| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PUP.Blabbers / searchplusnetwork.comWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.10.2012, 13:19
| #1 |
 |  PUP.Blabbers / searchplusnetwork.com Hallo liebes Trojanerboard-Team. Nachdem ich mir die kostenlose Software "Foxit Reader" von der Seite Softonic.de heruntergeladen habe gibt es Probleme mit Firefox. Und zwar richtet sich die Seite searchplusnetwork.com immer wieder als Startseite meines Browsers ein. Ich habe dann eigenständig Malwarebytes durchlaufen lassen und einige Dateien entfernt. Dennoch hat sich nichts verändert. Ihr seid meine letzte Hoffnung. Ich habe mich streng an eure Vorgaben gehalten. Vorab die Malwarebytes-Logs: Code:
ATTFilter cMalwarebytes Anti-Malware (Test) 1.65.1.1000
www.malwarebytes.org
Datenbank Version: v2012.10.26.11
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
*** :: *** [Administrator]
Schutz: Aktiviert
26.10.2012 22:45:19
mbam-log-2012-10-26 (22-45-19).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 215825
Laufzeit: 2 Minute(n), 58 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 19
HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Registrierungswerte: 3
HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 3
C:\Program Files (x86)\GinyasBrowserCompanion\jsloader.dll (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\GinyasBrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\GinyasBrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.10.26.11 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 *** :: *** [Administrator] Schutz: Aktiviert 27.10.2012 11:33:11 mbam-log-2012-10-27 (11-33-11).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 377079 Laufzeit: 1 Stunde(n), 12 Minute(n), 16 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\***\AppData\LocalLow\bbrs_002.tb\content\BCHelper.exe (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter OTL logfile created on: 27.10.2012 13:28:00 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\scary\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8.00 Gb Total Physical Memory | 5.71 Gb Available Physical Memory | 71.43% Memory free 16.00 Gb Paging File | 13.47 Gb Available in Paging File | 84.20% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97.56 Gb Total Space | 27.98 Gb Free Space | 28.68% Space Free | Partition Type: NTFS Drive D: | 274.95 Gb Total Space | 77.16 Gb Free Space | 28.06% Space Free | Partition Type: NTFS Computer Name: *** | User Name: scary | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.27 13:25:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\scary\Desktop\OTL.exe PRC - [2012.10.21 11:54:36 | 000,741,056 | ---- | M] () -- C:\Users\scary\AppData\Roaming\GinyasBrowserCompanion\tbhcn.exe PRC - [2012.10.14 07:49:52 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012.10.10 01:27:46 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.09.25 10:52:48 | 000,386,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.08.30 21:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012.08.30 10:40:00 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe ========== Modules (No Company Name) ========== MOD - [2012.10.21 11:54:36 | 000,741,056 | ---- | M] () -- C:\Users\scary\AppData\Roaming\GinyasBrowserCompanion\tbhcn.exe MOD - [2012.10.14 07:49:52 | 002,294,240 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012.10.10 01:27:46 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll MOD - [2012.08.30 10:39:42 | 000,374,120 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ========== Services (SafeList) ========== SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.10.25 16:14:22 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.10.14 07:49:52 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.10.10 01:27:46 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.08.30 21:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.08.30 10:40:00 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.10.10 04:08:03 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2012.10.01 17:14:23 | 000,129,576 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.09.24 09:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.09.13 15:52:59 | 000,099,248 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.07.03 17:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2009.09.17 19:04:18 | 001,250,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.04 18:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchplusnetwork.com/?sp=st3 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D1 A3 25 FE 72 A6 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.searchplusnetwork.com/?sp=st3&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Plus! Network" FF - prefs.js..browser.startup.homepage: "hxxp://www.searchplusnetwork.com/?sp=st3" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.14 07:49:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.14 07:49:53 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.10 01:10:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\scary\AppData\Roaming\mozilla\Extensions [2012.10.26 00:26:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\scary\AppData\Roaming\mozilla\Firefox\Profiles\68o0lesx.default\extensions [2012.10.26 00:26:33 | 000,000,000 | ---D | M] (Ginyas Browser Companion) -- C:\Users\scary\AppData\Roaming\mozilla\Firefox\Profiles\68o0lesx.default\extensions\bbrs_002@blabbers.com [2012.10.10 12:51:15 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\scary\AppData\Roaming\mozilla\firefox\profiles\68o0lesx.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.10.27 11:27:11 | 000,002,790 | ---- | M] () -- C:\Users\scary\AppData\Roaming\mozilla\firefox\profiles\68o0lesx.default\searchplugins\Plusnetwork.xml [2012.10.14 07:49:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.10.14 07:49:53 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.10.14 07:49:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.10.14 07:49:50 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.10.14 07:49:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.10.14 07:49:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.10.14 07:49:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.10.14 07:49:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKCU..\Run: [La_View Mouse] C:\PROGRA~2\scary\HAMAS1~1\S1_2k.exe () O4 - HKCU..\Run: [Steam] "D:\Steam\Steam.exe" -silent File not found O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation) O4 - Startup: C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\scary\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk = C:\Users\scary\AppData\Roaming\GinyasBrowserCompanion\tbhcn.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F1CB49F-997D-4A81-A47D-3570193B21E0}: DhcpNameServer = 192.168.2.1 192.168.2.1 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1 [2012.10.27 13:25:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\scary\Desktop\OTL.exe [2012.10.26 22:42:41 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Malwarebytes [2012.10.26 22:42:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.26 22:42:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.10.26 22:42:33 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.10.26 22:42:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.10.26 00:26:32 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\GinyasBrowserCompanion [2012.10.26 00:26:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software [2012.10.20 15:20:11 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps [2012.10.16 13:20:17 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\CrashRpt [2012.10.16 13:20:17 | 000,000,000 | ---D | C] -- C:\Users\scary\Documents\Arktos [2012.10.16 13:20:17 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\Arktos [2012.10.16 00:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The War Z [2012.10.14 07:49:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.10.12 17:59:48 | 000,000,000 | ---D | C] -- C:\Users\scary\Documents\ArmA 2 Other Profiles [2012.10.12 17:05:19 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\DayZCommander [2012.10.12 17:03:59 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\ArmA 2 OA [2012.10.12 17:00:56 | 000,000,000 | ---D | C] -- C:\Users\scary\Documents\ArmA 2 [2012.10.12 17:00:56 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\ArmA 2 [2012.10.12 17:00:52 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive [2012.10.12 17:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive [2012.10.12 01:35:37 | 000,000,000 | --SD | C] -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2012.10.12 01:35:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2012.10.11 18:20:58 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Fatshark [2012.10.11 17:34:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab [2012.10.11 17:34:11 | 000,000,000 | ---D | C] -- C:\Users\scary\SystemRequirementsLab [2012.10.11 14:01:35 | 000,000,000 | ---D | C] -- C:\Users\scary\Documents\LOLReplay [2012.10.11 01:27:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LOLReplay [2012.10.10 18:21:30 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\Windows Live [2012.10.10 18:20:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2012.10.10 18:15:36 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Sony [2012.10.10 18:15:36 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\Sony [2012.10.10 17:47:52 | 000,000,000 | ---D | C] -- C:\Users\scary\Documents\Blubb [2012.10.10 17:14:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\scary [2012.10.10 17:14:23 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HamaS1 [2012.10.10 17:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HamaS1 [2012.10.10 15:29:15 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\TS3Client [2012.10.10 09:33:05 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\SYSTEMAX Software Development [2012.10.10 09:33:05 | 000,000,000 | ---D | C] -- C:\ProgramData\SYSTEMAX Software Development [2012.10.10 05:40:59 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\LolClient [2012.10.10 05:31:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2012.10.10 05:25:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2012.10.10 05:05:01 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\NVIDIA [2012.10.10 04:45:09 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\PMB Files [2012.10.10 04:45:08 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2012.10.10 04:44:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2012.10.10 04:13:45 | 000,242,176 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\Dts2APO.dll [2012.10.10 04:13:45 | 000,193,024 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\ViaMicArrayAPO.dll [2012.10.10 04:13:45 | 000,086,016 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll [2012.10.10 04:13:45 | 000,082,432 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll [2012.10.10 04:13:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA [2012.10.10 04:13:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2012.10.10 04:08:26 | 000,236,544 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2012.10.10 04:08:26 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2012.10.10 04:08:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2012.10.10 03:35:42 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012.10.10 03:35:02 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012.10.10 03:33:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2012.10.10 03:33:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client [2012.10.10 02:52:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2012.10.10 02:52:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2012.10.10 02:49:10 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll [2012.10.10 02:49:03 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll [2012.10.10 02:39:57 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Avira [2012.10.10 02:34:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.10.10 02:34:30 | 000,129,576 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.10.10 02:34:30 | 000,099,248 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.10.10 02:34:30 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.10.10 02:34:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.10.10 02:34:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2012.10.10 02:20:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012.10.10 01:57:43 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2012.10.10 01:55:41 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Dropbox [2012.10.10 01:51:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2012.10.10 01:51:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2012.10.10 01:47:25 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2012.10.10 01:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2012.10.10 01:40:46 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012.10.10 01:40:46 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012.10.10 01:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012.10.10 01:40:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2012.10.10 01:39:45 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012.10.10 01:38:37 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\.minecraft [2012.10.10 01:35:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012.10.10 01:35:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.10.10 01:35:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012.10.10 01:28:39 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Macromedia [2012.10.10 01:28:39 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\Macromedia [2012.10.10 01:28:39 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Adobe [2012.10.10 01:27:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2012.10.10 01:27:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2012.10.10 01:23:45 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\vlc [2012.10.10 01:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.10.10 01:22:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2012.10.10 01:20:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012.10.10 01:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2012.10.10 01:18:31 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012.10.10 01:10:45 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Mozilla [2012.10.10 01:10:45 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\Mozilla [2012.10.10 01:10:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012.10.10 01:10:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.10.10 00:55:57 | 000,000,000 | R--D | C] -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.10.10 00:55:57 | 000,000,000 | R--D | C] -- C:\Users\scary\Searches [2012.10.10 00:55:57 | 000,000,000 | R--D | C] -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.10.10 00:55:48 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Identities [2012.10.10 00:55:45 | 000,000,000 | R--D | C] -- C:\Users\scary\Contacts [2012.10.10 00:55:44 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\VirtualStore [2012.10.10 00:55:29 | 000,000,000 | --SD | C] -- C:\Users\scary\AppData\Roaming\Microsoft [2012.10.10 00:55:29 | 000,000,000 | RHSD | C] -- C:\Users\scary\Documents\Eigene Videos [2012.10.10 00:55:29 | 000,000,000 | RHSD | C] -- C:\Users\scary\Documents\Eigene Musik [2012.10.10 00:55:29 | 000,000,000 | RHSD | C] -- C:\Users\scary\Documents\Eigene Bilder [2012.10.10 00:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\Videos [2012.10.10 00:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\Saved Games [2012.10.10 00:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\Pictures [2012.10.10 00:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\Music [2012.10.10 00:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.10.10 00:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\Links [2012.10.10 00:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\Favorites [2012.10.10 00:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\Downloads [2012.10.10 00:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\Documents [2012.10.10 00:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\Desktop [2012.10.10 00:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.10.10 00:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\Vorlagen [2012.10.10 00:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\AppData\Local\Verlauf [2012.10.10 00:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\AppData\Local\Temporary Internet Files [2012.10.10 00:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\Startmenü [2012.10.10 00:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\SendTo [2012.10.10 00:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\Recent [2012.10.10 00:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\Netzwerkumgebung [2012.10.10 00:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\Lokale Einstellungen [2012.10.10 00:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\Eigene Dateien [2012.10.10 00:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\Druckumgebung [2012.10.10 00:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\Cookies [2012.10.10 00:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\AppData\Local\Anwendungsdaten [2012.10.10 00:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\Anwendungsdaten [2012.10.10 00:55:29 | 000,000,000 | -H-D | C] -- C:\Users\scary\AppData [2012.10.10 00:55:29 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\Temp [2012.10.10 00:55:29 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\Microsoft [2012.10.10 00:55:29 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Media Center Programs [2012.10.10 00:55:21 | 000,000,000 | -HSD | C] -- C:\Recovery [2012.10.10 00:55:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.10.10 00:55:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.10.10 00:55:20 | 000,000,000 | -HSD | C] -- C:\Programme [2012.10.10 00:55:20 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2012.10.10 00:55:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.10.10 00:55:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2012.10.10 00:55:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2012.10.10 00:55:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2012.10.10 00:55:20 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2012.10.10 00:55:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.10.10 00:55:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.10.10 00:51:10 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012.10.10 00:48:37 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012.10.10 00:48:11 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012.10.09 21:27:47 | 000,000,000 | ---D | C] -- C:\Users\scary\Documents\Downloads [2012.10.09 21:20:28 | 000,000,000 | R--D | C] -- C:\Users\scary\Documents\My Dropbox ========== Files - Modified Within 30 Days ========== [2012.10.27 13:25:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\scary\Desktop\OTL.exe [2012.10.27 13:24:36 | 000,000,000 | ---- | M] () -- C:\Users\scary\defogger_reenable [2012.10.27 13:22:48 | 000,050,477 | ---- | M] () -- C:\Users\scary\Desktop\Defogger.exe [2012.10.27 12:47:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.27 11:14:14 | 000,014,368 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.27 11:14:14 | 000,014,368 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.27 11:10:58 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.10.27 11:10:58 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.10.27 11:10:58 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.10.27 11:10:58 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.10.27 11:10:58 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.10.27 11:06:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.27 11:06:36 | 2146,934,783 | -HS- | M] () -- C:\hiberfil.sys [2012.10.26 00:26:33 | 000,002,236 | ---- | M] () -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk [2012.10.26 00:26:33 | 000,000,043 | ---- | M] () -- C:\END [2012.10.13 16:02:24 | 000,292,776 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.10.11 01:27:51 | 000,001,997 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk [2012.10.10 20:04:22 | 000,000,020 | ---- | M] () -- C:\Windows\8÷Ú [2012.10.10 18:27:13 | 000,000,020 | ---- | M] () -- C:\Windows\ÜöÊ [2012.10.10 04:19:03 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.10.10 04:08:03 | 000,236,544 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2012.10.10 04:08:03 | 000,067,584 | ---- | M] () -- C:\Windows\SysNative\RtNicProp64.dll [2012.10.10 01:58:00 | 000,001,047 | ---- | M] () -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.10.10 01:37:58 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012.10.10 01:37:58 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012.10.10 00:51:58 | 000,057,035 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012.10.10 00:51:58 | 000,057,035 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2012.10.09 10:18:00 | 000,014,539 | ---- | M] () -- C:\Users\scary\Documents\Traumtagebuch.odt [2012.10.01 17:14:23 | 000,129,576 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys ========== Files Created - No Company Name ========== [2012.10.27 13:24:36 | 000,000,000 | ---- | C] () -- C:\Users\scary\defogger_reenable [2012.10.27 13:22:45 | 000,050,477 | ---- | C] () -- C:\Users\scary\Desktop\Defogger.exe [2012.10.26 00:26:33 | 000,002,236 | ---- | C] () -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk [2012.10.26 00:26:33 | 000,000,043 | ---- | C] () -- C:\END [2012.10.11 01:27:51 | 000,001,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk [2012.10.11 01:27:51 | 000,001,917 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk [2012.10.10 20:04:22 | 000,000,020 | ---- | C] () -- C:\Windows\8÷Ú [2012.10.10 18:27:13 | 000,000,020 | ---- | C] () -- C:\Windows\ÜöÊ [2012.10.10 17:14:23 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\actskn43.ocx [2012.10.10 04:19:03 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.10.10 04:13:56 | 000,001,218 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk [2012.10.10 04:08:26 | 000,067,584 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2012.10.10 02:49:37 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd [2012.10.10 02:48:59 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml [2012.10.10 02:48:57 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml [2012.10.10 02:48:57 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml [2012.10.10 02:48:49 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc [2012.10.10 02:48:49 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml [2012.10.10 01:58:00 | 000,001,047 | ---- | C] () -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.10.10 01:41:01 | 003,487,434 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin [2012.10.10 01:40:18 | 000,016,366 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2012.10.10 01:37:58 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012.10.10 01:37:58 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012.10.10 01:27:48 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.10 00:56:05 | 000,001,409 | ---- | C] () -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012.10.10 00:55:59 | 000,001,443 | ---- | C] () -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.10.10 00:51:52 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012.10.10 00:51:42 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012.10.10 00:48:11 | 2146,934,783 | -HS- | C] () -- C:\hiberfil.sys [2012.08.30 10:40:14 | 000,429,416 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.10.10 05:05:01 | 000,000,000 | ---D | M] -- C:\Users\scary\AppData\Roaming\.minecraft [2012.10.27 11:07:26 | 000,000,000 | ---D | M] -- C:\Users\scary\AppData\Roaming\Dropbox [2012.10.11 18:20:58 | 000,000,000 | ---D | M] -- C:\Users\scary\AppData\Roaming\Fatshark [2012.10.27 13:27:11 | 000,000,000 | ---D | M] -- C:\Users\scary\AppData\Roaming\GinyasBrowserCompanion [2012.10.10 05:40:59 | 000,000,000 | ---D | M] -- C:\Users\scary\AppData\Roaming\LolClient [2012.10.10 18:15:36 | 000,000,000 | ---D | M] -- C:\Users\scary\AppData\Roaming\Sony [2012.10.10 09:33:05 | 000,000,000 | ---D | M] -- C:\Users\scary\AppData\Roaming\SYSTEMAX Software Development [2012.10.27 11:30:10 | 000,000,000 | ---D | M] -- C:\Users\scary\AppData\Roaming\TS3Client ========== Purity Check ========== < End of report > Ich hoffe ich habe bisher alles richtig gemacht und hoffe ihr könnt mir helfen. Gruß Olaf |
|
27.10.2012, 21:05
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | PUP.Blabbers / searchplusnetwork.comZitat:
 Finger weg von Softonic!!  Softonic ist eine Toolbar- und Adwareschleuder! Finger weg! Software lädt man sich mit oberster Priorität direkt vom Hersteller oder von Filepony aber nicht von solchen Toolbarklitschen wie Softonic! Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt? Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
28.10.2012, 00:27
| #3 |
| | PUP.Blabbers / searchplusnetwork.com Hier dann die extras.txt im Codefeld verpackt statt als Anhang:
__________________Code:
ATTFilter OTL Extras logfile created on: 27.10.2012 13:28:00 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\scary\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8.00 Gb Total Physical Memory | 5.71 Gb Available Physical Memory | 71.43% Memory free
16.00 Gb Paging File | 13.47 Gb Available in Paging File | 84.20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97.56 Gb Total Space | 27.98 Gb Free Space | 28.68% Space Free | Partition Type: NTFS
Drive D: | 274.95 Gb Total Space | 77.16 Gb Free Space | 28.06% Space Free | Partition Type: NTFS
Computer Name: *** | User Name: scary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2DCBB47A-E7E4-49AA-93BE-5CCEA39C7B85}" = lport=56535 | protocol=17 | dir=in | name=pando media booster |
"{376A8742-D8A2-4915-BFF9-CD9F4B80BEF4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{39ACBD8F-2471-4C55-B568-A468B14A5F67}" = lport=138 | protocol=17 | dir=in | app=system |
"{3F805552-2D56-4900-AC35-83785265206F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{431DB0D0-6FB9-46EA-9D3A-1AE409395FFB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{56B5DD05-EC9B-4B73-8A8F-7D6209B2C807}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5F5A7ABD-2735-4658-AD86-2BD0B98B7AAF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6DC2EB4A-3969-4879-8022-E2D4EF9FC496}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7594C67C-01C2-4724-B8F7-2315D9EAB984}" = rport=138 | protocol=17 | dir=out | app=system |
"{81768EE2-1772-4CD6-89D5-CB3408C0D7EE}" = rport=445 | protocol=6 | dir=out | app=system |
"{8477B54B-F6F0-47A0-9078-80ADC2075FFE}" = lport=445 | protocol=6 | dir=in | app=system |
"{853AD386-1845-43F8-AB0E-CC19FEECAC0E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8AC853FF-E531-492D-8989-D5D566E959A1}" = lport=139 | protocol=6 | dir=in | app=system |
"{8AD6DB91-63C6-466A-A214-320E0448B71A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{94782510-60F7-4F95-981D-CB1905D22AB3}" = lport=56535 | protocol=6 | dir=in | name=pando media booster |
"{A445A096-3F3F-4E6E-AB37-FC207D3E5AED}" = lport=2869 | protocol=6 | dir=in | app=system |
"{ADE5A99C-37CB-422E-A51D-B611F96A104A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AE2DEF1F-6BA7-43AB-B0AF-99560638D2C1}" = rport=137 | protocol=17 | dir=out | app=system |
"{B360F3B0-C28B-4B27-B8D8-D671604782EC}" = rport=139 | protocol=6 | dir=out | app=system |
"{D8960110-445C-43CE-82DB-892F29FFFA99}" = lport=56535 | protocol=17 | dir=in | name=pando media booster |
"{DD57609F-42EF-4ACA-A087-C00BEC4D8C4B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E1E19306-C3E3-4EF4-A485-4D303399F582}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F4173994-4604-409A-9636-D748445249B1}" = lport=56535 | protocol=6 | dir=in | name=pando media booster |
"{F539467A-9C6E-4D6D-A9F5-BAF20CBC1C9F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FED838DA-F365-4FD8-AEC3-57E2E1C979C3}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D4EEF6-BD61-4020-9C5C-1677B266DAD5}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\dota 2 beta\dota.exe |
"{05E7C3CC-53F8-4573-9C8D-A0DB551E546D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0E87F9C9-F627-4401-841B-8C6B0A223E29}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2A61F1C6-8A9F-4E00-BC72-8C31C4BDA3A7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2EB30D56-6D23-4EB7-9B42-936793B879CC}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{3231DED5-9D0A-42F8-BB4F-7B12BC53D5FB}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3A59C31A-683F-494D-A292-2D04582BD6FD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{410570A6-6D11-4DD7-ACE4-0BE217912AA5}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{477C3F11-33CF-45F4-A932-3846B0F17498}" = dir=in | app=d:\games\the war z\warz.exe |
"{47C3F7DD-F72C-40E7-A854-48F2D11485B0}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4D5B1683-CE5B-401A-8041-7A148A34D78E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{62813CEF-F82F-4F6A-8814-6B740BC59EAD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{66CD07FF-0991-40C8-83BC-15C72251144F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6E9540BA-67D6-40B8-84E7-3DE01C95DA49}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{82024DA3-4A5E-40E8-9091-A427F748C348}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\war of the roses\run_game.exe |
"{8248A227-7621-4BD7-90A7-D88C75648F63}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{87BCA31D-7E82-4E76-B681-CC4730A73D6F}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\dota 2 beta\dota.exe |
"{8A3485F9-3F05-4EF5-8213-6D3707C8D476}" = protocol=17 | dir=in | app=c:\users\scary\appdata\roaming\dropbox\bin\dropbox.exe |
"{8C2CD27A-FCF8-4F41-9075-7BBCED629BA7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AA4A2A67-A43C-46FA-800D-180B476CE88B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B326821F-8029-4D85-AF66-9C3DFAB9705B}" = protocol=6 | dir=out | app=system |
"{B8350409-872A-4D54-B801-E5A2EE95C8E0}" = protocol=6 | dir=in | app=c:\users\scary\appdata\roaming\dropbox\bin\dropbox.exe |
"{C6FD2407-56BC-405F-B2D5-998F533C93E1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CA04059E-37AA-4D12-8AF8-7486D3CBF579}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{CCBE9C2E-BE59-43AD-8BE0-E2694EA043A9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D1568115-7909-4232-88B6-AA09FC11D0A3}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D5A3CC30-AC73-4999-8B14-75A697976A45}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DD04EBC2-60D4-4E7D-9DA1-8BFF044A269A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E4FAE247-F2D3-43D3-B583-F6DFC97E9C46}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E6167337-7E76-4271-8578-3E0651A490DE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EA0441CB-28A8-4159-B17F-C532BD2E8E0A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EB7DB64D-381A-4667-A19B-77A0D5C922C5}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{F06805B7-35D1-4565-9FD8-CAFAAFDC0ED6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F0FB3305-64AB-470F-A566-FAA7C66517A7}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\war of the roses\run_game.exe |
"{F2E21443-6330-44AD-88F4-B737B1814467}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{2342B92A-E237-4F83-A129-43B75377AA86}D:\games\steam\steam.exe" = protocol=6 | dir=in | app=d:\games\steam\steam.exe |
"TCP Query User{BC415C8D-44CD-4D3F-9900-32665D3BD6C0}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{EAEC2BE7-4560-4F1E-BCAC-381A7F1AF46B}D:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"UDP Query User{1631E2FF-D2F8-4136-A211-E57432FE5804}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"UDP Query User{55656E68-36C5-4463-9B8E-3B28E41454D4}D:\games\steam\steam.exe" = protocol=17 | dir=in | app=d:\games\steam\steam.exe |
"UDP Query User{FE930ADF-B2E1-454D-9070-D62C07982F19}D:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D3364347-0A05-CA85-1DAD-80A7A75BF677}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{67686439-FBC8-4342-9748-D42BA10F7994}" = DayZ Commander
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1" = The War Z version alpha
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"Foxit Reader_is1" = Foxit Reader
"Fraps" = Fraps (remove only)
"Hama Slide S1 Gaming Mouse" = Hama Slide S1 Gaming Mouse
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"LOLReplay" = LOLReplay
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Mozilla Firefox 16.0.1 (x86 de)" = Mozilla Firefox 16.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Steam App 42160" = War of the Roses
"Steam App 570" = Dota 2
"Steam App 730" = Counter-Strike: Global Offensive
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.0.3
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.10.2012 21:56:12 | Computer Name = *** | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: a9c Startzeit: 01cda68832783181 Endzeit: 4860 Anwendungspfad:
C:\Windows\Explorer.EXE Berichts-ID: a51b1cba-127d-11e2-9c56-00252255807d
Error - 09.10.2012 23:35:52 | Computer Name = *** | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 16.10.2012 01:15:23 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: WarZlauncher.exe.new.exe, Version:
0.0.0.0, Zeitstempel: 0x507c89c3 Name des fehlerhaften Moduls: WarZlauncher.exe.new.exe,
Version: 0.0.0.0, Zeitstempel: 0x507c89c3 Ausnahmecode: 0x80000003 Fehleroffset:
0x00181042 ID des fehlerhaften Prozesses: 0x17c0 Startzeit der fehlerhaften Anwendung:
0x01cdab2824aa8950 Pfad der fehlerhaften Anwendung: D:\Games\The War Z\WarZlauncher.exe.new.exe
Pfad
des fehlerhaften Moduls: D:\Games\The War Z\WarZlauncher.exe.new.exe Berichtskennung:
7c7f2666-1750-11e2-a4bd-00252255807d
Error - 17.10.2012 14:38:15 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: WarZ.exe, Version: 0.0.0.0, Zeitstempel:
0x507e0538 Name des fehlerhaften Moduls: WarZ.exe, Version: 0.0.0.0, Zeitstempel:
0x507e0538 Ausnahmecode: 0xc0000417 Fehleroffset: 0x002f601f ID des fehlerhaften Prozesses:
0xcb4 Startzeit der fehlerhaften Anwendung: 0x01cdac95f9c1cf60 Pfad der fehlerhaften
Anwendung: D:\Games\The War Z\WarZ.exe Pfad des fehlerhaften Moduls: D:\Games\The
War Z\WarZ.exe Berichtskennung: cf3b8aab-1889-11e2-9f5e-00252255807d
Error - 21.10.2012 15:49:13 | Computer Name = *** | Source = Application Hang | ID = 1002
Description = Programm wotr.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 638 Startzeit:
01cdafab3a6a81fd Endzeit: 721 Anwendungspfad: D:\Games\Steam\steamapps\common\War
of the Roses\wotr.exe Berichts-ID:
Error - 25.10.2012 18:23:52 | Computer Name = *** | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "D:\SoftonicDownloader_fuer_foxit-pdf-reader.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 25.10.2012 18:23:54 | Computer Name = *** | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "D:\SoftonicDownloader_fuer_foxit-pdf-reader.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 25.10.2012 18:23:57 | Computer Name = *** | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "D:\SoftonicDownloader_fuer_foxit-pdf-reader.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 25.10.2012 18:26:34 | Computer Name = *** | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "D:\SoftonicDownloader_fuer_foxit-pdf-reader.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 26.10.2012 16:44:23 | Computer Name = *** | Source = Application Hang | ID = 1002
Description = Programm mbam-setup.tmp, Version 51.52.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: b9c Startzeit:
01cdb3ba81a0f5d9 Endzeit: 0 Anwendungspfad: C:\Users\scary\AppData\Local\Temp\is-K237J.tmp\mbam-setup.tmp
Berichts-ID:
[ System Events ]
Error - 10.10.2012 03:25:03 | Computer Name = *** | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 10.10.2012 03:25:03 | Computer Name = *** | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 10.10.2012 03:25:04 | Computer Name = *** | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 14.10.2012 07:08:49 | Computer Name = *** | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?14.?10.?2012 um 12:56:52 unerwartet heruntergefahren.
Error - 26.10.2012 09:29:15 | Computer Name = *** | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{2F1CB49F-997D-4A81-A47D-3570193B21E0} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 26.10.2012 15:31:15 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 26.10.2012 15:31:15 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 26.10.2012 16:43:49 | Computer Name = *** | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst MBAMScheduler erreicht.
Error - 27.10.2012 07:13:17 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows-Fehlerberichterstattungsdienst erreicht.
Error - 27.10.2012 07:13:47 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows-Fehlerberichterstattungsdienst erreicht.
< End of report >
Von daher habe ich leider keine zusätzlichen Logs die ich noch einstellen könnte. Hoffe die derzeitigen Logs reichen aus um das Problem auszumachen. |
|
28.10.2012, 11:50
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PUP.Blabbers / searchplusnetwork.com 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
28.10.2012, 14:51
| #5 |
| | PUP.Blabbers / searchplusnetwork.com Hier das aswMBR-Log: Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-28 14:26:27
-----------------------------
14:26:27.577 OS Version: Windows x64 6.1.7601 Service Pack 1
14:26:27.577 Number of processors: 4 586 0x503
14:26:27.577 ComputerName: *** UserName: scary
14:26:28.452 Initialize success
14:27:49.672 AVAST engine defs: 12102800
14:27:58.782 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:27:58.782 Disk 0 Vendor: SAMSUNG_HD401LJ ZZ100-15 Size: 381554MB BusType: 3
14:27:58.844 Disk 0 MBR read successfully
14:27:58.860 Disk 0 MBR scan
14:27:58.860 Disk 0 Windows 7 default MBR code
14:27:58.891 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:27:58.907 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 99900 MB offset 206848
14:27:58.938 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 281552 MB offset 204802048
14:27:58.969 Disk 0 scanning C:\Windows\system32\drivers
14:28:09.172 Service scanning
14:28:27.235 Modules scanning
14:28:27.250 Disk 0 trace - called modules:
14:28:27.266 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
14:28:27.297 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80079e2060]
14:28:27.297 3 CLASSPNP.SYS[fffff8800194e43f] -> nt!IofCallDriver -> [0xfffffa800790a9b0]
14:28:27.313 5 ACPI.sys[fffff88000f807a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80079d6060]
14:28:27.719 AVAST engine scan C:\Windows
14:28:29.172 AVAST engine scan C:\Windows\system32
14:31:09.485 AVAST engine scan C:\Windows\system32\drivers
14:31:22.610 AVAST engine scan C:\Users\scary
14:36:57.704 AVAST engine scan C:\ProgramData
14:37:16.110 Scan finished successfully
14:40:47.283 Disk 0 MBR has been saved successfully to "C:\Users\scary\Desktop\MBR.dat"
14:40:47.283 The log file has been saved successfully to "C:\Users\scary\Desktop\aswMBR.txt"
Code:
ATTFilter 14:44:09.0028 3012 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
14:44:09.0231 3012 ============================================================
14:44:09.0231 3012 Current date / time: 2012/10/28 14:44:09.0231
14:44:09.0231 3012 SystemInfo:
14:44:09.0231 3012
14:44:09.0231 3012 OS Version: 6.1.7601 ServicePack: 1.0
14:44:09.0231 3012 Product type: Workstation
14:44:09.0231 3012 ComputerName: ***
14:44:09.0231 3012 UserName: scary
14:44:09.0231 3012 Windows directory: C:\Windows
14:44:09.0231 3012 System windows directory: C:\Windows
14:44:09.0231 3012 Running under WOW64
14:44:09.0231 3012 Processor architecture: Intel x64
14:44:09.0231 3012 Number of processors: 4
14:44:09.0231 3012 Page size: 0x1000
14:44:09.0231 3012 Boot type: Normal boot
14:44:09.0231 3012 ============================================================
14:44:10.0387 3012 Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0x2CD34, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
14:44:10.0403 3012 ============================================================
14:44:10.0403 3012 \Device\Harddisk0\DR0:
14:44:10.0403 3012 MBR partitions:
14:44:10.0403 3012 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:44:10.0403 3012 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC31E000
14:44:10.0403 3012 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC350800, BlocksNum 0x225E8000
14:44:10.0403 3012 ============================================================
14:44:10.0418 3012 C: <-> \Device\Harddisk0\DR0\Partition2
14:44:10.0497 3012 D: <-> \Device\Harddisk0\DR0\Partition3
14:44:10.0497 3012 ============================================================
14:44:10.0497 3012 Initialize success
14:44:10.0497 3012 ============================================================
14:44:47.0325 2024 ============================================================
14:44:47.0325 2024 Scan started
14:44:47.0325 2024 Mode: Manual; SigCheck; TDLFS;
14:44:47.0325 2024 ============================================================
14:44:48.0137 2024 ================ Scan system memory ========================
14:44:48.0137 2024 System memory - ok
14:44:48.0137 2024 ================ Scan services =============================
14:44:48.0325 2024 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:44:48.0497 2024 1394ohci - ok
14:44:48.0528 2024 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:44:48.0543 2024 ACPI - ok
14:44:48.0559 2024 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:44:48.0653 2024 AcpiPmi - ok
14:44:48.0778 2024 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:44:48.0809 2024 AdobeFlashPlayerUpdateSvc - ok
14:44:48.0856 2024 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:44:48.0887 2024 adp94xx - ok
14:44:48.0903 2024 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:44:48.0934 2024 adpahci - ok
14:44:48.0950 2024 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:44:48.0965 2024 adpu320 - ok
14:44:48.0997 2024 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:44:49.0184 2024 AeLookupSvc - ok
14:44:49.0231 2024 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:44:49.0325 2024 AFD - ok
14:44:49.0356 2024 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:44:49.0372 2024 agp440 - ok
14:44:49.0387 2024 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:44:49.0450 2024 ALG - ok
14:44:49.0481 2024 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:44:49.0497 2024 aliide - ok
14:44:49.0512 2024 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:44:49.0528 2024 amdide - ok
14:44:49.0575 2024 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:44:49.0637 2024 AmdK8 - ok
14:44:49.0684 2024 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:44:49.0731 2024 AmdPPM - ok
14:44:49.0762 2024 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:44:49.0778 2024 amdsata - ok
14:44:49.0793 2024 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:44:49.0809 2024 amdsbs - ok
14:44:49.0825 2024 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:44:49.0840 2024 amdxata - ok
14:44:49.0918 2024 [ 98A8B7D168D035FEFDEFA18F759115F6 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:44:49.0950 2024 AntiVirSchedulerService - ok
14:44:49.0965 2024 [ AAACAE485AE81D0A449FBC754880C791 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:44:49.0981 2024 AntiVirService - ok
14:44:50.0028 2024 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:44:50.0215 2024 AppID - ok
14:44:50.0247 2024 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:44:50.0325 2024 AppIDSvc - ok
14:44:50.0372 2024 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:44:50.0434 2024 Appinfo - ok
14:44:50.0465 2024 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:44:50.0512 2024 AppMgmt - ok
14:44:50.0543 2024 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:44:50.0575 2024 arc - ok
14:44:50.0590 2024 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:44:50.0606 2024 arcsas - ok
14:44:50.0637 2024 AsrCDDrv - ok
14:44:50.0653 2024 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:44:50.0731 2024 AsyncMac - ok
14:44:50.0762 2024 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:44:50.0793 2024 atapi - ok
14:44:50.0825 2024 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
14:44:50.0856 2024 AtiPcie - ok
14:44:50.0887 2024 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:44:50.0965 2024 AudioEndpointBuilder - ok
14:44:50.0965 2024 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:44:51.0012 2024 AudioSrv - ok
14:44:51.0043 2024 [ 25B63A3C24A5E0223A35DE2F0D9E0FAF ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:44:51.0059 2024 avgntflt - ok
14:44:51.0059 2024 [ A83691240C1568E6A3EAA5C86D9F8AE3 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:44:51.0075 2024 avipbb - ok
14:44:51.0090 2024 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:44:51.0106 2024 avkmgr - ok
14:44:51.0137 2024 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:44:51.0262 2024 AxInstSV - ok
14:44:51.0309 2024 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:44:51.0372 2024 b06bdrv - ok
14:44:51.0434 2024 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:44:51.0497 2024 b57nd60a - ok
14:44:51.0543 2024 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:44:51.0590 2024 BDESVC - ok
14:44:51.0622 2024 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:44:51.0715 2024 Beep - ok
14:44:51.0762 2024 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:44:51.0825 2024 BFE - ok
14:44:51.0856 2024 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:44:51.0965 2024 BITS - ok
14:44:51.0997 2024 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:44:52.0028 2024 blbdrive - ok
14:44:52.0043 2024 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:44:52.0090 2024 bowser - ok
14:44:52.0106 2024 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:44:52.0184 2024 BrFiltLo - ok
14:44:52.0184 2024 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:44:52.0200 2024 BrFiltUp - ok
14:44:52.0215 2024 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:44:52.0278 2024 Browser - ok
14:44:52.0309 2024 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:44:52.0403 2024 Brserid - ok
14:44:52.0418 2024 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:44:52.0450 2024 BrSerWdm - ok
14:44:52.0465 2024 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:44:52.0497 2024 BrUsbMdm - ok
14:44:52.0497 2024 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:44:52.0528 2024 BrUsbSer - ok
14:44:52.0543 2024 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:44:52.0575 2024 BTHMODEM - ok
14:44:52.0606 2024 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:44:52.0668 2024 bthserv - ok
14:44:52.0700 2024 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:44:52.0747 2024 cdfs - ok
14:44:52.0809 2024 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
14:44:52.0840 2024 cdrom - ok
14:44:52.0887 2024 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:44:52.0965 2024 CertPropSvc - ok
14:44:52.0981 2024 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:44:52.0997 2024 circlass - ok
14:44:53.0028 2024 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:44:53.0059 2024 CLFS - ok
14:44:53.0122 2024 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:44:53.0153 2024 clr_optimization_v2.0.50727_32 - ok
14:44:53.0215 2024 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:44:53.0247 2024 clr_optimization_v2.0.50727_64 - ok
14:44:53.0309 2024 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:44:53.0340 2024 clr_optimization_v4.0.30319_32 - ok
14:44:53.0372 2024 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:44:53.0387 2024 clr_optimization_v4.0.30319_64 - ok
14:44:53.0403 2024 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:44:53.0418 2024 CmBatt - ok
14:44:53.0450 2024 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:44:53.0465 2024 cmdide - ok
14:44:53.0497 2024 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:44:53.0543 2024 CNG - ok
14:44:53.0559 2024 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:44:53.0575 2024 Compbatt - ok
14:44:53.0590 2024 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:44:53.0622 2024 CompositeBus - ok
14:44:53.0637 2024 COMSysApp - ok
14:44:53.0653 2024 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:44:53.0653 2024 crcdisk - ok
14:44:53.0684 2024 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:44:53.0762 2024 CryptSvc - ok
14:44:53.0793 2024 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
14:44:53.0872 2024 CSC - ok
14:44:53.0903 2024 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
14:44:53.0950 2024 CscService - ok
14:44:53.0981 2024 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:44:54.0043 2024 DcomLaunch - ok
14:44:54.0075 2024 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:44:54.0106 2024 defragsvc - ok
14:44:54.0137 2024 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:44:54.0168 2024 DfsC - ok
14:44:54.0200 2024 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:44:54.0247 2024 Dhcp - ok
14:44:54.0278 2024 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:44:54.0356 2024 discache - ok
14:44:54.0387 2024 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:44:54.0403 2024 Disk - ok
14:44:54.0418 2024 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:44:54.0497 2024 Dnscache - ok
14:44:54.0543 2024 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:44:54.0622 2024 dot3svc - ok
14:44:54.0637 2024 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:44:54.0684 2024 DPS - ok
14:44:54.0715 2024 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:44:54.0762 2024 drmkaud - ok
14:44:54.0793 2024 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:44:54.0840 2024 DXGKrnl - ok
14:44:54.0872 2024 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:44:54.0934 2024 EapHost - ok
14:44:55.0028 2024 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:44:55.0090 2024 ebdrv - ok
14:44:55.0122 2024 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:44:55.0184 2024 EFS - ok
14:44:55.0247 2024 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:44:55.0356 2024 ehRecvr - ok
14:44:55.0372 2024 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:44:55.0403 2024 ehSched - ok
14:44:55.0434 2024 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:44:55.0465 2024 elxstor - ok
14:44:55.0497 2024 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:44:55.0528 2024 ErrDev - ok
14:44:55.0575 2024 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:44:55.0637 2024 EventSystem - ok
14:44:55.0653 2024 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:44:55.0684 2024 exfat - ok
14:44:55.0684 2024 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:44:55.0715 2024 fastfat - ok
14:44:55.0762 2024 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:44:55.0825 2024 Fax - ok
14:44:55.0840 2024 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:44:55.0872 2024 fdc - ok
14:44:55.0887 2024 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:44:55.0934 2024 fdPHost - ok
14:44:55.0950 2024 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:44:55.0997 2024 FDResPub - ok
14:44:56.0012 2024 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:44:56.0012 2024 FileInfo - ok
14:44:56.0012 2024 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:44:56.0059 2024 Filetrace - ok
14:44:56.0075 2024 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:44:56.0090 2024 flpydisk - ok
14:44:56.0106 2024 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:44:56.0122 2024 FltMgr - ok
14:44:56.0184 2024 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:44:56.0278 2024 FontCache - ok
14:44:56.0325 2024 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:44:56.0340 2024 FontCache3.0.0.0 - ok
14:44:56.0356 2024 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:44:56.0372 2024 FsDepends - ok
14:44:56.0387 2024 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:44:56.0403 2024 Fs_Rec - ok
14:44:56.0450 2024 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:44:56.0465 2024 fvevol - ok
14:44:56.0497 2024 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:44:56.0512 2024 gagp30kx - ok
14:44:56.0543 2024 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:44:56.0622 2024 gpsvc - ok
14:44:56.0637 2024 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:44:56.0700 2024 hcw85cir - ok
14:44:56.0747 2024 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:44:56.0778 2024 HdAudAddService - ok
14:44:56.0793 2024 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:44:56.0825 2024 HDAudBus - ok
14:44:56.0856 2024 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:44:56.0872 2024 HidBatt - ok
14:44:56.0903 2024 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:44:56.0918 2024 HidBth - ok
14:44:56.0934 2024 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:44:56.0965 2024 HidIr - ok
14:44:56.0997 2024 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:44:57.0075 2024 hidserv - ok
14:44:57.0122 2024 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:44:57.0137 2024 HidUsb - ok
14:44:57.0153 2024 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:44:57.0200 2024 hkmsvc - ok
14:44:57.0231 2024 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:44:57.0293 2024 HomeGroupListener - ok
14:44:57.0325 2024 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:44:57.0372 2024 HomeGroupProvider - ok
14:44:57.0403 2024 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:44:57.0418 2024 HpSAMD - ok
14:44:57.0450 2024 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:44:57.0512 2024 HTTP - ok
14:44:57.0528 2024 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:44:57.0528 2024 hwpolicy - ok
14:44:57.0575 2024 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:44:57.0606 2024 i8042prt - ok
14:44:57.0622 2024 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:44:57.0653 2024 iaStorV - ok
14:44:57.0715 2024 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:44:57.0762 2024 idsvc - ok
14:44:57.0793 2024 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:44:57.0825 2024 iirsp - ok
14:44:57.0872 2024 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:44:57.0950 2024 IKEEXT - ok
14:44:57.0965 2024 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:44:57.0981 2024 intelide - ok
14:44:57.0997 2024 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:44:58.0028 2024 intelppm - ok
14:44:58.0043 2024 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:44:58.0137 2024 IPBusEnum - ok
14:44:58.0153 2024 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:44:58.0231 2024 IpFilterDriver - ok
14:44:58.0262 2024 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:44:58.0325 2024 iphlpsvc - ok
14:44:58.0356 2024 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:44:58.0372 2024 IPMIDRV - ok
14:44:58.0387 2024 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:44:58.0418 2024 IPNAT - ok
14:44:58.0450 2024 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:44:58.0528 2024 IRENUM - ok
14:44:58.0543 2024 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:44:58.0559 2024 isapnp - ok
14:44:58.0575 2024 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:44:58.0606 2024 iScsiPrt - ok
14:44:58.0622 2024 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:44:58.0637 2024 kbdclass - ok
14:44:58.0668 2024 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:44:58.0684 2024 kbdhid - ok
14:44:58.0715 2024 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:44:58.0747 2024 KeyIso - ok
14:44:58.0778 2024 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:44:58.0793 2024 KSecDD - ok
14:44:58.0809 2024 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:44:58.0840 2024 KSecPkg - ok
14:44:58.0840 2024 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:44:58.0903 2024 ksthunk - ok
14:44:58.0934 2024 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:44:58.0981 2024 KtmRm - ok
14:44:58.0997 2024 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:44:59.0043 2024 LanmanServer - ok
14:44:59.0059 2024 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:44:59.0090 2024 LanmanWorkstation - ok
14:44:59.0122 2024 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:44:59.0153 2024 lltdio - ok
14:44:59.0168 2024 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:44:59.0215 2024 lltdsvc - ok
14:44:59.0215 2024 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:44:59.0247 2024 lmhosts - ok
14:44:59.0278 2024 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:44:59.0278 2024 LSI_FC - ok
14:44:59.0293 2024 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:44:59.0293 2024 LSI_SAS - ok
14:44:59.0309 2024 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:44:59.0309 2024 LSI_SAS2 - ok
14:44:59.0325 2024 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:44:59.0325 2024 LSI_SCSI - ok
14:44:59.0340 2024 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:44:59.0387 2024 luafv - ok
14:44:59.0434 2024 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:44:59.0450 2024 MBAMProtector - ok
14:44:59.0528 2024 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:44:59.0559 2024 MBAMScheduler - ok
14:44:59.0590 2024 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:44:59.0622 2024 MBAMService - ok
14:44:59.0653 2024 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:44:59.0684 2024 Mcx2Svc - ok
14:44:59.0684 2024 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:44:59.0700 2024 megasas - ok
14:44:59.0700 2024 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:44:59.0715 2024 MegaSR - ok
14:44:59.0731 2024 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:44:59.0762 2024 MMCSS - ok
14:44:59.0778 2024 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:44:59.0809 2024 Modem - ok
14:44:59.0825 2024 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:44:59.0840 2024 monitor - ok
14:44:59.0872 2024 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:44:59.0903 2024 mouclass - ok
14:44:59.0934 2024 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:44:59.0981 2024 mouhid - ok
14:45:00.0028 2024 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:45:00.0059 2024 mountmgr - ok
14:45:00.0122 2024 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:45:00.0153 2024 MozillaMaintenance - ok
14:45:00.0168 2024 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:45:00.0184 2024 mpio - ok
14:45:00.0200 2024 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:45:00.0247 2024 mpsdrv - ok
14:45:00.0278 2024 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:45:00.0340 2024 MpsSvc - ok
14:45:00.0356 2024 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:45:00.0372 2024 MRxDAV - ok
14:45:00.0403 2024 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:45:00.0465 2024 mrxsmb - ok
14:45:00.0497 2024 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:45:00.0543 2024 mrxsmb10 - ok
14:45:00.0559 2024 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:45:00.0590 2024 mrxsmb20 - ok
14:45:00.0622 2024 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:45:00.0622 2024 msahci - ok
14:45:00.0653 2024 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:45:00.0668 2024 msdsm - ok
14:45:00.0700 2024 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:45:00.0715 2024 MSDTC - ok
14:45:00.0731 2024 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:45:00.0762 2024 Msfs - ok
14:45:00.0778 2024 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:45:00.0809 2024 mshidkmdf - ok
14:45:00.0825 2024 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:45:00.0840 2024 msisadrv - ok
14:45:00.0872 2024 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:45:00.0950 2024 MSiSCSI - ok
14:45:00.0965 2024 msiserver - ok
14:45:00.0997 2024 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:45:01.0059 2024 MSKSSRV - ok
14:45:01.0075 2024 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:45:01.0106 2024 MSPCLOCK - ok
14:45:01.0122 2024 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:45:01.0153 2024 MSPQM - ok
14:45:01.0184 2024 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:45:01.0200 2024 MsRPC - ok
14:45:01.0215 2024 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:45:01.0231 2024 mssmbios - ok
14:45:01.0247 2024 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:45:01.0262 2024 MSTEE - ok
14:45:01.0278 2024 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:45:01.0293 2024 MTConfig - ok
14:45:01.0309 2024 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:45:01.0309 2024 Mup - ok
14:45:01.0356 2024 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:45:01.0387 2024 napagent - ok
14:45:01.0418 2024 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:45:01.0450 2024 NativeWifiP - ok
14:45:01.0497 2024 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:45:01.0543 2024 NDIS - ok
14:45:01.0559 2024 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:45:01.0590 2024 NdisCap - ok
14:45:01.0637 2024 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:45:01.0700 2024 NdisTapi - ok
14:45:01.0731 2024 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:45:01.0762 2024 Ndisuio - ok
14:45:01.0778 2024 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:45:01.0825 2024 NdisWan - ok
14:45:01.0840 2024 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:45:01.0872 2024 NDProxy - ok
14:45:01.0887 2024 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:45:01.0934 2024 NetBIOS - ok
14:45:01.0950 2024 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:45:01.0981 2024 NetBT - ok
14:45:02.0012 2024 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:45:02.0012 2024 Netlogon - ok
14:45:02.0059 2024 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:45:02.0122 2024 Netman - ok
14:45:02.0153 2024 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:45:02.0200 2024 netprofm - ok
14:45:02.0215 2024 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:45:02.0231 2024 NetTcpPortSharing - ok
14:45:02.0247 2024 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:45:02.0247 2024 nfrd960 - ok
14:45:02.0278 2024 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:45:02.0325 2024 NlaSvc - ok
14:45:02.0325 2024 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:45:02.0356 2024 Npfs - ok
14:45:02.0356 2024 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:45:02.0387 2024 nsi - ok
14:45:02.0387 2024 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:45:02.0434 2024 nsiproxy - ok
14:45:02.0512 2024 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:45:02.0559 2024 Ntfs - ok
14:45:02.0575 2024 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:45:02.0606 2024 Null - ok
14:45:02.0653 2024 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:45:02.0684 2024 NVHDA - ok
14:45:02.0997 2024 [ BF7A24A71E1932200D864BC1CE15E596 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:45:03.0372 2024 nvlddmkm - ok
14:45:03.0403 2024 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:45:03.0418 2024 nvraid - ok
14:45:03.0434 2024 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:45:03.0434 2024 nvstor - ok
14:45:03.0481 2024 [ 43F91595049DE14C4B61D1E76436164F ] nvsvc C:\Windows\system32\nvvsvc.exe
14:45:03.0543 2024 nvsvc - ok
14:45:03.0606 2024 [ 322B69422836F97B76F4AA59B47507BA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:45:03.0653 2024 nvUpdatusService - ok
14:45:03.0700 2024 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:45:03.0731 2024 nv_agp - ok
14:45:03.0747 2024 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:45:03.0762 2024 ohci1394 - ok
14:45:03.0793 2024 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:45:03.0856 2024 p2pimsvc - ok
14:45:03.0872 2024 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:45:03.0903 2024 p2psvc - ok
14:45:03.0903 2024 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:45:03.0918 2024 Parport - ok
14:45:03.0934 2024 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:45:03.0950 2024 partmgr - ok
14:45:03.0981 2024 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:45:04.0028 2024 PcaSvc - ok
14:45:04.0043 2024 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:45:04.0059 2024 pci - ok
14:45:04.0075 2024 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:45:04.0090 2024 pciide - ok
14:45:04.0122 2024 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:45:04.0137 2024 pcmcia - ok
14:45:04.0153 2024 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:45:04.0153 2024 pcw - ok
14:45:04.0168 2024 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:45:04.0215 2024 PEAUTH - ok
14:45:04.0278 2024 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:45:04.0340 2024 PeerDistSvc - ok
14:45:04.0434 2024 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:45:04.0528 2024 PerfHost - ok
14:45:04.0668 2024 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:45:04.0809 2024 pla - ok
14:45:04.0856 2024 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:45:04.0950 2024 PlugPlay - ok
14:45:04.0981 2024 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:45:04.0997 2024 PNRPAutoReg - ok
14:45:05.0028 2024 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:45:05.0043 2024 PNRPsvc - ok
14:45:05.0075 2024 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:45:05.0137 2024 PolicyAgent - ok
14:45:05.0168 2024 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:45:05.0215 2024 Power - ok
14:45:05.0247 2024 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:45:05.0278 2024 PptpMiniport - ok
14:45:05.0293 2024 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:45:05.0340 2024 Processor - ok
14:45:05.0372 2024 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:45:05.0434 2024 ProfSvc - ok
14:45:05.0450 2024 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:45:05.0481 2024 ProtectedStorage - ok
14:45:05.0528 2024 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:45:05.0590 2024 Psched - ok
14:45:05.0637 2024 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:45:05.0684 2024 ql2300 - ok
14:45:05.0715 2024 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:45:05.0731 2024 ql40xx - ok
14:45:05.0762 2024 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:45:05.0793 2024 QWAVE - ok
14:45:05.0809 2024 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:45:05.0840 2024 QWAVEdrv - ok
14:45:05.0856 2024 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:45:05.0903 2024 RasAcd - ok
14:45:05.0950 2024 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:45:05.0997 2024 RasAgileVpn - ok
14:45:06.0012 2024 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:45:06.0043 2024 RasAuto - ok
14:45:06.0075 2024 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:45:06.0153 2024 Rasl2tp - ok
14:45:06.0184 2024 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:45:06.0215 2024 RasMan - ok
14:45:06.0231 2024 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:45:06.0278 2024 RasPppoe - ok
14:45:06.0278 2024 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:45:06.0325 2024 RasSstp - ok
14:45:06.0340 2024 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:45:06.0387 2024 rdbss - ok
14:45:06.0403 2024 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:45:06.0418 2024 rdpbus - ok
14:45:06.0434 2024 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:45:06.0465 2024 RDPCDD - ok
14:45:06.0481 2024 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:45:06.0512 2024 RDPDR - ok
14:45:06.0543 2024 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:45:06.0575 2024 RDPENCDD - ok
14:45:06.0590 2024 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:45:06.0606 2024 RDPREFMP - ok
14:45:06.0637 2024 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:45:06.0668 2024 RDPWD - ok
14:45:06.0715 2024 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:45:06.0731 2024 rdyboost - ok
14:45:06.0747 2024 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:45:06.0840 2024 RemoteAccess - ok
14:45:06.0872 2024 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:45:06.0934 2024 RemoteRegistry - ok
14:45:06.0950 2024 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:45:07.0028 2024 RpcEptMapper - ok
14:45:07.0043 2024 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:45:07.0075 2024 RpcLocator - ok
14:45:07.0090 2024 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:45:07.0137 2024 RpcSs - ok
14:45:07.0153 2024 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:45:07.0184 2024 rspndr - ok
14:45:07.0247 2024 [ F65F171165FBB613F7AA3CC78E8CAB42 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:45:07.0309 2024 RTL8167 - ok
14:45:07.0340 2024 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:45:07.0387 2024 s3cap - ok
14:45:07.0418 2024 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:45:07.0450 2024 SamSs - ok
14:45:07.0465 2024 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:45:07.0497 2024 sbp2port - ok
14:45:07.0512 2024 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:45:07.0575 2024 SCardSvr - ok
14:45:07.0590 2024 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:45:07.0637 2024 scfilter - ok
14:45:07.0684 2024 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:45:07.0747 2024 Schedule - ok
14:45:07.0778 2024 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:45:07.0809 2024 SCPolicySvc - ok
14:45:07.0840 2024 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:45:07.0887 2024 SDRSVC - ok
14:45:07.0934 2024 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:45:07.0981 2024 secdrv - ok
14:45:07.0997 2024 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:45:08.0075 2024 seclogon - ok
14:45:08.0075 2024 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:45:08.0122 2024 SENS - ok
14:45:08.0137 2024 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:45:08.0153 2024 SensrSvc - ok
14:45:08.0184 2024 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:45:08.0231 2024 Serenum - ok
14:45:08.0247 2024 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:45:08.0293 2024 Serial - ok
14:45:08.0309 2024 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:45:08.0340 2024 sermouse - ok
14:45:08.0387 2024 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:45:08.0450 2024 SessionEnv - ok
14:45:08.0465 2024 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:45:08.0528 2024 sffdisk - ok
14:45:08.0543 2024 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:45:08.0575 2024 sffp_mmc - ok
14:45:08.0575 2024 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:45:08.0606 2024 sffp_sd - ok
14:45:08.0622 2024 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:45:08.0653 2024 sfloppy - ok
14:45:08.0668 2024 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:45:08.0731 2024 SharedAccess - ok
14:45:08.0762 2024 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:45:08.0793 2024 ShellHWDetection - ok
14:45:08.0809 2024 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:45:08.0825 2024 SiSRaid2 - ok
14:45:08.0825 2024 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:45:08.0825 2024 SiSRaid4 - ok
14:45:08.0856 2024 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:45:08.0903 2024 Smb - ok
14:45:08.0934 2024 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:45:08.0934 2024 SNMPTRAP - ok
14:45:08.0950 2024 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:45:08.0965 2024 spldr - ok
14:45:08.0997 2024 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:45:09.0090 2024 Spooler - ok
14:45:09.0215 2024 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:45:09.0309 2024 sppsvc - ok
14:45:09.0325 2024 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:45:09.0356 2024 sppuinotify - ok
14:45:09.0387 2024 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:45:09.0465 2024 srv - ok
14:45:09.0497 2024 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:45:09.0543 2024 srv2 - ok
14:45:09.0559 2024 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:45:09.0575 2024 srvnet - ok
14:45:09.0606 2024 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:45:09.0684 2024 SSDPSRV - ok
14:45:09.0700 2024 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:45:09.0731 2024 SstpSvc - ok
14:45:09.0809 2024 Steam Client Service - ok
14:45:09.0872 2024 [ A766CCAD980235FF34E7F8089D3175A3 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:45:09.0903 2024 Stereo Service - ok
14:45:09.0934 2024 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:45:09.0950 2024 stexstor - ok
14:45:09.0997 2024 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:45:10.0059 2024 stisvc - ok
14:45:10.0075 2024 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:45:10.0090 2024 storflt - ok
14:45:10.0122 2024 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
14:45:10.0200 2024 StorSvc - ok
14:45:10.0231 2024 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:45:10.0231 2024 storvsc - ok
14:45:10.0247 2024 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:45:10.0262 2024 swenum - ok
14:45:10.0293 2024 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:45:10.0356 2024 swprv - ok
14:45:10.0418 2024 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:45:10.0465 2024 SysMain - ok
14:45:10.0497 2024 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:45:10.0512 2024 TabletInputService - ok
14:45:10.0543 2024 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:45:10.0590 2024 TapiSrv - ok
14:45:10.0606 2024 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:45:10.0653 2024 TBS - ok
14:45:10.0715 2024 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:45:10.0793 2024 Tcpip - ok
14:45:10.0825 2024 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:45:10.0856 2024 TCPIP6 - ok
14:45:10.0872 2024 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:45:10.0918 2024 tcpipreg - ok
14:45:10.0934 2024 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:45:10.0997 2024 TDPIPE - ok
14:45:11.0012 2024 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:45:11.0059 2024 TDTCP - ok
14:45:11.0090 2024 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:45:11.0137 2024 tdx - ok
14:45:11.0168 2024 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:45:11.0168 2024 TermDD - ok
14:45:11.0215 2024 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:45:11.0247 2024 TermService - ok
14:45:11.0278 2024 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:45:11.0325 2024 Themes - ok
14:45:11.0325 2024 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:45:11.0356 2024 THREADORDER - ok
14:45:11.0372 2024 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:45:11.0418 2024 TrkWks - ok
14:45:11.0465 2024 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:45:11.0543 2024 TrustedInstaller - ok
14:45:11.0575 2024 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:45:11.0606 2024 tssecsrv - ok
14:45:11.0637 2024 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:45:11.0700 2024 TsUsbFlt - ok
14:45:11.0747 2024 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:45:11.0825 2024 tunnel - ok
14:45:11.0856 2024 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:45:11.0856 2024 uagp35 - ok
14:45:11.0872 2024 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:45:11.0918 2024 udfs - ok
14:45:11.0934 2024 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:45:11.0934 2024 UI0Detect - ok
14:45:11.0965 2024 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:45:11.0997 2024 uliagpkx - ok
14:45:12.0028 2024 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:45:12.0059 2024 umbus - ok
14:45:12.0075 2024 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:45:12.0090 2024 UmPass - ok
14:45:12.0122 2024 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
14:45:12.0153 2024 UmRdpService - ok
14:45:12.0168 2024 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:45:12.0215 2024 upnphost - ok
14:45:12.0231 2024 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:45:12.0293 2024 usbccgp - ok
14:45:12.0325 2024 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:45:12.0372 2024 usbcir - ok
14:45:12.0372 2024 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:45:12.0387 2024 usbehci - ok
14:45:12.0418 2024 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:45:12.0434 2024 usbhub - ok
14:45:12.0434 2024 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:45:12.0481 2024 usbohci - ok
14:45:12.0497 2024 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:45:12.0543 2024 usbprint - ok
14:45:12.0575 2024 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:45:12.0637 2024 USBSTOR - ok
14:45:12.0653 2024 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:45:12.0668 2024 usbuhci - ok
14:45:12.0700 2024 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:45:12.0731 2024 UxSms - ok
14:45:12.0747 2024 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:45:12.0762 2024 VaultSvc - ok
14:45:12.0778 2024 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:45:12.0793 2024 vdrvroot - ok
14:45:12.0825 2024 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:45:12.0856 2024 vds - ok
14:45:12.0872 2024 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:45:12.0887 2024 vga - ok
14:45:12.0903 2024 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:45:12.0950 2024 VgaSave - ok
14:45:12.0981 2024 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:45:12.0997 2024 vhdmp - ok
14:45:13.0090 2024 [ 906A7C6B6659A650648CF21998270945 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
14:45:13.0153 2024 VIAHdAudAddService - ok
14:45:13.0168 2024 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:45:13.0184 2024 viaide - ok
14:45:13.0200 2024 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:45:13.0215 2024 vmbus - ok
14:45:13.0231 2024 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:45:13.0262 2024 VMBusHID - ok
14:45:13.0278 2024 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:45:13.0278 2024 volmgr - ok
14:45:13.0325 2024 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:45:13.0356 2024 volmgrx - ok
14:45:13.0387 2024 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:45:13.0403 2024 volsnap - ok
14:45:13.0434 2024 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:45:13.0434 2024 vsmraid - ok
14:45:13.0512 2024 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:45:13.0606 2024 VSS - ok
14:45:13.0622 2024 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:45:13.0637 2024 vwifibus - ok
14:45:13.0684 2024 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:45:13.0715 2024 W32Time - ok
14:45:13.0731 2024 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:45:13.0747 2024 WacomPen - ok
14:45:13.0793 2024 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:45:13.0856 2024 WANARP - ok
14:45:13.0856 2024 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:45:13.0887 2024 Wanarpv6 - ok
14:45:13.0965 2024 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:45:14.0028 2024 wbengine - ok
14:45:14.0043 2024 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:45:14.0059 2024 WbioSrvc - ok
14:45:14.0090 2024 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:45:14.0106 2024 wcncsvc - ok
14:45:14.0122 2024 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:45:14.0137 2024 WcsPlugInService - ok
14:45:14.0153 2024 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:45:14.0168 2024 Wd - ok
14:45:14.0184 2024 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:45:14.0215 2024 Wdf01000 - ok
14:45:14.0231 2024 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:45:14.0340 2024 WdiServiceHost - ok
14:45:14.0340 2024 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:45:14.0372 2024 WdiSystemHost - ok
14:45:14.0403 2024 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:45:14.0434 2024 WebClient - ok
14:45:14.0450 2024 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:45:14.0497 2024 Wecsvc - ok
14:45:14.0497 2024 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:45:14.0528 2024 wercplsupport - ok
14:45:14.0543 2024 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:45:14.0575 2024 WerSvc - ok
14:45:14.0590 2024 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:45:14.0606 2024 WfpLwf - ok
14:45:14.0622 2024 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:45:14.0637 2024 WIMMount - ok
14:45:14.0653 2024 WinDefend - ok
14:45:14.0653 2024 WinHttpAutoProxySvc - ok
14:45:14.0700 2024 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:45:14.0762 2024 Winmgmt - ok
14:45:14.0856 2024 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:45:14.0950 2024 WinRM - ok
14:45:14.0981 2024 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:45:15.0012 2024 Wlansvc - ok
14:45:15.0043 2024 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:45:15.0059 2024 WmiAcpi - ok
14:45:15.0075 2024 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:45:15.0122 2024 wmiApSrv - ok
14:45:15.0153 2024 WMPNetworkSvc - ok
14:45:15.0168 2024 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:45:15.0184 2024 WPCSvc - ok
14:45:15.0215 2024 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:45:15.0278 2024 WPDBusEnum - ok
14:45:15.0293 2024 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:45:15.0356 2024 ws2ifsl - ok
14:45:15.0387 2024 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:45:15.0434 2024 wscsvc - ok
14:45:15.0434 2024 WSearch - ok
14:45:15.0543 2024 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:45:15.0606 2024 wuauserv - ok
14:45:15.0622 2024 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:45:15.0668 2024 WudfPf - ok
14:45:15.0700 2024 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:45:15.0778 2024 WUDFRd - ok
14:45:15.0809 2024 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:45:15.0825 2024 wudfsvc - ok
14:45:15.0856 2024 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:45:15.0887 2024 WwanSvc - ok
14:45:15.0903 2024 ================ Scan global ===============================
14:45:15.0918 2024 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:45:15.0950 2024 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:45:15.0965 2024 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:45:15.0997 2024 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:45:16.0043 2024 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:45:16.0043 2024 [Global] - ok
14:45:16.0043 2024 ================ Scan MBR ==================================
14:45:16.0075 2024 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:45:16.0559 2024 \Device\Harddisk0\DR0 - ok
14:45:16.0559 2024 ================ Scan VBR ==================================
14:45:16.0590 2024 [ 153E09F76DF35C06814F19E718993F09 ] \Device\Harddisk0\DR0\Partition1
14:45:16.0590 2024 \Device\Harddisk0\DR0\Partition1 - ok
14:45:16.0606 2024 [ 3D613215400C7853505B66D796227414 ] \Device\Harddisk0\DR0\Partition2
14:45:16.0606 2024 \Device\Harddisk0\DR0\Partition2 - ok
14:45:16.0622 2024 [ 2AEAC858D73D67C4262B6E81F64C64AC ] \Device\Harddisk0\DR0\Partition3
14:45:16.0622 2024 \Device\Harddisk0\DR0\Partition3 - ok
14:45:16.0622 2024 ============================================================
14:45:16.0622 2024 Scan finished
14:45:16.0622 2024 ============================================================
14:45:16.0653 1224 Detected object count: 0
14:45:16.0653 1224 Actual detected object count: 0
|
|
28.10.2012, 15:20
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PUP.Blabbers / searchplusnetwork.com Ok, keine Rootkits zu sehen adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ --> PUP.Blabbers / searchplusnetwork.com |
|
28.10.2012, 17:29
| #7 |
| | PUP.Blabbers / searchplusnetwork.com Und hier das Adw-Log: Code:
ATTFilter # AdwCleaner v2.005 - Datei am 28/10/2012 um 17:28:07 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : scary - ***
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\scary\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gefunden : C:\Users\scary\AppData\Roaming\Mozilla\Firefox\Profiles\68o0lesx.default\searchplugins\Plusnetwork.xml
Ordner Gefunden : C:\Users\scary\AppData\LocalLow\bbrs_002.tb
Ordner Gefunden : C:\Users\scary\AppData\Roaming\Mozilla\Firefox\Profiles\68o0lesx.default\extensions\bbrs_002@blabbers.com
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\Software\BrowserCompanion
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKU\S-1-5-21-3569910090-1362072758-1005780473-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16421
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchplusnetwork.com/?sp=st3
-\\ Mozilla Firefox v16.0.2 (de)
Profilname : default
Datei : C:\Users\scary\AppData\Roaming\Mozilla\Firefox\Profiles\68o0lesx.default\prefs.js
Gefunden : user_pref("browser.search.selectedEngine", "Plus! Network");
Gefunden : user_pref("browser.startup.homepage", "hxxp://www.searchplusnetwork.com/?sp=st3");
*************************
AdwCleaner[R1].txt - [2527 octets] - [28/10/2012 17:28:07]
########## EOF - C:\AdwCleaner[R1].txt - [2587 octets] ##########
|
|
28.10.2012, 17:45
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PUP.Blabbers / searchplusnetwork.com Einige Toolbars und Schrott von Softonic etc. - Bitte alles über die Systemsteuerung deinstallieren., danach ein neues Suchlog mit dem adwCleaner machen. Reste und was sich sich nicht deinstallieren lassen will machen wir mit dem adwCleaner weg.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.10.2012, 18:48
| #9 |
| | PUP.Blabbers / searchplusnetwork.com Über Systemsteuerung > Programme deinstallieren finde ich leider keine auffälligen Programme. Alle Programme, die ich dort sehe sind mir bekannt. Ich bin die Liste auch mehrmals sorgfältig durchgegangen. Hier trotzdem nochmal ein aktuelles Log: Code:
ATTFilter # AdwCleaner v2.005 - Datei am 28/10/2012 um 18:47:22 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : scary - ***
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\scary\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gefunden : C:\Users\scary\AppData\Roaming\Mozilla\Firefox\Profiles\68o0lesx.default\searchplugins\Plusnetwork.xml
Ordner Gefunden : C:\Users\scary\AppData\LocalLow\bbrs_002.tb
Ordner Gefunden : C:\Users\scary\AppData\Roaming\Mozilla\Firefox\Profiles\68o0lesx.default\extensions\bbrs_002@blabbers.com
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\Software\BrowserCompanion
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKU\S-1-5-21-3569910090-1362072758-1005780473-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16421
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchplusnetwork.com/?sp=st3
-\\ Mozilla Firefox v16.0.2 (de)
Profilname : default
Datei : C:\Users\scary\AppData\Roaming\Mozilla\Firefox\Profiles\68o0lesx.default\prefs.js
Gefunden : user_pref("browser.search.selectedEngine", "Plus! Network");
Gefunden : user_pref("browser.startup.homepage", "hxxp://www.searchplusnetwork.com/?sp=st3");
*************************
AdwCleaner[R1].txt - [2648 octets] - [28/10/2012 17:28:07]
AdwCleaner[R2].txt - [2708 octets] - [28/10/2012 18:44:41]
AdwCleaner[R3].txt - [2647 octets] - [28/10/2012 18:47:22]
########## EOF - C:\AdwCleaner[R3].txt - [2707 octets] ##########
|
|
29.10.2012, 08:56
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PUP.Blabbers / searchplusnetwork.com adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.10.2012, 11:34
| #11 |
| | PUP.Blabbers / searchplusnetwork.com Und hier das Log nach dem Löschen: Code:
ATTFilter # AdwCleaner v2.005 - Datei am 29/10/2012 um 11:29:53 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : scary - ***
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\scary\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\scary\AppData\Roaming\Mozilla\Firefox\Profiles\68o0lesx.default\searchplugins\Plusnetwork.xml
Ordner Gelöscht : C:\Users\scary\AppData\LocalLow\bbrs_002.tb
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKLM\Software\BrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16421
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchplusnetwork.com/?sp=st3 --> hxxp://www.google.com
-\\ Mozilla Firefox v16.0.2 (de)
Profilname : default
Datei : C:\Users\scary\AppData\Roaming\Mozilla\Firefox\Profiles\68o0lesx.default\prefs.js
Gelöscht : user_pref("browser.search.selectedEngine", "Plus! Network");
Gelöscht : user_pref("browser.startup.homepage", "hxxp://www.searchplusnetwork.com/?sp=st3");
*************************
AdwCleaner[R1].txt - [2648 octets] - [28/10/2012 17:28:07]
AdwCleaner[R2].txt - [2708 octets] - [28/10/2012 18:44:41]
AdwCleaner[R3].txt - [2768 octets] - [28/10/2012 18:47:22]
AdwCleaner[S2].txt - [2458 octets] - [29/10/2012 11:29:53]
########## EOF - C:\AdwCleaner[S2].txt - [2518 octets] ##########
|
|
29.10.2012, 14:02
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PUP.Blabbers / searchplusnetwork.com Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.10.2012, 16:29
| #13 |
| | PUP.Blabbers / searchplusnetwork.com Und das nächste OTL Log Teil 1/2: Code:
ATTFilter OTL logfile created on: 29.10.2012 15:58:07 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\scary\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8.00 Gb Total Physical Memory | 6.34 Gb Available Physical Memory | 79.29% Memory free 16.00 Gb Paging File | 13.78 Gb Available in Paging File | 86.17% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97.56 Gb Total Space | 25.78 Gb Free Space | 26.43% Space Free | Partition Type: NTFS Drive D: | 274.95 Gb Total Space | 77.25 Gb Free Space | 28.10% Space Free | Partition Type: NTFS Computer Name: *** | User Name: scary | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\scary\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe (TeamSpeak Systems GmbH) PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) PRC - C:\Users\scary\AppData\Roaming\GinyasBrowserCompanion\tbhcn.exe () PRC - D:\Games\Steam\Steam.exe (Valve Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Users\scary\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay) PRC - C:\Program Files (x86)\scary\Hama S1\S1_2k.exe () ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - D:\Games\Steam\bin\libcef.dll () MOD - D:\Games\Steam\bin\chromehtml.dll () MOD - D:\Games\Steam\bin\avutil-51.dll () MOD - D:\Games\Steam\bin\avformat-53.dll () MOD - D:\Games\Steam\bin\avcodec-53.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\sqldrivers\qsqlite4.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\QtSql4.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\plugins\appscanner_plugin.dll () MOD - C:\Users\scary\AppData\Roaming\GinyasBrowserCompanion\tbhcn.exe () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ed560b26f2f86b3f07b7f6d384f92275\System.ServiceModel.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\9e7bf69d97febe4ed1a288c787e5d9ca\SMDiagnostics.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\107779ca2708d2b31b2e1560e47f6d15\System.ServiceModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll () MOD - C:\Program Files (x86)\LOLReplay\LOLUtils.dll () MOD - C:\Program Files (x86)\LOLReplay\Compression.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\QtGui4.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\QtCore4.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\QtNetwork4.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg4.dll () MOD - C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif4.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_de_b77a5c561934e089\System.Runtime.Serialization.resources.dll () MOD - C:\Program Files (x86)\scary\Hama S1\S1_2k.exe () MOD - C:\Program Files (x86)\scary\Hama S1\hodll.dll () MOD - C:\Program Files (x86)\scary\Hama S1\MouseHook.dll () MOD - C:\Windows\SysWOW64\actskn43.ocx () ========== Services (SafeList) ========== SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3569910090-1362072758-1005780473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchplusnetwork.com/?sp=st3 IE - HKU\S-1-5-21-3569910090-1362072758-1005780473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-3569910090-1362072758-1005780473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-3569910090-1362072758-1005780473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D1 A3 25 FE 72 A6 CD 01 [binary data] IE - HKU\S-1-5-21-3569910090-1362072758-1005780473-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3569910090-1362072758-1005780473-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.searchplusnetwork.com/?sp=st3&q={searchTerms} IE - HKU\S-1-5-21-3569910090-1362072758-1005780473-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3569910090-1362072758-1005780473-1003\..\SearchScopes,DefaultScope = ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Plus! Network" FF - prefs.js..browser.startup.homepage: "hxxp://www.searchplusnetwork.com/?sp=st3" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.27 17:27:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.27 17:27:06 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.10.10 00:10:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\scary\AppData\Roaming\mozilla\Extensions [2012.10.28 19:24:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\scary\AppData\Roaming\mozilla\Firefox\Profiles\68o0lesx.default\extensions [2012.10.10 11:51:15 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\scary\AppData\Roaming\mozilla\firefox\profiles\68o0lesx.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.10.29 15:51:32 | 000,002,790 | ---- | M] () -- C:\Users\scary\AppData\Roaming\mozilla\firefox\profiles\68o0lesx.default\searchplugins\Plusnetwork.xml [2012.10.27 17:27:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.10.27 17:27:06 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.10.14 06:49:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.10.14 06:49:50 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.10.14 06:49:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.10.14 06:49:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.10.14 06:49:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.10.14 06:49:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3569910090-1362072758-1005780473-1000..\Run: [La_View Mouse] C:\PROGRA~2\scary\HAMAS1~1\S1_2k.exe () O4 - HKU\S-1-5-21-3569910090-1362072758-1005780473-1000..\Run: [Steam] "D:\Steam\Steam.exe" -silent File not found O4 - HKU\S-1-5-21-3569910090-1362072758-1005780473-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-3569910090-1362072758-1005780473-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\scary\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk = C:\Users\scary\AppData\Roaming\GinyasBrowserCompanion\tbhcn.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F1CB49F-997D-4A81-A47D-3570193B21E0}: DhcpNameServer = 192.168.2.1 192.168.2.1 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1 [2012.10.29 15:54:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\scary\Desktop\OTL.exe [2012.10.28 14:41:58 | 002,213,464 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\scary\Desktop\tdsskiller.exe [2012.10.28 14:25:56 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\scary\Desktop\aswMBR.exe [2012.10.27 17:27:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.10.26 21:42:41 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Malwarebytes [2012.10.26 21:42:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.26 21:42:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.10.26 21:42:33 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.10.26 21:42:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.10.25 23:26:32 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\GinyasBrowserCompanion [2012.10.25 23:26:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software [2012.10.20 14:23:37 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.10.20 14:23:37 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.10.20 14:23:37 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2012.10.20 14:20:11 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps [2012.10.16 12:20:17 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\CrashRpt [2012.10.16 12:20:17 | 000,000,000 | ---D | C] -- C:\Users\scary\Documents\Arktos [2012.10.16 12:20:17 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\Arktos [2012.10.15 23:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The War Z [2012.10.12 16:59:48 | 000,000,000 | ---D | C] -- C:\Users\scary\Documents\ArmA 2 Other Profiles [2012.10.12 16:05:19 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\DayZCommander [2012.10.12 16:03:59 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\ArmA 2 OA [2012.10.12 16:00:56 | 000,000,000 | ---D | C] -- C:\Users\scary\Documents\ArmA 2 [2012.10.12 16:00:56 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\ArmA 2 [2012.10.12 16:00:52 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive [2012.10.12 16:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive [2012.10.12 00:35:37 | 000,000,000 | --SD | C] -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2012.10.12 00:35:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2012.10.11 17:20:58 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Fatshark [2012.10.11 17:20:49 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2012.10.11 17:20:49 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2012.10.11 17:20:49 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2012.10.11 17:20:49 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2012.10.11 17:20:47 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2012.10.11 17:20:47 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2012.10.11 16:34:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab [2012.10.11 16:34:11 | 000,000,000 | ---D | C] -- C:\Users\scary\SystemRequirementsLab [2012.10.11 13:01:35 | 000,000,000 | ---D | C] -- C:\Users\scary\Documents\LOLReplay [2012.10.11 00:27:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LOLReplay [2012.10.10 17:21:30 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\Windows Live [2012.10.10 17:20:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2012.10.10 16:47:52 | 000,000,000 | ---D | C] -- C:\Users\scary\Documents\TechArts3D [2012.10.10 16:14:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\scary [2012.10.10 16:14:23 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HamaS1 [2012.10.10 16:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HamaS1 [2012.10.10 14:29:15 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\TS3Client [2012.10.10 08:33:05 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\SYSTEMAX Software Development [2012.10.10 08:33:05 | 000,000,000 | ---D | C] -- C:\ProgramData\SYSTEMAX Software Development [2012.10.10 06:11:52 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2012.10.10 06:11:52 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2012.10.10 06:11:49 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2012.10.10 04:40:59 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\LolClient [2012.10.10 04:39:47 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2012.10.10 04:39:47 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2012.10.10 04:39:47 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2012.10.10 04:39:47 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2012.10.10 04:39:47 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2012.10.10 04:39:47 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2012.10.10 04:39:46 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll [2012.10.10 04:39:46 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2012.10.10 04:39:46 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2012.10.10 04:39:46 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2012.10.10 04:39:46 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2012.10.10 04:39:46 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2012.10.10 04:39:46 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll [2012.10.10 04:39:46 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2012.10.10 04:39:45 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2012.10.10 04:39:45 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2012.10.10 04:39:45 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2012.10.10 04:39:45 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2012.10.10 04:39:45 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2012.10.10 04:39:45 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2012.10.10 04:39:44 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2012.10.10 04:39:44 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2012.10.10 04:39:44 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2012.10.10 04:39:44 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2012.10.10 04:39:43 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll [2012.10.10 04:39:43 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2012.10.10 04:39:41 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll [2012.10.10 04:39:41 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll [2012.10.10 04:39:40 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2012.10.10 04:39:40 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2012.10.10 04:39:38 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2012.10.10 04:39:38 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2012.10.10 04:39:38 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2012.10.10 04:39:38 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2012.10.10 04:39:37 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2012.10.10 04:39:37 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2012.10.10 04:39:36 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2012.10.10 04:39:36 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2012.10.10 04:39:34 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2012.10.10 04:39:34 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll [2012.10.10 04:39:34 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2012.10.10 04:39:34 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll [2012.10.10 04:39:33 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2012.10.10 04:39:33 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2012.10.10 04:39:31 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2012.10.10 04:39:31 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2012.10.10 04:39:31 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2012.10.10 04:39:31 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2012.10.10 04:39:29 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2012.10.10 04:39:29 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2012.10.10 04:39:29 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2012.10.10 04:39:29 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2012.10.10 04:39:25 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2012.10.10 04:39:25 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2012.10.10 04:39:25 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2012.10.10 04:39:25 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2012.10.10 04:39:23 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2012.10.10 04:39:23 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2012.10.10 04:39:23 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2012.10.10 04:39:23 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2012.10.10 04:39:20 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2012.10.10 04:39:20 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2012.10.10 04:39:20 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2012.10.10 04:39:20 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2012.10.10 04:39:17 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2012.10.10 04:39:17 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2012.10.10 04:39:16 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2012.10.10 04:39:16 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2012.10.10 04:39:16 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2012.10.10 04:39:13 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2012.10.10 04:39:13 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2012.10.10 04:39:13 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2012.10.10 04:39:13 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2012.10.10 04:39:11 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2012.10.10 04:39:11 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2012.10.10 04:39:10 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2012.10.10 04:39:10 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2012.10.10 04:39:07 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2012.10.10 04:39:07 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2012.10.10 04:39:07 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2012.10.10 04:39:07 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2012.10.10 04:39:04 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2012.10.10 04:39:04 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2012.10.10 04:39:02 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2012.10.10 04:39:02 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2012.10.10 04:38:54 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2012.10.10 04:38:54 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2012.10.10 04:38:53 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2012.10.10 04:38:53 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2012.10.10 04:38:52 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2012.10.10 04:38:52 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2012.10.10 04:38:52 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2012.10.10 04:38:52 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2012.10.10 04:38:52 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2012.10.10 04:38:52 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2012.10.10 04:38:49 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2012.10.10 04:38:49 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2012.10.10 04:38:46 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2012.10.10 04:38:46 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2012.10.10 04:38:46 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2012.10.10 04:38:46 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2012.10.10 04:38:44 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2012.10.10 04:38:44 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2012.10.10 04:38:42 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2012.10.10 04:38:42 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2012.10.10 04:38:41 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2012.10.10 04:38:41 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2012.10.10 04:38:41 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2012.10.10 04:38:41 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2012.10.10 04:38:40 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2012.10.10 04:38:40 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2012.10.10 04:38:37 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2012.10.10 04:38:37 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2012.10.10 04:38:37 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2012.10.10 04:38:37 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2012.10.10 04:38:35 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2012.10.10 04:38:35 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2012.10.10 04:38:35 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2012.10.10 04:38:35 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2012.10.10 04:38:34 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2012.10.10 04:38:34 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2012.10.10 04:38:33 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2012.10.10 04:38:33 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2012.10.10 04:38:32 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2012.10.10 04:38:32 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2012.10.10 04:38:32 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2012.10.10 04:38:32 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2012.10.10 04:38:32 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2012.10.10 04:38:32 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2012.10.10 04:38:30 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2012.10.10 04:38:30 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2012.10.10 04:38:28 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2012.10.10 04:38:28 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2012.10.10 04:38:25 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2012.10.10 04:38:25 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2012.10.10 04:38:24 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2012.10.10 04:38:24 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2012.10.10 04:38:24 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2012.10.10 04:38:24 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2012.10.10 04:38:19 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2012.10.10 04:38:19 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2012.10.10 04:38:19 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2012.10.10 04:38:19 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2012.10.10 04:38:18 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2012.10.10 04:38:18 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2012.10.10 04:38:16 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2012.10.10 04:38:16 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2012.10.10 04:38:16 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2012.10.10 04:38:16 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2012.10.10 04:38:13 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2012.10.10 04:38:13 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2012.10.10 04:38:11 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2012.10.10 04:38:11 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2012.10.10 04:38:07 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2012.10.10 04:38:07 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2012.10.10 04:38:00 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2012.10.10 04:38:00 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2012.10.10 04:37:57 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2012.10.10 04:37:57 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2012.10.10 04:37:57 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2012.10.10 04:37:57 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2012.10.10 04:37:56 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2012.10.10 04:37:56 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2012.10.10 04:37:56 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2012.10.10 04:37:56 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2012.10.10 04:37:55 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2012.10.10 04:37:55 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2012.10.10 04:37:54 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2012.10.10 04:37:54 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2012.10.10 04:37:53 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2012.10.10 04:37:53 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2012.10.10 04:37:52 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2012.10.10 04:37:52 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2012.10.10 04:31:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2012.10.10 04:25:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2012.10.10 04:05:01 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\NVIDIA [2012.10.10 03:45:09 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\PMB Files [2012.10.10 03:45:08 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2012.10.10 03:44:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2012.10.10 03:13:45 | 001,250,816 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viahduaa.sys [2012.10.10 03:13:45 | 001,011,712 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIAPropPageExt.dll [2012.10.10 03:13:45 | 000,601,088 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\VMAPO64.DLL [2012.10.10 03:13:45 | 000,531,968 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIASysFx.dll [2012.10.10 03:13:45 | 000,524,288 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\VMAPO32.DLL [2012.10.10 03:13:45 | 000,242,176 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\Dts2APO.dll [2012.10.10 03:13:45 | 000,193,024 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\ViaMicArrayAPO.dll [2012.10.10 03:13:45 | 000,086,016 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll [2012.10.10 03:13:45 | 000,084,992 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\Dts2PropPageExt.dll [2012.10.10 03:13:45 | 000,082,432 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll [2012.10.10 03:13:45 | 000,076,288 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaMicArrayPropPageExt.dll [2012.10.10 03:13:45 | 000,072,704 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\VMWRP64.DLL [2012.10.10 03:13:45 | 000,057,856 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\VMPPLD64.DLL [2012.10.10 03:13:45 | 000,053,760 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\VMPPCN64.DLL [2012.10.10 03:13:19 | 000,414,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll [2012.10.10 03:13:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA [2012.10.10 03:13:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2012.10.10 03:08:26 | 000,236,544 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2012.10.10 03:08:26 | 000,097,792 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll [2012.10.10 03:08:26 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2012.10.10 03:08:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2012.10.10 02:37:28 | 000,016,440 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\drivers\AtiPcie.sys [2012.10.10 02:35:42 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012.10.10 02:35:02 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012.10.10 02:34:35 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2012.10.10 02:34:35 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2012.10.10 02:34:24 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe [2012.10.10 02:34:20 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012.10.10 02:34:20 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012.10.10 02:34:19 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2012.10.10 02:34:17 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys [2012.10.10 02:33:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2012.10.10 02:33:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client [2012.10.10 02:32:17 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll [2012.10.10 02:32:17 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll [2012.10.10 02:32:17 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll [2012.10.10 02:32:17 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll [2012.10.10 02:32:17 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll [2012.10.10 02:32:17 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll [2012.10.10 02:32:17 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe [2012.10.10 02:32:17 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe [2012.10.10 02:32:17 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll [2012.10.10 02:32:16 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll [2012.10.10 02:32:16 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll [2012.10.10 02:32:16 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll [2012.10.10 02:32:16 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll [2012.10.10 01:52:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2012.10.10 01:52:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2012.10.10 01:49:59 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll [2012.10.10 01:49:59 | 000,048,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll [2012.10.10 01:49:54 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll [2012.10.10 01:49:52 | 003,715,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2012.10.10 01:49:52 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys [2012.10.10 01:49:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2012.10.10 01:49:51 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2012.10.10 01:49:50 | 003,215,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2012.10.10 01:49:48 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll [2012.10.10 01:49:48 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll [2012.10.10 01:49:46 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pmcsnap.dll [2012.10.10 01:49:45 | 014,633,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll [2012.10.10 01:49:44 | 004,120,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll [2012.10.10 01:49:44 | 003,205,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmcndmgr.dll [2012.10.10 01:49:44 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll [2012.10.10 01:49:44 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe [2012.10.10 01:49:43 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xpsservices.dll [2012.10.10 01:49:43 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll [2012.10.10 01:49:43 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll [2012.10.10 01:49:43 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe [2012.10.10 01:49:42 | 001,219,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll [2012.10.10 01:49:42 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll [2012.10.10 01:49:42 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe [2012.10.10 01:49:42 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe [2012.10.10 01:49:42 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ppcsnap.dll [2012.10.10 01:49:42 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PushPrinterConnections.exe [2012.10.10 01:49:41 | 002,086,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll [2012.10.10 01:49:41 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizui.dll [2012.10.10 01:49:40 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2012.10.10 01:49:40 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2012.10.10 01:49:40 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RacEngn.dll [2012.10.10 01:49:40 | 001,340,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diagperf.dll [2012.10.10 01:49:40 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll [2012.10.10 01:49:39 | 001,753,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vssapi.dll [2012.10.10 01:49:39 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll [2012.10.10 01:49:39 | 001,326,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NaturalLanguage6.dll [2012.10.10 01:49:38 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll [2012.10.10 01:49:38 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll [2012.10.10 01:49:38 | 000,299,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcupdate_GenuineIntel.dll [2012.10.10 01:49:37 | 003,027,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVCORE.DLL [2012.10.10 01:49:37 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe [2012.10.10 01:49:37 | 000,109,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll [2012.10.10 01:49:37 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll [2012.10.10 01:49:36 | 003,957,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSAT.exe [2012.10.10 01:49:36 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll [2012.10.10 01:49:36 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2012.10.10 01:49:36 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spinstall.exe [2012.10.10 01:49:36 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe [2012.10.10 01:49:36 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spreview.exe [2012.10.10 01:49:36 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpdd.dll [2012.10.10 01:49:35 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d9.dll [2012.10.10 01:49:35 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RacEngn.dll [2012.10.10 01:49:35 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll [2012.10.10 01:49:34 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuthFWSnapin.dll [2012.10.10 01:49:34 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuthFWSnapin.dll [2012.10.10 01:49:34 | 003,391,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbgeng.dll [2012.10.10 01:49:34 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll [2012.10.10 01:49:32 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll [2012.10.10 01:49:32 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll [2012.10.10 01:49:32 | 000,784,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gpprefcl.dll [2012.10.10 01:49:32 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll [2012.10.10 01:49:31 | 001,244,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2fs.dll [2012.10.10 01:49:31 | 001,116,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2012.10.10 01:49:31 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2012.10.10 01:49:31 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netlogon.dll [2012.10.10 01:49:30 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2012.10.10 01:49:30 | 001,900,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupapi.dll [2012.10.10 01:49:30 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll [2012.10.10 01:49:30 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll [2012.10.10 01:49:30 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PushPrinterConnections.exe [2012.10.10 01:49:29 | 001,281,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\werconcpl.dll [2012.10.10 01:49:29 | 001,049,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2012.10.10 01:49:29 | 001,008,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll [2012.10.10 01:49:29 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2012.10.10 01:49:29 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2012.10.10 01:49:28 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certmgr.dll [2012.10.10 01:49:28 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll [2012.10.10 01:49:28 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceApi.dll [2012.10.10 01:49:28 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll [2012.10.10 01:49:28 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll [2012.10.10 01:49:28 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll [2012.10.10 01:49:28 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsmf.dll [2012.10.10 01:49:28 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2012.10.10 01:49:28 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll [2012.10.10 01:49:27 | 002,652,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netshell.dll [2012.10.10 01:49:27 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdtctm.dll [2012.10.10 01:49:27 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2012.10.10 01:49:27 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2012.10.10 01:49:27 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll [2012.10.10 01:49:27 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcfgx.dll [2012.10.10 01:49:27 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appmgr.dll [2012.10.10 01:49:27 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shlwapi.dll [2012.10.10 01:49:27 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe [2012.10.10 01:49:27 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ws2_32.dll [2012.10.10 01:49:27 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedynos.dll [2012.10.10 01:49:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpmonui.dll [2012.10.10 01:49:26 | 002,543,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdshext.dll [2012.10.10 01:49:26 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Query.dll [2012.10.10 01:49:26 | 000,897,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroles.dll [2012.10.10 01:49:26 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2012.10.10 01:49:26 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll [2012.10.10 01:49:26 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comdlg32.dll [2012.10.10 01:49:26 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpps.dll [2012.10.10 01:49:26 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drvstore.dll [2012.10.10 01:49:26 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsm.exe [2012.10.10 01:49:26 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apphelp.dll [2012.10.10 01:49:26 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2012.10.10 01:49:26 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsmf.dll [2012.10.10 01:49:26 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3api.dll [2012.10.10 01:49:25 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbgeng.dll [2012.10.10 01:49:25 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Vault.dll [2012.10.10 01:49:25 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll [2012.10.10 01:49:25 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpksetup.exe [2012.10.10 01:49:25 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmd.exe [2012.10.10 01:49:25 | 000,281,600 | ---- | C] (Microsoft) -- C:\Windows\SysNative\DShowRdpFilter.dll [2012.10.10 01:49:25 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QAGENT.DLL [2012.10.10 01:49:24 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2012.10.10 01:49:24 | 001,190,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2012.10.10 01:49:24 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gpprefcl.dll [2012.10.10 01:49:24 | 000,582,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sxs.dll [2012.10.10 01:49:24 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2012.10.10 01:49:24 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcfgx.dll [2012.10.10 01:49:24 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscobj.dll [2012.10.10 01:49:24 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpclip.exe [2012.10.10 01:49:23 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmcndmgr.dll [2012.10.10 01:49:23 | 001,808,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pnidui.dll [2012.10.10 01:49:23 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ipsmsnap.dll [2012.10.10 01:49:23 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll [2012.10.10 01:49:23 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfds.dll [2012.10.10 01:49:23 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll [2012.10.10 01:49:23 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcbuilder.exe [2012.10.10 01:49:23 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\DShowRdpFilter.dll [2012.10.10 01:49:23 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgprint.dll [2012.10.10 01:49:23 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll [2012.10.10 01:49:22 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2012.10.10 01:49:22 | 001,158,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webservices.dll [2012.10.10 01:49:22 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlsrv32.dll [2012.10.10 01:49:22 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2fs.dll [2012.10.10 01:49:22 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll [2012.10.10 01:49:22 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll [2012.10.10 01:49:22 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll [2012.10.10 01:49:22 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mcbuilder.exe [2012.10.10 01:49:22 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prncache.dll [2012.10.10 01:49:22 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp.dll [2012.10.10 01:49:22 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3api.dll [2012.10.10 01:49:22 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll [2012.10.10 01:49:21 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xpsservices.dll [2012.10.10 01:49:21 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certmgr.dll [2012.10.10 01:49:21 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanpref.dll [2012.10.10 01:49:21 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMNetMgr.dll [2012.10.10 01:49:21 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcmde.dll [2012.10.10 01:49:21 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll [2012.10.10 01:49:21 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\photowiz.dll [2012.10.10 01:49:21 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvstore.dll [2012.10.10 01:49:21 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe [2012.10.10 01:49:21 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\framedyn.dll [2012.10.10 01:49:21 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnike.dll [2012.10.10 01:49:21 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userenv.dll [2012.10.10 01:49:20 | 002,262,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncCenter.dll [2012.10.10 01:49:20 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPEncEn.dll [2012.10.10 01:49:20 | 001,082,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppobjs.dll [2012.10.10 01:49:20 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll [2012.10.10 01:49:20 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpeffects.dll [2012.10.10 01:49:20 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSATAPI.dll [2012.10.10 01:49:20 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll [2012.10.10 01:49:20 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll [2012.10.10 01:49:20 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmd.exe [2012.10.10 01:49:20 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll [2012.10.10 01:49:20 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2012.10.10 01:49:20 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmicsvc.exe [2012.10.10 01:49:20 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedynos.dll [2012.10.10 01:49:20 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tscfgwmi.dll [2012.10.10 01:49:20 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fde.dll [2012.10.10 01:49:19 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroles.dll [2012.10.10 01:49:19 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localsec.dll [2012.10.10 01:49:19 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\biocpl.dll [2012.10.10 01:49:19 | 000,503,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imapi2.dll [2012.10.10 01:49:19 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscui.dll [2012.10.10 01:49:19 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appmgr.dll [2012.10.10 01:49:19 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netdiagfx.dll [2012.10.10 01:49:19 | 000,298,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcryptprimitives.dll [2012.10.10 01:49:19 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfds.dll [2012.10.10 01:49:19 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\stobject.dll [2012.10.10 01:49:19 | 000,253,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tcpipcfg.dll [2012.10.10 01:49:19 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spp.dll [2012.10.10 01:49:19 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSHVHOST.DLL [2012.10.10 01:49:19 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll [2012.10.10 01:49:19 | 000,166,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetpp.dll [2012.10.10 01:49:19 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netid.dll [2012.10.10 01:49:19 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll [2012.10.10 01:49:19 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2012.10.10 01:49:19 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp.dll [2012.10.10 01:49:19 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll [2012.10.10 01:49:18 | 002,755,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themeui.dll [2012.10.10 01:49:18 | 002,746,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2012.10.10 01:49:18 | 001,050,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\printui.dll [2012.10.10 01:49:18 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mspbda.dll [2012.10.10 01:49:18 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PhotoScreensaver.scr [2012.10.10 01:49:18 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msinfo32.exe [2012.10.10 01:49:18 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scansetting.dll [2012.10.10 01:49:17 | 000,934,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FirewallControlPanel.dll [2012.10.10 01:49:17 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dbghelp.dll [2012.10.10 01:49:17 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll [2012.10.10 01:49:17 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AdmTmpl.dll [2012.10.10 01:49:17 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll [2012.10.10 01:49:17 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winspool.drv [2012.10.10 01:49:17 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wisptis.exe [2012.10.10 01:49:17 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wusa.exe [2012.10.10 01:49:17 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2012.10.10 01:49:17 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PkgMgr.exe [2012.10.10 01:49:17 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2012.10.10 01:49:17 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll [2012.10.10 01:49:17 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IPHLPAPI.DLL [2012.10.10 01:49:17 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\basecsp.dll [2012.10.10 01:49:17 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aitagent.exe [2012.10.10 01:49:16 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll [2012.10.10 01:49:16 | 000,418,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppwinob.dll [2012.10.10 01:49:16 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WinSATAPI.dll [2012.10.10 01:49:16 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll [2012.10.10 01:49:16 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetup.exe [2012.10.10 01:49:15 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll [2012.10.10 01:49:15 | 002,494,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netshell.dll [2012.10.10 01:49:15 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mmsys.cpl [2012.10.10 01:49:15 | 000,780,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll [2012.10.10 01:49:15 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlsrv32.dll [2012.10.10 01:49:15 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\calc.exe [2012.10.10 01:49:15 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXP.dll [2012.10.10 01:49:15 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapp3hst.dll [2012.10.10 01:49:15 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eapphost.dll [2012.10.10 01:49:15 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll [2012.10.10 01:49:15 | 000,263,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hal.dll [2012.10.10 01:49:15 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprapi.dll [2012.10.10 01:49:15 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ocsetapi.dll [2012.10.10 01:49:15 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll [2012.10.10 01:49:15 | 000,128,000 | ---- | C] (Microsoft) -- C:\Windows\SysNative\Robocopy.exe [2012.10.10 01:49:15 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\thumbcache.dll [2012.10.10 01:49:15 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys [2012.10.10 01:49:14 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll [2012.10.10 01:49:14 | 001,457,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DxpTaskSync.dll [2012.10.10 01:49:14 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSMPEG2ENC.DLL [2012.10.10 01:49:14 | 000,932,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\printui.dll [2012.10.10 01:49:14 | 000,675,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DXPTaskRingtone.dll [2012.10.10 01:49:14 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PerfCenterCPL.dll [2012.10.10 01:49:14 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrptadm.dll [2012.10.10 01:49:14 | 000,429,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\puiobj.dll [2012.10.10 01:49:14 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll [2012.10.10 01:49:14 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onex.dll [2012.10.10 01:49:14 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scecli.dll [2012.10.10 01:49:14 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys [2012.10.10 01:49:14 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2012.10.10 01:49:14 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmredir.dll [2012.10.10 01:49:14 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prncache.dll [2012.10.10 01:49:14 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll [2012.10.10 01:49:13 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcenter.dll [2012.10.10 01:49:13 | 001,363,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdc.dll [2012.10.10 01:49:13 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdengin2.dll [2012.10.10 01:49:13 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll [2012.10.10 01:49:13 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VAN.dll [2012.10.10 01:49:13 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll [2012.10.10 01:49:13 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlangpui.dll [2012.10.10 01:49:13 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiadefui.dll [2012.10.10 01:49:13 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll [2012.10.10 01:49:13 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVol.exe [2012.10.10 01:49:13 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scansetting.dll [2012.10.10 01:49:13 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dskquoui.dll [2012.10.10 01:49:13 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\net1.exe [2012.10.10 01:49:13 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll [2012.10.10 01:49:13 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samcli.dll [2012.10.10 01:49:13 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll [2012.10.10 01:49:12 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SyncCenter.dll [2012.10.10 01:49:12 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pnidui.dll [2012.10.10 01:49:12 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webservices.dll [2012.10.10 01:49:12 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appwiz.cpl [2012.10.10 01:49:12 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TabletPC.cpl [2012.10.10 01:49:12 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll [2012.10.10 01:49:12 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrptadm.dll [2012.10.10 01:49:12 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll [2012.10.10 01:49:12 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlangpui.dll [2012.10.10 01:49:12 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srchadmin.dll [2012.10.10 01:49:12 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hgcpl.dll [2012.10.10 01:49:12 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msconfig.exe [2012.10.10 01:49:12 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe [2012.10.10 01:49:12 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netdiagfx.dll [2012.10.10 01:49:12 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netiohlp.dll [2012.10.10 01:49:12 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSHVHOST.DLL [2012.10.10 01:49:12 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscobj.dll [2012.10.10 01:49:12 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2012.10.10 01:49:12 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fde.dll [2012.10.10 01:49:12 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2012.10.10 01:49:12 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll [2012.10.10 01:49:12 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QUTIL.DLL [2012.10.10 01:49:12 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\regapi.dll [2012.10.10 01:49:12 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setupcl.exe [2012.10.10 01:49:12 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2012.10.10 01:49:12 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll [2012.10.10 01:49:12 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mimefilt.dll [2012.10.10 01:49:11 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2012.10.10 01:49:11 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPEG2ENC.DLL [2012.10.10 01:49:11 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayCpl.dll [2012.10.10 01:49:11 | 000,633,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched20.dll [2012.10.10 01:49:11 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DXPTaskRingtone.dll [2012.10.10 01:49:11 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercpl.dll [2012.10.10 01:49:11 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imapi2.dll [2012.10.10 01:49:11 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxclu.dll [2012.10.10 01:49:11 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clusapi.dll [2012.10.10 01:49:11 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onex.dll [2012.10.10 01:49:11 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logoncli.dll [2012.10.10 01:49:11 | 000,166,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\basecsp.dll [2012.10.10 01:49:11 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscmmc.dll [2012.10.10 01:49:11 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdeploy.dll [2012.10.10 01:49:11 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RpcRtRemote.dll [2012.10.10 01:49:11 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsmproxy.dll [2012.10.10 01:49:11 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2012.10.10 01:49:10 | 002,250,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SensorsCpl.dll [2012.10.10 01:49:10 | 002,193,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themecpl.dll [2012.10.10 01:49:10 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPEncEn.dll [2012.10.10 01:49:10 | 001,264,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdclt.exe [2012.10.10 01:49:10 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Narrator.exe [2012.10.10 01:49:10 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoconv.exe [2012.10.10 01:49:10 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autochk.exe [2012.10.10 01:49:10 | 000,763,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autofmt.exe [2012.10.10 01:49:10 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoconv.exe [2012.10.10 01:49:10 | 000,668,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autochk.exe [2012.10.10 01:49:10 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autofmt.exe [2012.10.10 01:49:10 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll [2012.10.10 01:49:10 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll [2012.10.10 01:49:10 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshipsec.dll [2012.10.10 01:49:10 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercpl.dll [2012.10.10 01:49:10 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ipsmsnap.dll [2012.10.10 01:49:10 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eudcedit.exe [2012.10.10 01:49:10 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sharemediacpl.dll [2012.10.10 01:49:10 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Faultrep.dll [2012.10.10 01:49:10 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinfo32.exe [2012.10.10 01:49:10 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\srchadmin.dll [2012.10.10 01:49:10 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppcomapi.dll [2012.10.10 01:49:10 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapphost.dll [2012.10.10 01:49:10 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\framedyn.dll [2012.10.10 01:49:10 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netjoin.dll [2012.10.10 01:49:10 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tcpipcfg.dll [2012.10.10 01:49:10 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe [2012.10.10 01:49:10 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdsrv.dll [2012.10.10 01:49:10 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msutb.dll [2012.10.10 01:49:10 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll [2012.10.10 01:49:10 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll [2012.10.10 01:49:10 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shsetup.dll [2012.10.10 01:49:10 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe [2012.10.10 01:49:10 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll [2012.10.10 01:49:10 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nci.dll [2012.10.10 01:49:10 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\regapi.dll [2012.10.10 01:49:10 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hbaapi.dll [2012.10.10 01:49:10 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll [2012.10.10 01:49:10 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpnikeapi.dll [2012.10.10 01:49:10 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\proquota.exe [2012.10.10 01:49:09 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanpref.dll [2012.10.10 01:49:09 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdc.dll [2012.10.10 01:49:09 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DiagCpl.dll [2012.10.10 01:49:09 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Display.dll [2012.10.10 01:49:09 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll [2012.10.10 01:49:09 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mblctr.exe [2012.10.10 01:49:09 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Vault.dll [2012.10.10 01:49:09 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmiEngine.dll [2012.10.10 01:49:09 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mmsys.cpl [2012.10.10 01:49:09 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontext.dll [2012.10.10 01:49:09 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\batmeter.dll [2012.10.10 01:49:09 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AuxiliaryDisplayCpl.dll [2012.10.10 01:49:09 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usercpl.dll [2012.10.10 01:49:09 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll [2012.10.10 01:49:09 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanui.dll [2012.10.10 01:49:09 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll [2012.10.10 01:49:09 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\untfs.dll [2012.10.10 01:49:09 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll [2012.10.10 01:49:09 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll [2012.10.10 01:49:09 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpsrcwp.dll [2012.10.10 01:49:09 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanconn.dll [2012.10.10 01:49:09 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mprddm.dll [2012.10.10 01:49:09 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QAGENT.DLL [2012.10.10 01:49:09 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys [2012.10.10 01:49:09 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prntvpt.dll [2012.10.10 01:49:09 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll [2012.10.10 01:49:09 | 000,154,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll [2012.10.10 01:49:09 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netid.dll [2012.10.10 01:49:09 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\Robocopy.exe [2012.10.10 01:49:09 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nci.dll [2012.10.10 01:49:09 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys [2012.10.10 01:49:09 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll [2012.10.10 01:49:08 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bootres.dll [2012.10.10 01:49:08 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DxpTaskSync.dll [2012.10.10 01:49:08 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Display.dll [2012.10.10 01:49:08 | 000,812,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpccpl.dll [2012.10.10 01:49:08 | 000,433,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MCEWMDRMNDBootstrap.dll [2012.10.10 01:49:08 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prnfldr.dll [2012.10.10 01:49:08 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\untfs.dll [2012.10.10 01:49:08 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\termmgr.dll [2012.10.10 01:49:08 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\puiobj.dll [2012.10.10 01:49:08 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxclu.dll [2012.10.10 01:49:08 | 000,300,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll [2012.10.10 01:49:08 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eudcedit.exe [2012.10.10 01:49:08 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxdiagn.dll [2012.10.10 01:49:08 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSAC3ENC.DLL [2012.10.10 01:49:08 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskmgr.exe [2012.10.10 01:49:08 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksproxy.ax [2012.10.10 01:49:08 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskmgr.exe [2012.10.10 01:49:08 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SndVolSSO.dll [2012.10.10 01:49:08 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rasppp.dll [2012.10.10 01:49:08 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2012.10.10 01:49:08 | 000,155,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys [2012.10.10 01:49:08 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2012.10.10 01:49:08 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDShServiceObj.dll [2012.10.10 01:49:08 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSTPager.ax [2012.10.10 01:49:08 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hbaapi.dll [2012.10.10 01:49:08 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3cfg.dll [2012.10.10 01:49:08 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\winhv.sys [2012.10.10 01:49:08 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\proquota.exe [2012.10.10 01:49:08 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\userinit.exe [2012.10.10 01:49:07 | 003,745,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\accessibilitycpl.dll [2012.10.10 01:49:07 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SensorsCpl.dll [2012.10.10 01:49:07 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\themecpl.dll [2012.10.10 01:49:07 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FirewallControlPanel.dll [2012.10.10 01:49:07 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sud.dll [2012.10.10 01:49:07 | 000,649,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appwiz.cpl [2012.10.10 01:49:07 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiadefui.dll [2012.10.10 01:49:07 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoScreensaver.scr [2012.10.10 01:49:07 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\zipfldr.dll [2012.10.10 01:49:07 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slui.exe [2012.10.10 01:49:07 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll [2012.10.10 01:49:07 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\hgcpl.dll [2012.10.10 01:49:07 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\defaultlocationcpl.dll [2012.10.10 01:49:07 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL [2012.10.10 01:49:07 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppcomapi.dll [2012.10.10 01:49:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rasppp.dll [2012.10.10 01:49:07 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scecli.dll [2012.10.10 01:49:07 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll [2012.10.10 01:49:07 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logoncli.dll [2012.10.10 01:49:07 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shsetup.dll [2012.10.10 01:49:07 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscmmc.dll [2012.10.10 01:49:07 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\userinit.exe [2012.10.10 01:49:06 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkmap.dll [2012.10.10 01:49:06 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcenter.dll [2012.10.10 01:49:06 | 001,065,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll [2012.10.10 01:49:06 | 000,898,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OobeFldr.dll [2012.10.10 01:49:06 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontext.dll [2012.10.10 01:49:06 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenter.dll [2012.10.10 01:49:06 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\batmeter.dll [2012.10.10 01:49:06 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VAN.dll [2012.10.10 01:49:06 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PerfCenterCPL.dll [2012.10.10 01:49:06 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\usercpl.dll [2012.10.10 01:49:06 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll [2012.10.10 01:49:06 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceCenter.dll [2012.10.10 01:49:06 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localsec.dll [2012.10.10 01:49:06 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanui.dll [2012.10.10 01:49:06 | 000,373,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\intl.cpl [2012.10.10 01:49:06 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdedit.exe [2012.10.10 01:49:06 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVol.exe [2012.10.10 01:49:06 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprddm.dll [2012.10.10 01:49:06 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskbarcpl.dll [2012.10.10 01:49:06 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OnLineIDCpl.dll [2012.10.10 01:49:06 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SndVolSSO.dll [2012.10.10 01:49:06 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twext.dll [2012.10.10 01:49:06 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prntvpt.dll [2012.10.10 01:49:06 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll [2012.10.10 01:49:05 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\accessibilitycpl.dll [2012.10.10 01:49:05 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\networkmap.dll [2012.10.10 01:49:05 | 001,003,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll [2012.10.10 01:49:05 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sdcpl.dll [2012.10.10 01:49:05 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sud.dll [2012.10.10 01:49:05 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenter.dll [2012.10.10 01:49:05 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bthprops.cpl [2012.10.10 01:49:05 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsuiext.dll [2012.10.10 01:49:05 | 000,549,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionCenterCPL.dll [2012.10.10 01:49:05 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\main.cpl [2012.10.10 01:49:05 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\azroleui.dll [2012.10.10 01:49:05 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll [2012.10.10 01:49:05 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shwebsvc.dll [2012.10.10 01:49:05 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizeng.dll [2012.10.10 01:49:05 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll [2012.10.10 01:49:05 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlanmsm.dll [2012.10.10 01:49:05 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prnfldr.dll [2012.10.10 01:49:05 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizeng.dll [2012.10.10 01:49:05 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MediaMetadataHandler.dll [2012.10.10 01:49:05 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll [2012.10.10 01:49:05 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wusa.exe [2012.10.10 01:49:05 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\azroleui.dll [2012.10.10 01:49:05 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MCEWMDRMNDBootstrap.dll [2012.10.10 01:49:05 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\efscore.dll [2012.10.10 01:49:05 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll [2012.10.10 01:49:05 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFPlay.dll [2012.10.10 01:49:05 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recdisc.exe [2012.10.10 01:49:05 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSAC3ENC.DLL [2012.10.10 01:49:05 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OnLineIDCpl.dll [2012.10.10 01:49:05 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysclass.dll [2012.10.10 01:49:05 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syncui.dll [2012.10.10 01:49:05 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VBICodec.ax [2012.10.10 01:49:05 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netplwiz.dll Geändert von Olaf-S (29.10.2012 um 16:36 Uhr) |
|
29.10.2012, 16:31
| #14 |
| | PUP.Blabbers / searchplusnetwork.com Teil 2/2 Code:
ATTFilter [2012.10.10 01:49:05 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adsldp.dll [2012.10.10 01:49:05 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll [2012.10.10 01:49:05 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netjoin.dll [2012.10.10 01:49:05 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\autoplay.dll [2012.10.10 01:49:05 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxlib.dll [2012.10.10 01:49:05 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\recovery.dll [2012.10.10 01:49:05 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AuxiliaryDisplayServices.dll [2012.10.10 01:49:05 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cca.dll [2012.10.10 01:49:05 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\isoburn.exe [2012.10.10 01:49:05 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w32tm.exe [2012.10.10 01:49:05 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptui.dll [2012.10.10 01:49:05 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ksxbar.ax [2012.10.10 01:49:05 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fdeploy.dll [2012.10.10 01:49:05 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tzutil.exe [2012.10.10 01:49:05 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpapi.dll [2012.10.10 01:49:05 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sisbkup.dll [2012.10.10 01:49:04 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OobeFldr.dll [2012.10.10 01:49:04 | 000,781,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll [2012.10.10 01:49:04 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll [2012.10.10 01:49:04 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll [2012.10.10 01:49:04 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bthprops.cpl [2012.10.10 01:49:04 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll [2012.10.10 01:49:04 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll [2012.10.10 01:49:04 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ActionCenterCPL.dll [2012.10.10 01:49:04 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll [2012.10.10 01:49:04 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DeviceCenter.dll [2012.10.10 01:49:04 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sysmon.ocx [2012.10.10 01:49:04 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqlcese30.dll [2012.10.10 01:49:04 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shwebsvc.dll [2012.10.10 01:49:04 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\termmgr.dll [2012.10.10 01:49:04 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\systemcpl.dll [2012.10.10 01:49:04 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysmon.ocx [2012.10.10 01:49:04 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\intl.cpl [2012.10.10 01:49:04 | 000,344,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntprint.dll [2012.10.10 01:49:04 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ssText3d.scr [2012.10.10 01:49:04 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp [2012.10.10 01:49:04 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ReAgent.dll [2012.10.10 01:49:04 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntprint.dll [2012.10.10 01:49:04 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\photowiz.dll [2012.10.10 01:49:04 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iTVData.dll [2012.10.10 01:49:04 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iprtrmgr.dll [2012.10.10 01:49:04 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sethc.exe [2012.10.10 01:49:04 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iprtrmgr.dll [2012.10.10 01:49:04 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srrstr.dll [2012.10.10 01:49:04 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sethc.exe [2012.10.10 01:49:04 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MediaMetadataHandler.dll [2012.10.10 01:49:04 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wavemsp.dll [2012.10.10 01:49:04 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DevicePairingFolder.dll [2012.10.10 01:49:04 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\defaultlocationcpl.dll [2012.10.10 01:49:04 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\efscore.dll [2012.10.10 01:49:04 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dskquoui.dll [2012.10.10 01:49:04 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksproxy.ax [2012.10.10 01:49:04 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll [2012.10.10 01:49:04 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcdboot.exe [2012.10.10 01:49:04 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powercfg.cpl [2012.10.10 01:49:04 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syncui.dll [2012.10.10 01:49:04 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll [2012.10.10 01:49:04 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifsutil.dll [2012.10.10 01:49:04 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\autoplay.dll [2012.10.10 01:49:04 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPHLPR.DLL [2012.10.10 01:49:04 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntlanman.dll [2012.10.10 01:49:04 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srvcli.dll [2012.10.10 01:49:04 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nslookup.exe [2012.10.10 01:49:04 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPHLPR.DLL [2012.10.10 01:49:04 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppnp.dll [2012.10.10 01:49:04 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UserAccountControlSettings.dll [2012.10.10 01:49:04 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3cfg.dll [2012.10.10 01:49:04 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSTPager.ax [2012.10.10 01:49:04 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpd3d.dll [2012.10.10 01:49:04 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acppage.dll [2012.10.10 01:49:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2012.10.10 01:49:04 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2012.10.10 01:49:04 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ftp.exe [2012.10.10 01:49:04 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sisbkup.dll [2012.10.10 01:49:04 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll [2012.10.10 01:49:03 | 001,911,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OpcServices.dll [2012.10.10 01:49:03 | 001,672,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\networkexplorer.dll [2012.10.10 01:49:03 | 000,899,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Bubbles.scr [2012.10.10 01:49:03 | 000,840,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll [2012.10.10 01:49:03 | 000,685,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsuiext.dll [2012.10.10 01:49:03 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmdev.dll [2012.10.10 01:49:03 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfrgui.exe [2012.10.10 01:49:03 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wvc.dll [2012.10.10 01:49:03 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll [2012.10.10 01:49:03 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfrgui.exe [2012.10.10 01:49:03 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc.dll [2012.10.10 01:49:03 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AdmTmpl.dll [2012.10.10 01:49:03 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll [2012.10.10 01:49:03 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimgapi.dll [2012.10.10 01:49:03 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpdxm.dll [2012.10.10 01:49:03 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshipsec.dll [2012.10.10 01:49:03 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3ui.dll [2012.10.10 01:49:03 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsqmcons.exe [2012.10.10 01:49:03 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdm.tsp [2012.10.10 01:49:03 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2012.10.10 01:49:03 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpx.dll [2012.10.10 01:49:03 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgent.dll [2012.10.10 01:49:03 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wavemsp.dll [2012.10.10 01:49:03 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSCard.dll [2012.10.10 01:49:03 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PkgMgr.exe [2012.10.10 01:49:03 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstask.dll [2012.10.10 01:49:03 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qasf.dll [2012.10.10 01:49:03 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll [2012.10.10 01:49:03 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\activeds.dll [2012.10.10 01:49:03 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetup.exe [2012.10.10 01:49:03 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qcap.dll [2012.10.10 01:49:03 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2012.10.10 01:49:03 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpsrcwp.dll [2012.10.10 01:49:03 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationSettings.exe [2012.10.10 01:49:03 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netplwiz.dll [2012.10.10 01:49:03 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll [2012.10.10 01:49:03 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\remotepg.dll [2012.10.10 01:49:03 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\net1.exe [2012.10.10 01:49:03 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twext.dll [2012.10.10 01:49:03 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupugc.exe [2012.10.10 01:49:03 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kstvtune.ax [2012.10.10 01:49:03 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\migisol.dll [2012.10.10 01:49:03 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabinet.dll [2012.10.10 01:49:03 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll [2012.10.10 01:49:03 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapistub.dll [2012.10.10 01:49:03 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mapi32.dll [2012.10.10 01:49:03 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\isoburn.exe [2012.10.10 01:49:03 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unimdmat.dll [2012.10.10 01:49:03 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wkscli.dll [2012.10.10 01:49:03 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsnmp32.dll [2012.10.10 01:49:03 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll [2012.10.10 01:49:03 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ftp.exe [2012.10.10 01:49:03 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tzutil.exe [2012.10.10 01:49:03 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\httpapi.dll [2012.10.10 01:49:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WerFaultSecure.exe [2012.10.10 01:49:03 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe [2012.10.10 01:49:02 | 001,232,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMADMOD.DLL [2012.10.10 01:49:02 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\onexui.dll [2012.10.10 01:49:02 | 001,087,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dbghelp.dll [2012.10.10 01:49:02 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVSDECD.DLL [2012.10.10 01:49:02 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSAPI.dll [2012.10.10 01:49:02 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll [2012.10.10 01:49:02 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll [2012.10.10 01:49:02 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\main.cpl [2012.10.10 01:49:02 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll [2012.10.10 01:49:02 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nltest.exe [2012.10.10 01:49:02 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskraid.exe [2012.10.10 01:49:02 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\raschap.dll [2012.10.10 01:49:02 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wimserv.exe [2012.10.10 01:49:02 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll [2012.10.10 01:49:02 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll [2012.10.10 01:49:02 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsAnytimeUpgradeResults.exe [2012.10.10 01:49:02 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ssText3d.scr [2012.10.10 01:49:02 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskraid.exe [2012.10.10 01:49:02 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qasf.dll [2012.10.10 01:49:02 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mystify.scr [2012.10.10 01:49:02 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Ribbons.scr [2012.10.10 01:49:02 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstask.dll [2012.10.10 01:49:02 | 000,232,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsadmin.exe [2012.10.10 01:49:02 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clusapi.dll [2012.10.10 01:49:02 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpencom.dll [2012.10.10 01:49:02 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iTVData.dll [2012.10.10 01:49:02 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpdwcn.dll [2012.10.10 01:49:02 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ActionQueue.dll [2012.10.10 01:49:02 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DevicePairingFolder.dll [2012.10.10 01:49:02 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxdiagn.dll [2012.10.10 01:49:02 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll [2012.10.10 01:49:02 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wpdwcn.dll [2012.10.10 01:49:02 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsbas.dll [2012.10.10 01:49:02 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpencom.dll [2012.10.10 01:49:02 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifsutil.dll [2012.10.10 01:49:02 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ocsetapi.dll [2012.10.10 01:49:02 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perfmon.exe [2012.10.10 01:49:02 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vdsbas.dll [2012.10.10 01:49:02 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfmon.exe [2012.10.10 01:49:02 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\remotepg.dll [2012.10.10 01:49:02 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MdSched.exe [2012.10.10 01:49:02 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys [2012.10.10 01:49:02 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Kswdmcap.ax [2012.10.10 01:49:02 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpshell.dll [2012.10.10 01:49:02 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wiavideo.dll [2012.10.10 01:49:02 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll [2012.10.10 01:49:02 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\uxlib.dll [2012.10.10 01:49:02 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nslookup.exe [2012.10.10 01:49:02 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe [2012.10.10 01:49:02 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll [2012.10.10 01:49:02 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QUTIL.DLL [2012.10.10 01:49:02 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UserAccountControlSettings.dll [2012.10.10 01:49:02 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tlscsp.dll [2012.10.10 01:49:02 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe [2012.10.10 01:49:02 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\umb.dll [2012.10.10 01:49:02 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\runonce.exe [2012.10.10 01:49:02 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\runonce.exe [2012.10.10 01:49:02 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NAPCRYPT.DLL [2012.10.10 01:49:02 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PrintIsolationProxy.dll [2012.10.10 01:49:02 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NAPCRYPT.DLL [2012.10.10 01:49:02 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\acppage.dll [2012.10.10 01:49:02 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsium.dll [2012.10.10 01:49:02 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AzSqlExt.dll [2012.10.10 01:49:02 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netutils.dll [2012.10.10 01:49:02 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vpnikeapi.dll [2012.10.10 01:49:02 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\syssetup.dll [2012.10.10 01:49:02 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\muifontsetup.dll [2012.10.10 01:49:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll [2012.10.10 01:49:01 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\OpcServices.dll [2012.10.10 01:49:01 | 001,148,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10.IME [2012.10.10 01:49:01 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL [2012.10.10 01:49:01 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMADMOD.DLL [2012.10.10 01:49:01 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Bubbles.scr [2012.10.10 01:49:01 | 000,681,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2012.10.10 01:49:01 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVSDECD.DLL [2012.10.10 01:49:01 | 000,527,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmnet.dll [2012.10.10 01:49:01 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmdev.dll [2012.10.10 01:49:01 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmnet.dll [2012.10.10 01:49:01 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceStatus.dll [2012.10.10 01:49:01 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WPDSp.dll [2012.10.10 01:49:01 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceStatus.dll [2012.10.10 01:49:01 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2012.10.10 01:49:01 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WPDSp.dll [2012.10.10 01:49:01 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll [2012.10.10 01:49:01 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2012.10.10 01:49:01 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3ui.dll [2012.10.10 01:49:01 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqlcese30.dll [2012.10.10 01:49:01 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdv.dll [2012.10.10 01:49:01 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll [2012.10.10 01:49:01 | 000,250,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdv.dll [2012.10.10 01:49:01 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eapp3hst.dll [2012.10.10 01:49:01 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll [2012.10.10 01:49:01 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe [2012.10.10 01:49:01 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PortableDeviceSyncProvider.dll [2012.10.10 01:49:01 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mystify.scr [2012.10.10 01:49:01 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Ribbons.scr [2012.10.10 01:49:01 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsadmin.exe [2012.10.10 01:49:01 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceSyncProvider.dll [2012.10.10 01:49:01 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qcap.dll [2012.10.10 01:49:01 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFPlay.dll [2012.10.10 01:49:01 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mprapi.dll [2012.10.10 01:49:01 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VBICodec.ax [2012.10.10 01:49:01 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EhStorAPI.dll [2012.10.10 01:49:01 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\powercfg.cpl [2012.10.10 01:49:01 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CscMig.dll [2012.10.10 01:49:01 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shacct.dll [2012.10.10 01:49:01 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\desk.cpl [2012.10.10 01:49:01 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QSVRMGMT.DLL [2012.10.10 01:49:01 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll [2012.10.10 01:49:01 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll [2012.10.10 01:49:01 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fphc.dll [2012.10.10 01:49:01 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dot3msm.dll [2012.10.10 01:49:01 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wiavideo.dll [2012.10.10 01:49:01 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shacct.dll [2012.10.10 01:49:01 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Kswdmcap.ax [2012.10.10 01:49:01 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpshell.dll [2012.10.10 01:49:01 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logman.exe [2012.10.10 01:49:01 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppinst.dll [2012.10.10 01:49:01 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QSVRMGMT.DLL [2012.10.10 01:49:01 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fphc.dll [2012.10.10 01:49:01 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cmstp.exe [2012.10.10 01:49:01 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll [2012.10.10 01:49:01 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\amstream.dll [2012.10.10 01:49:01 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll [2012.10.10 01:49:01 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kstvtune.ax [2012.10.10 01:49:01 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logman.exe [2012.10.10 01:49:01 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\QCLIPROV.DLL [2012.10.10 01:49:01 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tabcal.exe [2012.10.10 01:49:01 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spbcd.dll [2012.10.10 01:49:01 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\olethk32.dll [2012.10.10 01:49:01 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mapistub.dll [2012.10.10 01:49:01 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\QCLIPROV.DLL [2012.10.10 01:49:01 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertPolEng.dll [2012.10.10 01:49:01 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\takeown.exe [2012.10.10 01:49:01 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PnPUnattend.exe [2012.10.10 01:49:01 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WavDest.dll [2012.10.10 01:49:01 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vss_ps.dll [2012.10.10 01:49:01 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\djoin.exe [2012.10.10 01:49:01 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptui.dll [2012.10.10 01:49:01 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unimdmat.dll [2012.10.10 01:49:01 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpd3d.dll [2012.10.10 01:49:01 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmictimeprovider.dll [2012.10.10 01:49:01 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\takeown.exe [2012.10.10 01:49:01 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscapi.dll [2012.10.10 01:49:01 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shimgvw.dll [2012.10.10 01:49:01 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2012.10.10 01:49:01 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\utildll.dll [2012.10.10 01:49:01 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsium.dll [2012.10.10 01:49:01 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\HotStartUserAgent.dll [2012.10.10 01:49:01 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lsmproxy.dll [2012.10.10 01:49:01 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nrpsrv.dll [2012.10.10 01:49:00 | 001,080,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\onexui.dll [2012.10.10 01:49:00 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10.IME [2012.10.10 01:49:00 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL [2012.10.10 01:49:00 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSTIFF.dll [2012.10.10 01:49:00 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe [2012.10.10 01:49:00 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe [2012.10.10 01:49:00 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe [2012.10.10 01:49:00 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe [2012.10.10 01:49:00 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\itircl.dll [2012.10.10 01:49:00 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msorcl32.dll [2012.10.10 01:49:00 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\diskpart.exe [2012.10.10 01:49:00 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\itircl.dll [2012.10.10 01:49:00 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iscsicli.exe [2012.10.10 01:49:00 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sppc.dll [2012.10.10 01:49:00 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iscsicli.exe [2012.10.10 01:49:00 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpps.dll [2012.10.10 01:49:00 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mydocs.dll [2012.10.10 01:49:00 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mydocs.dll [2012.10.10 01:49:00 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\diskpart.exe [2012.10.10 01:49:00 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\desk.cpl [2012.10.10 01:49:00 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setupcln.dll [2012.10.10 01:49:00 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\eappgnui.dll [2012.10.10 01:49:00 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dot3msm.dll [2012.10.10 01:49:00 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mobsync.exe [2012.10.10 01:49:00 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\eappgnui.dll [2012.10.10 01:49:00 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll [2012.10.10 01:49:00 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll [2012.10.10 01:49:00 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmstp.exe [2012.10.10 01:49:00 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fdProxy.dll [2012.10.10 01:49:00 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\resutils.dll [2012.10.10 01:49:00 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\findstr.exe [2012.10.10 01:49:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MuiUnattend.exe [2012.10.10 01:49:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amstream.dll [2012.10.10 01:49:00 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tlscsp.dll [2012.10.10 01:49:00 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastapi.dll [2012.10.10 01:49:00 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cca.dll [2012.10.10 01:49:00 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertPolEng.dll [2012.10.10 01:49:00 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\findstr.exe [2012.10.10 01:49:00 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spbcd.dll [2012.10.10 01:49:00 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\g711codc.ax [2012.10.10 01:49:00 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vfwwdm32.dll [2012.10.10 01:49:00 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsnmp32.dll [2012.10.10 01:49:00 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MultiDigiMon.exe [2012.10.10 01:49:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\luainstall.dll [2012.10.10 01:49:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ksxbar.ax [2012.10.10 01:49:00 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wkscli.dll [2012.10.10 01:49:00 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdhui.dll [2012.10.10 01:49:00 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbisurf.ax [2012.10.10 01:49:00 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\relog.exe [2012.10.10 01:49:00 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciqtz32.dll [2012.10.10 01:49:00 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\relog.exe [2012.10.10 01:49:00 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\choice.exe [2012.10.10 01:49:00 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdmo.dll [2012.10.10 01:49:00 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe [2012.10.10 01:49:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WerFaultSecure.exe [2012.10.10 01:49:00 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AzSqlExt.dll [2012.10.10 01:49:00 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qprocess.exe [2012.10.10 01:49:00 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiougc.exe [2012.10.10 01:49:00 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netbtugc.exe [2012.10.10 01:49:00 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ReAgentc.exe [2012.10.10 01:49:00 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\syssetup.dll [2012.10.10 01:49:00 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BWUnpairElevated.dll [2012.10.10 01:49:00 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sscore.dll [2012.10.10 01:48:59 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll [2012.10.10 01:48:59 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll [2012.10.10 01:48:59 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RDPENCDD.dll [2012.10.10 01:48:59 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sppc.dll [2012.10.10 01:48:59 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mobsync.exe [2012.10.10 01:48:59 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll [2012.10.10 01:48:59 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\manage-bde.exe [2012.10.10 01:48:59 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\napdsnap.dll [2012.10.10 01:48:59 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\napdsnap.dll [2012.10.10 01:48:59 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetmib1.dll [2012.10.10 01:48:59 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmicres.dll [2012.10.10 01:48:59 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbcconf.dll [2012.10.10 01:48:59 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetmib1.dll [2012.10.10 01:48:59 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\repair-bde.exe [2012.10.10 01:48:59 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\g711codc.ax [2012.10.10 01:48:59 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2012.10.10 01:48:59 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmbusres.dll [2012.10.10 01:48:59 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\luainstall.dll [2012.10.10 01:48:59 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSMON.dll [2012.10.10 01:48:59 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcconf.dll [2012.10.10 01:48:59 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmstorfltres.dll [2012.10.10 01:48:59 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dsauth.dll [2012.10.10 01:48:59 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdiasqmmodule.dll [2012.10.10 01:48:59 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciqtz32.dll [2012.10.10 01:48:59 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shimgvw.dll [2012.10.10 01:48:59 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unlodctr.exe [2012.10.10 01:48:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbisurf.ax [2012.10.10 01:48:59 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys [2012.10.10 01:48:59 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdmo.dll [2012.10.10 01:48:59 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dsauth.dll [2012.10.10 01:48:59 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscdll.dll [2012.10.10 01:48:59 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll [2012.10.10 01:48:59 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\LogonUI.exe [2012.10.10 01:48:59 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys [2012.10.10 01:48:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elsTrans.dll [2012.10.10 01:48:59 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bitsperf.dll [2012.10.10 01:48:59 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schedcli.dll [2012.10.10 01:48:59 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chgport.exe [2012.10.10 01:48:59 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tskill.exe [2012.10.10 01:48:59 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdprefdrvapi.dll [2012.10.10 01:48:59 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qappsrv.exe [2012.10.10 01:48:59 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tscon.exe [2012.10.10 01:48:59 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elsTrans.dll [2012.10.10 01:48:59 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chglogon.exe [2012.10.10 01:48:59 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsdiscon.exe [2012.10.10 01:48:59 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TRAPI.dll [2012.10.10 01:48:59 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TRAPI.dll [2012.10.10 01:48:59 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shadow.exe [2012.10.10 01:48:59 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rwinsta.exe [2012.10.10 01:48:59 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdprefdrvapi.dll [2012.10.10 01:48:59 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\logoff.exe [2012.10.10 01:48:59 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\chgusr.exe [2012.10.10 01:48:59 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spopk.dll [2012.10.10 01:48:59 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bitsperf.dll [2012.10.10 01:48:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spopk.dll [2012.10.10 01:48:59 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSUNATD.exe [2012.10.10 01:48:59 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fixmapi.exe [2012.10.10 01:48:59 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schedcli.dll [2012.10.10 01:48:59 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\perfts.dll [2012.10.10 01:48:59 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\reset.exe [2012.10.10 01:48:59 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\change.exe [2012.10.10 01:48:59 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\query.exe [2012.10.10 01:48:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\muifontsetup.dll [2012.10.10 01:48:58 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imkr80.ime [2012.10.10 01:48:58 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imkr80.ime [2012.10.10 01:48:58 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VmbusCoinstaller.dll [2012.10.10 01:48:58 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VmdCoinstall.dll [2012.10.10 01:48:58 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IcCoinstall.dll [2012.10.10 01:48:58 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys [2012.10.10 01:48:58 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shgina.dll [2012.10.10 01:48:58 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wsdchngr.dll [2012.10.10 01:48:58 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsdchngr.dll [2012.10.10 01:48:58 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\shgina.dll [2012.10.10 01:48:58 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmbuspipe.dll [2012.10.10 01:48:58 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshirda.dll [2012.10.10 01:48:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\C_ISCII.DLL [2012.10.10 01:48:58 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshirda.dll [2012.10.10 01:48:58 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shunimpl.dll [2012.10.10 01:48:58 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\C_ISCII.DLL [2012.10.10 01:48:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\riched32.dll [2012.10.10 01:48:58 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcfgex.dll [2012.10.10 01:48:58 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll [2012.10.10 01:48:58 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll [2012.10.10 01:48:58 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\riched32.dll [2012.10.10 01:48:58 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll [2012.10.10 01:48:58 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTUF.DLL [2012.10.10 01:48:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTUF.DLL [2012.10.10 01:48:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDSG.DLL [2012.10.10 01:48:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDSF.DLL [2012.10.10 01:48:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDPO.DLL [2012.10.10 01:48:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbdlk41a.dll [2012.10.10 01:48:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx [2012.10.10 01:48:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll [2012.10.10 01:48:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx [2012.10.10 01:48:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll [2012.10.10 01:48:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-ums-l1-1-0.dll [2012.10.10 01:48:57 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL [2012.10.10 01:48:57 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL [2012.10.10 01:48:57 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlsbres.dll [2012.10.10 01:48:57 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nlsbres.dll [2012.10.10 01:48:57 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\BlbEvents.dll [2012.10.10 01:48:57 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pifmgr.dll [2012.10.10 01:48:57 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pifmgr.dll [2012.10.10 01:48:57 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTUQ.DLL [2012.10.10 01:48:57 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDSG.DLL [2012.10.10 01:48:57 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kbdlk41a.dll [2012.10.10 01:48:57 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGKL.DLL [2012.10.10 01:48:57 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDCZ1.DLL [2012.10.10 01:48:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwizres.dll [2012.10.10 01:48:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwizres.dll [2012.10.10 01:48:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTUQ.DLL [2012.10.10 01:48:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDNEPR.DLL [2012.10.10 01:48:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTAM.DLL [2012.10.10 01:48:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINBEN.DLL [2012.10.10 01:48:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGR1.DLL [2012.10.10 01:48:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGR1.DLL [2012.10.10 01:48:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGKL.DLL [2012.10.10 01:48:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDCZ1.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDUS.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDUGHR1.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTURME.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAJIK.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDSF.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDPO.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDNEPR.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDMON.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDMAORI.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDLT1.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINTEL.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTAM.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINORI.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINORI.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINMAR.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINMAR.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINKAN.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINKAN.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINHIN.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDINHIN.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINBEN.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBULG.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBLR.DLL [2012.10.10 01:48:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL [2012.10.10 01:48:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDUS.DLL [2012.10.10 01:48:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDUGHR1.DLL [2012.10.10 01:48:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTURME.DLL [2012.10.10 01:48:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAJIK.DLL [2012.10.10 01:48:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDMON.DLL [2012.10.10 01:48:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDMAORI.DLL [2012.10.10 01:48:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDLT1.DLL [2012.10.10 01:48:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDINTEL.DLL [2012.10.10 01:48:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDGEO.DLL [2012.10.10 01:48:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDGEO.DLL [2012.10.10 01:48:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBULG.DLL [2012.10.10 01:48:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBLR.DLL [2012.10.10 01:48:57 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL [2012.10.10 01:48:57 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnaddr.dll [2012.10.10 01:48:57 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnaddr.dll [2012.10.10 01:48:53 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpx.dll [2012.10.10 01:48:53 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wdscore.dll [2012.10.10 01:48:50 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sqmapi.dll [2012.10.10 01:48:10 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wbemcomn.dll [2012.10.10 01:48:09 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sqmapi.dll [2012.10.10 01:45:46 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2012.10.10 01:45:46 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2012.10.10 01:45:46 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2012.10.10 01:45:46 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2012.10.10 01:45:45 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012.10.10 01:45:45 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2012.10.10 01:45:45 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2012.10.10 01:45:45 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2012.10.10 01:45:45 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2012.10.10 01:45:45 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2012.10.10 01:45:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2012.10.10 01:45:45 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2012.10.10 01:45:45 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2012.10.10 01:45:45 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2012.10.10 01:45:45 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2012.10.10 01:45:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2012.10.10 01:45:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2012.10.10 01:45:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2012.10.10 01:45:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2012.10.10 01:45:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2012.10.10 01:45:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2012.10.10 01:45:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2012.10.10 01:45:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.10.10 01:45:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2012.10.10 01:45:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2012.10.10 01:45:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2012.10.10 01:45:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2012.10.10 01:45:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2012.10.10 01:45:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2012.10.10 01:45:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2012.10.10 01:45:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2012.10.10 01:45:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2012.10.10 01:45:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2012.10.10 01:45:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2012.10.10 01:45:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.10.10 01:45:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2012.10.10 01:45:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2012.10.10 01:45:44 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2012.10.10 01:45:44 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2012.10.10 01:45:44 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2012.10.10 01:45:44 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2012.10.10 01:45:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2012.10.10 01:45:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2012.10.10 01:45:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2012.10.10 01:45:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2012.10.10 01:45:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2012.10.10 01:45:35 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll [2012.10.10 01:45:35 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll [2012.10.10 01:45:35 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2012.10.10 01:45:35 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2012.10.10 01:45:34 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe [2012.10.10 01:45:34 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe [2012.10.10 01:45:34 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2012.10.10 01:45:24 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll [2012.10.10 01:45:13 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll [2012.10.10 01:45:08 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2012.10.10 01:45:08 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2012.10.10 01:45:07 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2012.10.10 01:45:07 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2012.10.10 01:45:06 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2012.10.10 01:45:06 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2012.10.10 01:45:03 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2012.10.10 01:45:03 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2012.10.10 01:45:00 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\profprov.dll [2012.10.10 01:44:59 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2012.10.10 01:44:58 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll [2012.10.10 01:44:57 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2012.10.10 01:44:56 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl [2012.10.10 01:44:56 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl [2012.10.10 01:44:55 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2012.10.10 01:39:57 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Avira [2012.10.10 01:34:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.10.10 01:34:30 | 000,129,576 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.10.10 01:34:30 | 000,099,248 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.10.10 01:34:30 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.10.10 01:34:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.10.10 01:34:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2012.10.10 01:31:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe [2012.10.10 01:31:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe [2012.10.10 01:30:14 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll [2012.10.10 01:30:14 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe [2012.10.10 01:26:35 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2012.10.10 01:26:35 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe [2012.10.10 01:26:34 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2012.10.10 01:20:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012.10.10 00:57:43 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2012.10.10 00:55:41 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Dropbox [2012.10.10 00:51:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2012.10.10 00:51:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2012.10.10 00:47:25 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2012.10.10 00:41:25 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2012.10.10 00:41:01 | 006,198,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2012.10.10 00:41:01 | 003,266,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2012.10.10 00:41:01 | 002,557,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2012.10.10 00:41:01 | 000,118,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2012.10.10 00:41:01 | 000,063,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2012.10.10 00:40:46 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2012.10.10 00:40:46 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2012.10.10 00:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012.10.10 00:40:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2012.10.10 00:40:18 | 026,228,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2012.10.10 00:40:18 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2012.10.10 00:40:18 | 019,828,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2012.10.10 00:40:18 | 018,229,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2012.10.10 00:40:18 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2012.10.10 00:40:18 | 015,291,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2012.10.10 00:40:18 | 014,879,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2012.10.10 00:40:18 | 012,465,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2012.10.10 00:40:18 | 009,066,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2012.10.10 00:40:18 | 007,626,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2012.10.10 00:40:18 | 007,397,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll [2012.10.10 00:40:18 | 006,109,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll [2012.10.10 00:40:18 | 002,745,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2012.10.10 00:40:18 | 002,725,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2012.10.10 00:40:18 | 002,573,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2012.10.10 00:40:18 | 002,422,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2012.10.10 00:40:18 | 002,216,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2012.10.10 00:40:18 | 001,866,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2012.10.10 00:40:18 | 001,760,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll [2012.10.10 00:40:18 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll [2012.10.10 00:40:18 | 001,472,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll [2012.10.10 00:40:18 | 000,971,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll [2012.10.10 00:40:18 | 000,830,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll [2012.10.10 00:40:18 | 000,247,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll [2012.10.10 00:40:18 | 000,202,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll [2012.10.10 00:40:18 | 000,189,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys [2012.10.10 00:40:18 | 000,031,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll [2012.10.10 00:40:10 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe [2012.10.10 00:39:45 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012.10.10 00:38:37 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\.minecraft [2012.10.10 00:37:58 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2012.10.10 00:37:58 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2012.10.10 00:37:58 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.10.10 00:37:58 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.10.10 00:37:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.10.10 00:37:58 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.10.10 00:37:58 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.10.10 00:37:58 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.10.10 00:37:58 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.10.10 00:37:58 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2012.10.10 00:37:58 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2012.10.10 00:37:58 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2012.10.10 00:37:58 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2012.10.10 00:37:58 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2012.10.10 00:37:58 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2012.10.10 00:37:58 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2012.10.10 00:37:58 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.10.10 00:37:58 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.10.10 00:37:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.10.10 00:37:58 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2012.10.10 00:37:58 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2012.10.10 00:37:58 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2012.10.10 00:37:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.10.10 00:37:58 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.10.10 00:37:58 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2012.10.10 00:37:58 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2012.10.10 00:37:58 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2012.10.10 00:37:58 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2012.10.10 00:37:58 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2012.10.10 00:37:58 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2012.10.10 00:37:58 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2012.10.10 00:37:58 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2012.10.10 00:37:58 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2012.10.10 00:37:58 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012.10.10 00:37:58 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.10.10 00:37:58 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2012.10.10 00:37:58 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2012.10.10 00:37:58 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2012.10.10 00:37:58 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2012.10.10 00:37:58 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2012.10.10 00:37:58 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2012.10.10 00:37:58 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2012.10.10 00:37:58 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2012.10.10 00:37:58 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2012.10.10 00:37:58 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.10.10 00:37:58 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2012.10.10 00:37:58 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2012.10.10 00:37:58 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2012.10.10 00:37:58 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2012.10.10 00:37:58 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2012.10.10 00:37:58 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2012.10.10 00:37:58 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2012.10.10 00:37:58 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2012.10.10 00:37:58 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2012.10.10 00:37:58 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2012.10.10 00:37:58 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2012.10.10 00:37:58 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2012.10.10 00:37:58 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.10.10 00:37:58 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2012.10.10 00:37:58 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2012.10.10 00:37:58 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2012.10.10 00:37:58 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2012.10.10 00:37:58 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2012.10.10 00:37:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2012.10.10 00:37:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2012.10.10 00:37:58 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2012.10.10 00:37:58 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2012.10.10 00:37:58 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012.10.10 00:37:58 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2012.10.10 00:37:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2012.10.10 00:37:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2012.10.10 00:37:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2012.10.10 00:35:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012.10.10 00:35:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.10.10 00:35:24 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012.10.10 00:35:24 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2012.10.10 00:35:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012.10.10 00:28:59 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2012.10.10 00:28:59 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys [2012.10.10 00:28:39 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Macromedia [2012.10.10 00:28:39 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\Macromedia [2012.10.10 00:28:39 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Adobe [2012.10.10 00:27:46 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.10.10 00:27:46 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.10.10 00:27:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2012.10.10 00:27:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2012.10.10 00:26:18 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2012.10.10 00:26:18 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2012.10.10 00:26:18 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2012.10.10 00:25:52 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe [2012.10.10 00:25:52 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe [2012.10.10 00:25:50 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2012.10.10 00:25:49 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll [2012.10.10 00:25:43 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe [2012.10.10 00:25:43 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cfgmgr32.dll [2012.10.10 00:25:43 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll [2012.10.10 00:25:41 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll [2012.10.10 00:25:41 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll [2012.10.10 00:25:36 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll [2012.10.10 00:25:36 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012.10.10 00:25:27 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012.10.10 00:25:27 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012.10.10 00:25:25 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2012.10.10 00:25:25 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2012.10.10 00:25:22 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012.10.10 00:24:23 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012.10.10 00:24:22 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.10.10 00:24:21 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.10.10 00:24:21 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.10.10 00:24:18 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2012.10.10 00:24:18 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2012.10.10 00:24:18 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2012.10.10 00:24:18 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2012.10.10 00:24:15 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2012.10.10 00:24:15 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll [2012.10.10 00:24:09 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2012.10.10 00:24:09 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2012.10.10 00:24:08 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2012.10.10 00:24:07 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2012.10.10 00:24:07 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2012.10.10 00:24:07 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2012.10.10 00:24:07 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2012.10.10 00:24:07 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2012.10.10 00:24:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012.10.10 00:24:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012.10.10 00:23:59 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012.10.10 00:23:58 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012.10.10 00:23:57 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.10.10 00:23:57 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012.10.10 00:23:57 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012.10.10 00:23:57 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012.10.10 00:23:54 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2012.10.10 00:23:54 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2012.10.10 00:23:54 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2012.10.10 00:23:54 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2012.10.10 00:23:54 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll [2012.10.10 00:23:54 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2012.10.10 00:23:54 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2012.10.10 00:23:54 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2012.10.10 00:23:51 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2012.10.10 00:23:48 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll [2012.10.10 00:23:48 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll [2012.10.10 00:23:48 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax [2012.10.10 00:23:48 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax [2012.10.10 00:23:48 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax [2012.10.10 00:23:48 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Mpeg2Data.ax [2012.10.10 00:23:48 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax [2012.10.10 00:23:48 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSDvbNP.ax [2012.10.10 00:23:48 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mpeg2Data.ax [2012.10.10 00:23:48 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax [2012.10.10 00:23:47 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2012.10.10 00:23:47 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2012.10.10 00:23:47 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2012.10.10 00:23:47 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2012.10.10 00:23:47 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2012.10.10 00:23:47 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2012.10.10 00:23:46 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll [2012.10.10 00:23:46 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll [2012.10.10 00:23:46 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll [2012.10.10 00:23:46 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll [2012.10.10 00:23:46 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll [2012.10.10 00:23:46 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll [2012.10.10 00:23:46 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll [2012.10.10 00:23:46 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll [2012.10.10 00:23:46 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll [2012.10.10 00:23:45 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\vlc [2012.10.10 00:23:44 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WFS.exe [2012.10.10 00:23:44 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2012.10.10 00:23:42 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll [2012.10.10 00:23:42 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll [2012.10.10 00:23:42 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll [2012.10.10 00:23:39 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll [2012.10.10 00:23:39 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll [2012.10.10 00:23:39 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe [2012.10.10 00:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.10.10 00:22:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2012.10.10 00:22:37 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012.10.10 00:22:36 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012.10.10 00:20:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012.10.10 00:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2012.10.10 00:18:31 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012.10.10 00:15:53 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2012.10.10 00:15:53 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2012.10.10 00:10:45 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Mozilla [2012.10.10 00:10:45 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\Mozilla [2012.10.10 00:10:40 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012.10.10 00:10:40 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012.10.10 00:10:40 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012.10.10 00:10:33 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012.10.10 00:10:33 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012.10.10 00:10:33 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012.10.10 00:10:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012.10.10 00:10:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.10.10 00:10:27 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012.10.10 00:10:27 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012.10.09 23:55:57 | 000,000,000 | R--D | C] -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.10.09 23:55:57 | 000,000,000 | R--D | C] -- C:\Users\scary\Searches [2012.10.09 23:55:57 | 000,000,000 | R--D | C] -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.10.09 23:55:48 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Identities [2012.10.09 23:55:45 | 000,000,000 | R--D | C] -- C:\Users\scary\Contacts [2012.10.09 23:55:44 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\VirtualStore [2012.10.09 23:55:29 | 000,000,000 | --SD | C] -- C:\Users\scary\AppData\Roaming\Microsoft [2012.10.09 23:55:29 | 000,000,000 | RHSD | C] -- C:\Users\scary\Documents\Eigene Videos [2012.10.09 23:55:29 | 000,000,000 | RHSD | C] -- C:\Users\scary\Documents\Eigene Musik [2012.10.09 23:55:29 | 000,000,000 | RHSD | C] -- C:\Users\scary\Documents\Eigene Bilder [2012.10.09 23:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\Videos [2012.10.09 23:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\Saved Games [2012.10.09 23:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\Pictures [2012.10.09 23:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\Music [2012.10.09 23:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.10.09 23:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\Links [2012.10.09 23:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\Favorites [2012.10.09 23:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\Downloads [2012.10.09 23:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\Documents [2012.10.09 23:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\Desktop [2012.10.09 23:55:29 | 000,000,000 | R--D | C] -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.10.09 23:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\Vorlagen [2012.10.09 23:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\AppData\Local\Verlauf [2012.10.09 23:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\AppData\Local\Temporary Internet Files [2012.10.09 23:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\Startmenü [2012.10.09 23:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\SendTo [2012.10.09 23:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\Recent [2012.10.09 23:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\Netzwerkumgebung [2012.10.09 23:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\Lokale Einstellungen [2012.10.09 23:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\Eigene Dateien [2012.10.09 23:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\Druckumgebung [2012.10.09 23:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\Cookies [2012.10.09 23:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\AppData\Local\Anwendungsdaten [2012.10.09 23:55:29 | 000,000,000 | -HSD | C] -- C:\Users\scary\Anwendungsdaten [2012.10.09 23:55:29 | 000,000,000 | -H-D | C] -- C:\Users\scary\AppData [2012.10.09 23:55:29 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\Temp [2012.10.09 23:55:29 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Local\Microsoft [2012.10.09 23:55:29 | 000,000,000 | ---D | C] -- C:\Users\scary\AppData\Roaming\Media Center Programs [2012.10.09 23:55:21 | 000,000,000 | -HSD | C] -- C:\Recovery [2012.10.09 23:55:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.10.09 23:55:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.10.09 23:55:20 | 000,000,000 | -HSD | C] -- C:\Programme [2012.10.09 23:55:20 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2012.10.09 23:55:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.10.09 23:55:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2012.10.09 23:55:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2012.10.09 23:55:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2012.10.09 23:55:20 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2012.10.09 23:55:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.10.09 23:55:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.10.09 23:51:10 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012.10.09 23:48:37 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012.10.09 23:48:11 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012.10.09 20:27:47 | 000,000,000 | ---D | C] -- C:\Users\scary\Documents\Downloads [2012.10.09 20:20:28 | 000,000,000 | R--D | C] -- C:\Users\scary\Documents\My Dropbox ========== Files - Modified Within 30 Days ========== [2012.10.29 15:54:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\scary\Desktop\OTL.exe [2012.10.29 15:47:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.29 11:38:36 | 000,014,368 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.29 11:38:36 | 000,014,368 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.29 11:37:08 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.10.29 11:37:08 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.10.29 11:37:08 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.10.29 11:37:08 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.10.29 11:37:08 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.10.29 11:31:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.29 11:30:54 | 2146,934,783 | -HS- | M] () -- C:\hiberfil.sys [2012.10.28 17:27:23 | 000,538,941 | ---- | M] () -- C:\Users\scary\Desktop\adwcleaner.exe [2012.10.28 14:41:59 | 002,213,464 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\scary\Desktop\tdsskiller.exe [2012.10.28 14:40:47 | 000,000,512 | ---- | M] () -- C:\Users\scary\Desktop\MBR.dat [2012.10.28 14:25:19 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\scary\Desktop\aswMBR.exe [2012.10.27 12:24:36 | 000,000,000 | ---- | M] () -- C:\Users\scary\defogger_reenable [2012.10.27 12:22:48 | 000,050,477 | ---- | M] () -- C:\Users\scary\Desktop\Defogger.exe [2012.10.25 23:26:33 | 000,002,236 | ---- | M] () -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk [2012.10.25 23:26:33 | 000,000,043 | ---- | M] () -- C:\END [2012.10.13 15:02:24 | 000,292,776 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.10.11 00:27:51 | 000,001,997 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk [2012.10.10 19:04:22 | 000,000,020 | ---- | M] () -- C:\Windows\8÷Ú [2012.10.10 17:27:13 | 000,000,020 | ---- | M] () -- C:\Windows\ÜöÊ [2012.10.10 03:19:03 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.10.10 03:08:03 | 000,236,544 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2012.10.10 03:08:03 | 000,097,792 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll [2012.10.10 03:08:03 | 000,067,584 | ---- | M] () -- C:\Windows\SysNative\RtNicProp64.dll [2012.10.10 02:12:55 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll [2012.10.10 02:12:55 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll [2012.10.10 00:58:00 | 000,001,047 | ---- | M] () -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.10.10 00:37:58 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2012.10.10 00:37:58 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2012.10.10 00:37:58 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.10.10 00:37:58 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.10.10 00:37:58 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.10.10 00:37:58 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.10.10 00:37:58 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.10.10 00:37:58 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.10.10 00:37:58 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.10.10 00:37:58 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2012.10.10 00:37:58 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2012.10.10 00:37:58 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2012.10.10 00:37:58 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2012.10.10 00:37:58 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2012.10.10 00:37:58 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2012.10.10 00:37:58 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2012.10.10 00:37:58 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.10.10 00:37:58 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.10.10 00:37:58 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.10.10 00:37:58 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2012.10.10 00:37:58 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2012.10.10 00:37:58 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2012.10.10 00:37:58 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.10.10 00:37:58 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.10.10 00:37:58 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2012.10.10 00:37:58 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2012.10.10 00:37:58 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2012.10.10 00:37:58 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2012.10.10 00:37:58 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2012.10.10 00:37:58 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2012.10.10 00:37:58 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2012.10.10 00:37:58 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2012.10.10 00:37:58 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2012.10.10 00:37:58 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012.10.10 00:37:58 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.10.10 00:37:58 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2012.10.10 00:37:58 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2012.10.10 00:37:58 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2012.10.10 00:37:58 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2012.10.10 00:37:58 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2012.10.10 00:37:58 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2012.10.10 00:37:58 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2012.10.10 00:37:58 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2012.10.10 00:37:58 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2012.10.10 00:37:58 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.10.10 00:37:58 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2012.10.10 00:37:58 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2012.10.10 00:37:58 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2012.10.10 00:37:58 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2012.10.10 00:37:58 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2012.10.10 00:37:58 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2012.10.10 00:37:58 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2012.10.10 00:37:58 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2012.10.10 00:37:58 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2012.10.10 00:37:58 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2012.10.10 00:37:58 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2012.10.10 00:37:58 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2012.10.10 00:37:58 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.10.10 00:37:58 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012.10.10 00:37:58 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012.10.10 00:37:58 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2012.10.10 00:37:58 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2012.10.10 00:37:58 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2012.10.10 00:37:58 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2012.10.10 00:37:58 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2012.10.10 00:37:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2012.10.10 00:37:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2012.10.10 00:37:58 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2012.10.10 00:37:58 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2012.10.10 00:37:58 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012.10.10 00:37:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2012.10.10 00:37:58 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2012.10.10 00:37:58 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2012.10.10 00:37:58 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2012.10.10 00:35:18 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll [2012.10.10 00:35:18 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll [2012.10.10 00:27:46 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.10.10 00:27:46 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.10.09 23:51:58 | 000,057,035 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012.10.09 23:51:58 | 000,057,035 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2012.10.09 09:18:00 | 000,014,539 | ---- | M] () -- C:\Users\scary\Documents\Traumtagebuch.odt [2012.10.01 16:14:23 | 000,129,576 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.09.29 18:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys ========== Files Created - No Company Name ========== [2012.10.28 17:27:22 | 000,538,941 | ---- | C] () -- C:\Users\scary\Desktop\adwcleaner.exe [2012.10.28 14:40:47 | 000,000,512 | ---- | C] () -- C:\Users\scary\Desktop\MBR.dat [2012.10.27 12:24:36 | 000,000,000 | ---- | C] () -- C:\Users\scary\defogger_reenable [2012.10.27 12:22:45 | 000,050,477 | ---- | C] () -- C:\Users\scary\Desktop\Defogger.exe [2012.10.25 23:26:33 | 000,002,236 | ---- | C] () -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk [2012.10.25 23:26:33 | 000,000,043 | ---- | C] () -- C:\END [2012.10.11 00:27:51 | 000,001,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk [2012.10.11 00:27:51 | 000,001,917 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk [2012.10.10 19:04:22 | 000,000,020 | ---- | C] () -- C:\Windows\8÷Ú [2012.10.10 17:27:13 | 000,000,020 | ---- | C] () -- C:\Windows\ÜöÊ [2012.10.10 16:14:23 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\actskn43.ocx [2012.10.10 03:19:03 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.10.10 03:13:56 | 000,001,218 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk [2012.10.10 03:08:26 | 000,067,584 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2012.10.10 01:49:37 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd [2012.10.10 01:48:59 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml [2012.10.10 01:48:57 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml [2012.10.10 01:48:57 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml [2012.10.10 01:48:49 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc [2012.10.10 01:48:49 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml [2012.10.10 00:58:00 | 000,001,047 | ---- | C] () -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.10.10 00:41:01 | 003,487,434 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin [2012.10.10 00:40:18 | 000,016,366 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2012.10.10 00:37:58 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012.10.10 00:37:58 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012.10.10 00:27:48 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.09 23:56:05 | 000,001,409 | ---- | C] () -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012.10.09 23:55:59 | 000,001,443 | ---- | C] () -- C:\Users\scary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.10.09 23:51:52 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012.10.09 23:51:42 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012.10.09 23:48:11 | 2146,934,783 | -HS- | C] () -- C:\hiberfil.sys [2012.08.30 09:40:14 | 000,429,416 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
|
29.10.2012, 16:32
| #15 |
| | PUP.Blabbers / searchplusnetwork.com Und hier das zweite Logfile: Code:
ATTFilter OTL Extras logfile created on: 29.10.2012 15:58:07 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\scary\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8.00 Gb Total Physical Memory | 6.34 Gb Available Physical Memory | 79.29% Memory free
16.00 Gb Paging File | 13.78 Gb Available in Paging File | 86.17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97.56 Gb Total Space | 25.78 Gb Free Space | 26.43% Space Free | Partition Type: NTFS
Drive D: | 274.95 Gb Total Space | 77.25 Gb Free Space | 28.10% Space Free | Partition Type: NTFS
Computer Name: *** | User Name: scary | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3569910090-1362072758-1005780473-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2DCBB47A-E7E4-49AA-93BE-5CCEA39C7B85}" = lport=56535 | protocol=17 | dir=in | name=pando media booster |
"{376A8742-D8A2-4915-BFF9-CD9F4B80BEF4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{39ACBD8F-2471-4C55-B568-A468B14A5F67}" = lport=138 | protocol=17 | dir=in | app=system |
"{3F805552-2D56-4900-AC35-83785265206F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{431DB0D0-6FB9-46EA-9D3A-1AE409395FFB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{56B5DD05-EC9B-4B73-8A8F-7D6209B2C807}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5F5A7ABD-2735-4658-AD86-2BD0B98B7AAF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6DC2EB4A-3969-4879-8022-E2D4EF9FC496}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7594C67C-01C2-4724-B8F7-2315D9EAB984}" = rport=138 | protocol=17 | dir=out | app=system |
"{81768EE2-1772-4CD6-89D5-CB3408C0D7EE}" = rport=445 | protocol=6 | dir=out | app=system |
"{8477B54B-F6F0-47A0-9078-80ADC2075FFE}" = lport=445 | protocol=6 | dir=in | app=system |
"{853AD386-1845-43F8-AB0E-CC19FEECAC0E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8AC853FF-E531-492D-8989-D5D566E959A1}" = lport=139 | protocol=6 | dir=in | app=system |
"{8AD6DB91-63C6-466A-A214-320E0448B71A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{94782510-60F7-4F95-981D-CB1905D22AB3}" = lport=56535 | protocol=6 | dir=in | name=pando media booster |
"{A445A096-3F3F-4E6E-AB37-FC207D3E5AED}" = lport=2869 | protocol=6 | dir=in | app=system |
"{ADE5A99C-37CB-422E-A51D-B611F96A104A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AE2DEF1F-6BA7-43AB-B0AF-99560638D2C1}" = rport=137 | protocol=17 | dir=out | app=system |
"{B360F3B0-C28B-4B27-B8D8-D671604782EC}" = rport=139 | protocol=6 | dir=out | app=system |
"{D8960110-445C-43CE-82DB-892F29FFFA99}" = lport=56535 | protocol=17 | dir=in | name=pando media booster |
"{DD57609F-42EF-4ACA-A087-C00BEC4D8C4B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E1E19306-C3E3-4EF4-A485-4D303399F582}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F4173994-4604-409A-9636-D748445249B1}" = lport=56535 | protocol=6 | dir=in | name=pando media booster |
"{F539467A-9C6E-4D6D-A9F5-BAF20CBC1C9F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FED838DA-F365-4FD8-AEC3-57E2E1C979C3}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D4EEF6-BD61-4020-9C5C-1677B266DAD5}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\dota 2 beta\dota.exe |
"{05E7C3CC-53F8-4573-9C8D-A0DB551E546D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0E87F9C9-F627-4401-841B-8C6B0A223E29}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2A61F1C6-8A9F-4E00-BC72-8C31C4BDA3A7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2EB30D56-6D23-4EB7-9B42-936793B879CC}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{3231DED5-9D0A-42F8-BB4F-7B12BC53D5FB}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{3A59C31A-683F-494D-A292-2D04582BD6FD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{410570A6-6D11-4DD7-ACE4-0BE217912AA5}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{477C3F11-33CF-45F4-A932-3846B0F17498}" = dir=in | app=d:\games\the war z\warz.exe |
"{47C3F7DD-F72C-40E7-A854-48F2D11485B0}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4D5B1683-CE5B-401A-8041-7A148A34D78E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{59A08B9A-50D2-43B3-BB43-249AD866AF9C}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{62813CEF-F82F-4F6A-8814-6B740BC59EAD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{66CD07FF-0991-40C8-83BC-15C72251144F}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6E9540BA-67D6-40B8-84E7-3DE01C95DA49}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{8248A227-7621-4BD7-90A7-D88C75648F63}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{87BCA31D-7E82-4E76-B681-CC4730A73D6F}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\dota 2 beta\dota.exe |
"{8A3485F9-3F05-4EF5-8213-6D3707C8D476}" = protocol=17 | dir=in | app=c:\users\scary\appdata\roaming\dropbox\bin\dropbox.exe |
"{8C2CD27A-FCF8-4F41-9075-7BBCED629BA7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AA4A2A67-A43C-46FA-800D-180B476CE88B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B326821F-8029-4D85-AF66-9C3DFAB9705B}" = protocol=6 | dir=out | app=system |
"{B8350409-872A-4D54-B801-E5A2EE95C8E0}" = protocol=6 | dir=in | app=c:\users\scary\appdata\roaming\dropbox\bin\dropbox.exe |
"{C48ABE1C-5354-4E4B-ADDD-8341E17564E0}" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\war of the roses\run_game.exe |
"{C6FD2407-56BC-405F-B2D5-998F533C93E1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CCBE9C2E-BE59-43AD-8BE0-E2694EA043A9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D1568115-7909-4232-88B6-AA09FC11D0A3}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D5A3CC30-AC73-4999-8B14-75A697976A45}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DD04EBC2-60D4-4E7D-9DA1-8BFF044A269A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E4FAE247-F2D3-43D3-B583-F6DFC97E9C46}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E6167337-7E76-4271-8578-3E0651A490DE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E61ABE6F-87BD-4897-A836-FADB5BEDC792}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{EA0441CB-28A8-4159-B17F-C532BD2E8E0A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F06805B7-35D1-4565-9FD8-CAFAAFDC0ED6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F2E21443-6330-44AD-88F4-B737B1814467}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F3ACFB18-9DA7-499E-AB6E-FB4A430A1F93}" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\war of the roses\run_game.exe |
"TCP Query User{2342B92A-E237-4F83-A129-43B75377AA86}D:\games\steam\steam.exe" = protocol=6 | dir=in | app=d:\games\steam\steam.exe |
"TCP Query User{BC415C8D-44CD-4D3F-9900-32665D3BD6C0}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"TCP Query User{EAEC2BE7-4560-4F1E-BCAC-381A7F1AF46B}D:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=6 | dir=in | app=d:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"UDP Query User{1631E2FF-D2F8-4136-A211-E57432FE5804}C:\program files (x86)\lolreplay\lolreplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lolreplay\lolreplay.exe |
"UDP Query User{55656E68-36C5-4463-9B8E-3B28E41454D4}D:\games\steam\steam.exe" = protocol=17 | dir=in | app=d:\games\steam\steam.exe |
"UDP Query User{FE930ADF-B2E1-454D-9070-D62C07982F19}D:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe" = protocol=17 | dir=in | app=d:\games\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D3364347-0A05-CA85-1DAD-80A7A75BF677}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{67686439-FBC8-4342-9748-D42BA10F7994}" = DayZ Commander
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1" = The War Z version alpha
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"BattlEye for A2" = BattlEye Uninstall
"BattlEye for OA" = BattlEye for OA Uninstall
"Foxit Reader_is1" = Foxit Reader
"Fraps" = Fraps (remove only)
"Hama Slide S1 Gaming Mouse" = Hama Slide S1 Gaming Mouse
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"LOLReplay" = LOLReplay
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Steam App 42160" = War of the Roses
"Steam App 570" = Dota 2
"Steam App 730" = Counter-Strike: Global Offensive
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.0.3
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3569910090-1362072758-1005780473-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.10.2012 23:35:52 | Computer Name = *** | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 16.10.2012 01:15:23 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: WarZlauncher.exe.new.exe, Version:
0.0.0.0, Zeitstempel: 0x507c89c3 Name des fehlerhaften Moduls: WarZlauncher.exe.new.exe,
Version: 0.0.0.0, Zeitstempel: 0x507c89c3 Ausnahmecode: 0x80000003 Fehleroffset:
0x00181042 ID des fehlerhaften Prozesses: 0x17c0 Startzeit der fehlerhaften Anwendung:
0x01cdab2824aa8950 Pfad der fehlerhaften Anwendung: D:\Games\The War Z\WarZlauncher.exe.new.exe
Pfad
des fehlerhaften Moduls: D:\Games\The War Z\WarZlauncher.exe.new.exe Berichtskennung:
7c7f2666-1750-11e2-a4bd-00252255807d
Error - 17.10.2012 14:38:15 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: WarZ.exe, Version: 0.0.0.0, Zeitstempel:
0x507e0538 Name des fehlerhaften Moduls: WarZ.exe, Version: 0.0.0.0, Zeitstempel:
0x507e0538 Ausnahmecode: 0xc0000417 Fehleroffset: 0x002f601f ID des fehlerhaften Prozesses:
0xcb4 Startzeit der fehlerhaften Anwendung: 0x01cdac95f9c1cf60 Pfad der fehlerhaften
Anwendung: D:\Games\The War Z\WarZ.exe Pfad des fehlerhaften Moduls: D:\Games\The
War Z\WarZ.exe Berichtskennung: cf3b8aab-1889-11e2-9f5e-00252255807d
Error - 21.10.2012 15:49:13 | Computer Name = *** | Source = Application Hang | ID = 1002
Description = Programm wotr.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 638 Startzeit:
01cdafab3a6a81fd Endzeit: 721 Anwendungspfad: D:\Games\Steam\steamapps\common\War
of the Roses\wotr.exe Berichts-ID:
Error - 25.10.2012 18:23:52 | Computer Name = *** | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "D:\SoftonicDownloader_fuer_foxit-pdf-reader.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 25.10.2012 18:23:54 | Computer Name = *** | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "D:\SoftonicDownloader_fuer_foxit-pdf-reader.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 25.10.2012 18:23:57 | Computer Name = *** | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "D:\SoftonicDownloader_fuer_foxit-pdf-reader.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 25.10.2012 18:26:34 | Computer Name = *** | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "D:\SoftonicDownloader_fuer_foxit-pdf-reader.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 26.10.2012 16:44:23 | Computer Name = *** | Source = Application Hang | ID = 1002
Description = Programm mbam-setup.tmp, Version 51.52.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: b9c Startzeit:
01cdb3ba81a0f5d9 Endzeit: 0 Anwendungspfad: C:\Users\scary\AppData\Local\Temp\is-K237J.tmp\mbam-setup.tmp
Berichts-ID:
Error - 27.10.2012 08:32:37 | Computer Name = *** | Source = Application Hang | ID = 1002
Description = Programm wotr.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 7b8 Startzeit:
01cdb43eff9aa84c Endzeit: 899 Anwendungspfad: D:\Games\Steam\steamapps\common\War
of the Roses\wotr.exe Berichts-ID: 5d524aff-2032-11e2-93e0-00252255807d
[ System Events ]
Error - 10.10.2012 03:25:03 | Computer Name = *** | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 10.10.2012 03:25:03 | Computer Name = *** | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 10.10.2012 03:25:04 | Computer Name = *** | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 14.10.2012 07:08:49 | Computer Name = *** | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?14.?10.?2012 um 12:56:52 unerwartet heruntergefahren.
Error - 26.10.2012 09:29:15 | Computer Name = *** | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{2F1CB49F-997D-4A81-A47D-3570193B21E0} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 26.10.2012 15:31:15 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 26.10.2012 15:31:15 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 26.10.2012 16:43:49 | Computer Name = *** | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst MBAMScheduler erreicht.
Error - 27.10.2012 07:13:17 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows-Fehlerberichterstattungsdienst erreicht.
Error - 27.10.2012 07:13:47 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows-Fehlerberichterstattungsdienst erreicht.
< End of report >
|
|
| Themen zu PUP.Blabbers / searchplusnetwork.com |
| administrator, adobe, adobe flash player, antivir, autorun, avira, dateien, explorer, explorer.exe, flash player, format, helper, installation, logfile, malwarebytes, microsoft, mozilla, neue, nvidia, nvidia update, opera, plug-in, realtek, registry, software, teamspeak, vdeck.exe, winlogon |
Linear-Darstellung
