140333c2f9f1e92323fc9f818c07b737\MIGUIControls.ni.dll
+ 2011-10-15 13:00 . 2011-10-15 13:00 1670144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\32f68764be7200d3796b55e377311245\Microsoft.VisualBasic.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\a31ec9cb215741ea987630aa277ea658\Microsoft.Transactions.Bridge.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 1704960 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\beca29b613b68f68560960310c788ec3\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 3724288 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\88b4d41e45ea4e4bcebdb5815f9e3c24\Microsoft.PowerShell.Editor.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 1681920 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\47b0ffd2f6b8efcfa4289f0b28bcd4cb\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 6499840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\b11b4fa45813bd841c1af80f9ab8352c\Microsoft.MediaCenter.UI.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 1009664 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\94bcff06d28b48be47c7776cec72bbb1\Microsoft.MediaCenter.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 2335744 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\a2c9438aa64633f2dc8ef0cf069b57c5\Microsoft.JScript.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 1361408 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\d8c9bc51701795a194e6695a137241e4\Microsoft.Ink.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 4071424 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.GroupPoli#\ecd72b4d45ff21f6850ed15b6d66863e\Microsoft.GroupPolicy.Reporting.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 1970176 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\b6942de187e833d0ec47d9267270ae2b\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\1e563d8dfdd4017cdc06ed6e845ff9c7\Microsoft.Build.Tasks.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\84a01599d405e5f2de5eac2da2f13424\Microsoft.Build.Engine.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 2035712 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\a2e0652abfd57dcacef112f2b0beecaf\mcstore.ni.dll
+ 2011-10-15 12:59 . 2011-10-15 12:59 3025920 c:\windows\assembly\NativeImages_v2.0.50727_32\mcepg\67cb5c00eb2555fb2972fe924e592cce\mcepg.ni.dll
+ 2011-10-14 12:11 . 2011-07-08 22:31 4567040 c:\windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-06-28 07:07 . 2011-03-29 22:32 4567040 c:\windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-10-14 12:11 . 2011-07-08 22:33 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-06-28 07:07 . 2011-03-29 22:33 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-10-14 12:12 . 2011-08-20 04:26 10991104 c:\windows\SysWOW64\ieframe.dll
- 2011-08-10 15:54 . 2011-06-21 05:25 10991104 c:\windows\SysWOW64\ieframe.dll
- 2009-07-14 02:34 . 2011-09-14 19:01 10747904 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2011-10-15 12:46 10747904 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2010-08-30 06:26 . 2011-10-14 15:12 50086344 c:\windows\system32\MRT.exe
+ 2011-10-14 12:12 . 2011-08-20 05:33 12261888 c:\windows\system32\ieframe.dll
+ 2011-10-15 12:48 . 2011-10-15 12:48 10618880 c:\windows\assembly\NativeImages_v2.0.50727_64\System\8c862eb9bcba031e1479974a7d62aa0b\System.ni.dll
+ 2011-10-15 12:50 . 2011-10-15 12:50 17379840 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\bc4df91390f1b827ecb62a2edd0d1894\System.Windows.Forms.ni.dll
+ 2011-10-15 12:49 . 2011-10-15 12:49 15249408 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\93cc78cbd13e319ffaba642c2f7a513a\System.Web.ni.dll
+ 2011-10-15 13:02 . 2011-10-15 13:02 23913984 c:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\4ae2cc43ea27f162942af679bf0eaaf8\System.ServiceModel.ni.dll
+ 2011-10-15 13:04 . 2011-10-15 13:04 11900928 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\2cafbf62a43038d57239173614435a88\System.Management.Automation.ni.dll
+ 2011-10-15 12:49 . 2011-10-15 12:49 13609472 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\f52ae9aeb5bb355a66b3d8ffea6fdd32\System.Design.ni.dll
+ 2011-10-15 13:06 . 2011-10-15 13:06 13760000 c:\windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\2d06fb193634c8d3951a01878f7d3297\System.Data.Entity.ni.dll
+ 2011-10-15 12:51 . 2011-10-15 12:51 19195392 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\92eba0d443a423072e9c4b7ca1eec4cd\PresentationFramework.ni.dll
+ 2011-10-15 12:50 . 2011-10-15 12:50 16540160 c:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\11214511a256f136b8425bdd316b47c9\PresentationCore.ni.dll
+ 2011-10-15 12:47 . 2011-10-15 12:47 15568384 c:\windows\assembly\NativeImages_v2.0.50727_64\mscorlib\1d2d3e57724bcacaea5e41063dc565c1\mscorlib.ni.dll
+ 2011-10-15 13:03 . 2011-10-15 13:03 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\c03fb13c164087d7198b2a9cb6e39daf\ehshell.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 12433408 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 11819520 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll
+ 2011-10-15 12:58 . 2011-10-15 12:58 17478656 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\64ef7169e1266b6a98131b82bddd234b\System.ServiceModel.ni.dll
+ 2011-10-15 12:53 . 2011-10-15 12:53 10580480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\140798ae061bae9c9110c07d018b66fd\System.Design.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 14339072 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 12234752 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
+ 2011-10-15 12:52 . 2011-10-15 12:52 11490304 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
.
-- Snapshot auf jetziges Datum zurückgesetzt --
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-08-02 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-11-10 281768]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-05-14 2426368]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-12 136360]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-07-15 375176]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2010-09-17 15928]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2010-09-17 57928]
"combofix"="c:\combofix\CF14135.3XE" [2010-11-20 345088]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to iPhone Converter - c:\users\Red1\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm
IE: Free YouTube to Mp3 Converter - c:\users\Red1\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Red1\AppData\Roaming\Mozilla\Firefox\Profiles\iti6ejmz.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - google.de
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-10-16 15:26:53 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-10-16 13:26
ComboFix2.txt 2011-10-14 14:00
.
Vor Suchlauf: 15 Verzeichnis(se), 382.852.395.008 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 383.287.619.584 Bytes frei
.
- - End Of File - - 8A5B9EC94A237AEAC9EBDA5AF224FB6E
|
|
| Themen zu Desktop schwarz, kein Zugriff mehr auf Dateien, Programme lassen sich nur durch Befehle öffnen.. |
| alles weg, alternate, antivir, avira, bho, bonjour, browser, c:\windows\system32\rundll32.exe, converter, desktop, desktop schwarz alle datein weg, enigma, error, festplatte, firefox, helper, hängt, iexplore.exe, internetzugriff bei bestimmten programmen verweigert (firefox), logfile, mp3, object, plug-in, problem, programm, scan, security, senden, software, startmenü leer, studio, vdeck.exe, virus, warum, webcheck, windows |
Linear-Darstellung
