| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: trotz Neuaufsetzen des Systems: Iexplore.exe im TaskmanagerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
23.02.2013, 03:26
| #1 |
 |  trotz Neuaufsetzen des Systems: Iexplore.exe im Taskmanager Hallo Trojaner Board, also ich habe folgendes Problem, dass seit einiger Zeit habe im Task-Manager unter laufende Prozesse drei namens IEXPLORE.EXE.32 auftauchen und jede Menge Arbeitsspeicher in Anspruch nehmen. Wenn ich die Prozesse beende, ist 1 sekunde später sofort wieder ein neuer da. Die Prozesse verweisen beide auf C:/Programme/InternetExplorer/iexplore.exe! Videos stocken im Internet Explorer, auch ansonsten ist die Verbindung sehr sehr langsam. Ich habe jetzt das System neu aufgesetzt, aber das Problem besteht weiterhin. Langsam verzweifel ich... |
|
23.02.2013, 10:19
| #2 |
| /// TB-Ausbilder  | trotz Neuaufsetzen des Systems: Iexplore.exe im Taskmanager Na dann lass uns mal schauen
__________________  Ich werde dir bei deinem Problem helfen. Eine Bereinigung ist mitunter mit viel Arbeit für Dich (und mich) verbunden. Bevor es los geht, habe ich etwas Lesestoff für dich.  Bitte Lesen: Regeln für die Bereinigung Damit die Bereinigung funktioniert bitte ich dich, die folgenden Punkte aufmerksam zu lesen:
Gelesen und verstanden? Schritt 1: Laufwerksemulationen abschalten mit Defogger Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop und starte es: Schritt 2: Scan mit aswMBR
Schritt 3: Scan mit dem TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen.
Schritt 4: Scan mit DDS+ (mit attach) Downloade dir bitte DDS (von sUBs) und speichere die Datei auf deinem Desktop.
__________________ |
|
23.02.2013, 17:56
| #3 |
| | trotz Neuaufsetzen des Systems: Iexplore.exe im Taskmanager Hallo rider,
__________________hat alles geklappt, Ausnahme Schritt 2: aswMBR konnte nicht gestartet werden "Keine zulässige Win32 Anwendung".. Die Logs defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:40 on 23/02/2013 (***)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter 17:47:11.0822 3432 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:47:11.0962 3432 ============================================================
17:47:11.0962 3432 Current date / time: 2013/02/23 17:47:11.0962
17:47:11.0962 3432 SystemInfo:
17:47:11.0962 3432
17:47:11.0962 3432 OS Version: 6.1.7600 ServicePack: 0.0
17:47:11.0962 3432 Product type: Workstation
17:47:11.0962 3432 ComputerName: ***-PC
17:47:11.0962 3432 UserName: ***
17:47:11.0962 3432 Windows directory: C:\Windows
17:47:11.0962 3432 System windows directory: C:\Windows
17:47:11.0962 3432 Running under WOW64
17:47:11.0962 3432 Processor architecture: Intel x64
17:47:11.0962 3432 Number of processors: 2
17:47:11.0962 3432 Page size: 0x1000
17:47:11.0962 3432 Boot type: Normal boot
17:47:11.0962 3432 ============================================================
17:47:13.0023 3432 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:47:13.0023 3432 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:47:13.0038 3432 ============================================================
17:47:13.0038 3432 \Device\Harddisk0\DR0:
17:47:13.0038 3432 MBR partitions:
17:47:13.0038 3432 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
17:47:13.0038 3432 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23921000
17:47:13.0038 3432 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23985000, BlocksNum 0x1A75800
17:47:13.0038 3432 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
17:47:13.0038 3432 \Device\Harddisk1\DR1:
17:47:13.0038 3432 MBR partitions:
17:47:13.0038 3432 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
17:47:13.0038 3432 ============================================================
17:47:13.0070 3432 C: <-> \Device\Harddisk0\DR0\Partition2
17:47:13.0116 3432 D: <-> \Device\Harddisk0\DR0\Partition3
17:47:13.0116 3432 E: <-> \Device\Harddisk0\DR0\Partition4
17:47:13.0148 3432 G: <-> \Device\Harddisk1\DR1\Partition1
17:47:13.0148 3432 ============================================================
17:47:13.0148 3432 Initialize success
17:47:13.0148 3432 ============================================================
17:47:26.0018 3624 ============================================================
17:47:26.0018 3624 Scan started
17:47:26.0018 3624 Mode: Manual; TDLFS;
17:47:26.0018 3624 ============================================================
17:47:27.0250 3624 ================ Scan system memory ========================
17:47:27.0250 3624 System memory - ok
17:47:27.0250 3624 ================ Scan services =============================
17:47:27.0562 3624 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:47:27.0562 3624 1394ohci - ok
17:47:27.0593 3624 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
17:47:27.0593 3624 Accelerometer - ok
17:47:27.0640 3624 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
17:47:27.0640 3624 ACPI - ok
17:47:27.0656 3624 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
17:47:27.0656 3624 AcpiPmi - ok
17:47:27.0687 3624 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:47:27.0687 3624 adp94xx - ok
17:47:27.0702 3624 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:47:27.0702 3624 adpahci - ok
17:47:27.0718 3624 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:47:27.0718 3624 adpu320 - ok
17:47:27.0734 3624 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:47:27.0734 3624 AeLookupSvc - ok
17:47:27.0780 3624 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
17:47:27.0780 3624 AFD - ok
17:47:27.0796 3624 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
17:47:27.0812 3624 agp440 - ok
17:47:27.0812 3624 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:47:27.0812 3624 ALG - ok
17:47:27.0827 3624 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
17:47:27.0827 3624 aliide - ok
17:47:27.0874 3624 [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:47:27.0874 3624 AMD External Events Utility - ok
17:47:27.0874 3624 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
17:47:27.0874 3624 amdide - ok
17:47:27.0890 3624 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:47:27.0890 3624 AmdK8 - ok
17:47:27.0905 3624 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:47:27.0905 3624 AmdPPM - ok
17:47:27.0905 3624 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
17:47:27.0921 3624 amdsata - ok
17:47:27.0921 3624 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:47:27.0921 3624 amdsbs - ok
17:47:27.0936 3624 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
17:47:27.0936 3624 amdxata - ok
17:47:27.0952 3624 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
17:47:27.0952 3624 AppID - ok
17:47:27.0968 3624 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:47:27.0968 3624 AppIDSvc - ok
17:47:27.0983 3624 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
17:47:27.0983 3624 Appinfo - ok
17:47:28.0014 3624 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:47:28.0014 3624 AppMgmt - ok
17:47:28.0014 3624 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:47:28.0014 3624 arc - ok
17:47:28.0030 3624 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:47:28.0030 3624 arcsas - ok
17:47:28.0046 3624 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:47:28.0046 3624 AsyncMac - ok
17:47:28.0046 3624 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
17:47:28.0046 3624 atapi - ok
17:47:28.0108 3624 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
17:47:28.0124 3624 athr - ok
17:47:28.0295 3624 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:47:28.0358 3624 atikmdag - ok
17:47:28.0389 3624 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:47:28.0404 3624 AudioEndpointBuilder - ok
17:47:28.0404 3624 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:47:28.0420 3624 AudioSrv - ok
17:47:28.0436 3624 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:47:28.0451 3624 AxInstSV - ok
17:47:28.0498 3624 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:47:28.0498 3624 b06bdrv - ok
17:47:28.0529 3624 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:47:28.0529 3624 b57nd60a - ok
17:47:28.0560 3624 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:47:28.0560 3624 BDESVC - ok
17:47:28.0560 3624 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:47:28.0576 3624 Beep - ok
17:47:28.0607 3624 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
17:47:28.0607 3624 BFE - ok
17:47:28.0638 3624 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
17:47:28.0654 3624 BITS - ok
17:47:28.0685 3624 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:47:28.0685 3624 blbdrive - ok
17:47:28.0716 3624 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:47:28.0716 3624 bowser - ok
17:47:28.0748 3624 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:47:28.0748 3624 BrFiltLo - ok
17:47:28.0748 3624 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:47:28.0748 3624 BrFiltUp - ok
17:47:28.0779 3624 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
17:47:28.0779 3624 Browser - ok
17:47:28.0826 3624 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:47:28.0826 3624 Brserid - ok
17:47:28.0841 3624 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:47:28.0841 3624 BrSerWdm - ok
17:47:28.0857 3624 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:47:28.0857 3624 BrUsbMdm - ok
17:47:28.0857 3624 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:47:28.0857 3624 BrUsbSer - ok
17:47:28.0872 3624 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:47:28.0872 3624 BTHMODEM - ok
17:47:28.0888 3624 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:47:28.0888 3624 bthserv - ok
17:47:28.0919 3624 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:47:28.0919 3624 cdfs - ok
17:47:28.0935 3624 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:47:28.0935 3624 cdrom - ok
17:47:28.0950 3624 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
17:47:28.0950 3624 CertPropSvc - ok
17:47:28.0950 3624 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:47:28.0950 3624 circlass - ok
17:47:28.0982 3624 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:47:28.0982 3624 CLFS - ok
17:47:29.0106 3624 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:47:29.0106 3624 clr_optimization_v2.0.50727_32 - ok
17:47:29.0184 3624 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:47:29.0184 3624 clr_optimization_v2.0.50727_64 - ok
17:47:29.0216 3624 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:47:29.0216 3624 CmBatt - ok
17:47:29.0231 3624 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
17:47:29.0231 3624 cmdide - ok
17:47:29.0262 3624 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
17:47:29.0278 3624 CNG - ok
17:47:29.0294 3624 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:47:29.0294 3624 Compbatt - ok
17:47:29.0309 3624 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:47:29.0309 3624 CompositeBus - ok
17:47:29.0325 3624 COMSysApp - ok
17:47:29.0340 3624 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:47:29.0340 3624 crcdisk - ok
17:47:29.0372 3624 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:47:29.0387 3624 CryptSvc - ok
17:47:29.0418 3624 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
17:47:29.0434 3624 CSC - ok
17:47:29.0450 3624 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
17:47:29.0450 3624 CscService - ok
17:47:29.0496 3624 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:47:29.0496 3624 DcomLaunch - ok
17:47:29.0543 3624 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:47:29.0543 3624 defragsvc - ok
17:47:29.0574 3624 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:47:29.0574 3624 DfsC - ok
17:47:29.0590 3624 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
17:47:29.0590 3624 Dhcp - ok
17:47:29.0606 3624 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:47:29.0606 3624 discache - ok
17:47:29.0637 3624 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:47:29.0637 3624 Disk - ok
17:47:29.0652 3624 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:47:29.0652 3624 Dnscache - ok
17:47:29.0684 3624 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
17:47:29.0684 3624 dot3svc - ok
17:47:29.0684 3624 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
17:47:29.0699 3624 DPS - ok
17:47:29.0715 3624 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:47:29.0730 3624 drmkaud - ok
17:47:29.0762 3624 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:47:29.0777 3624 DXGKrnl - ok
17:47:29.0793 3624 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:47:29.0808 3624 EapHost - ok
17:47:29.0871 3624 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:47:29.0918 3624 ebdrv - ok
17:47:29.0949 3624 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
17:47:29.0949 3624 EFS - ok
17:47:30.0027 3624 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:47:30.0042 3624 ehRecvr - ok
17:47:30.0074 3624 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:47:30.0074 3624 ehSched - ok
17:47:30.0105 3624 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:47:30.0105 3624 elxstor - ok
17:47:30.0120 3624 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
17:47:30.0120 3624 ErrDev - ok
17:47:30.0167 3624 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:47:30.0167 3624 EventSystem - ok
17:47:30.0183 3624 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:47:30.0183 3624 exfat - ok
17:47:30.0198 3624 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:47:30.0198 3624 fastfat - ok
17:47:30.0230 3624 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
17:47:30.0245 3624 Fax - ok
17:47:30.0245 3624 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:47:30.0245 3624 fdc - ok
17:47:30.0261 3624 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:47:30.0261 3624 fdPHost - ok
17:47:30.0276 3624 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:47:30.0276 3624 FDResPub - ok
17:47:30.0292 3624 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:47:30.0292 3624 FileInfo - ok
17:47:30.0292 3624 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:47:30.0292 3624 Filetrace - ok
17:47:30.0308 3624 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:47:30.0308 3624 flpydisk - ok
17:47:30.0323 3624 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:47:30.0323 3624 FltMgr - ok
17:47:30.0370 3624 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
17:47:30.0386 3624 FontCache - ok
17:47:30.0417 3624 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:47:30.0417 3624 FontCache3.0.0.0 - ok
17:47:30.0417 3624 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:47:30.0417 3624 FsDepends - ok
17:47:30.0464 3624 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:47:30.0464 3624 Fs_Rec - ok
17:47:30.0495 3624 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:47:30.0495 3624 fvevol - ok
17:47:30.0526 3624 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:47:30.0526 3624 gagp30kx - ok
17:47:30.0557 3624 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
17:47:30.0573 3624 gpsvc - ok
17:47:30.0588 3624 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:47:30.0588 3624 hcw85cir - ok
17:47:30.0635 3624 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:47:30.0635 3624 HdAudAddService - ok
17:47:30.0651 3624 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:47:30.0651 3624 HDAudBus - ok
17:47:30.0651 3624 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:47:30.0651 3624 HidBatt - ok
17:47:30.0666 3624 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:47:30.0666 3624 HidBth - ok
17:47:30.0682 3624 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:47:30.0682 3624 HidIr - ok
17:47:30.0698 3624 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:47:30.0698 3624 hidserv - ok
17:47:30.0713 3624 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:47:30.0713 3624 HidUsb - ok
17:47:30.0729 3624 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:47:30.0729 3624 hkmsvc - ok
17:47:30.0744 3624 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:47:30.0744 3624 HomeGroupListener - ok
17:47:30.0776 3624 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:47:30.0776 3624 HomeGroupProvider - ok
17:47:30.0776 3624 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
17:47:30.0791 3624 hpdskflt - ok
17:47:30.0791 3624 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
17:47:30.0791 3624 HpSAMD - ok
17:47:30.0807 3624 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
17:47:30.0807 3624 hpsrv - ok
17:47:30.0854 3624 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:47:30.0854 3624 HTTP - ok
17:47:30.0869 3624 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:47:30.0869 3624 hwpolicy - ok
17:47:30.0885 3624 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:47:30.0885 3624 i8042prt - ok
17:47:30.0900 3624 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
17:47:30.0900 3624 iaStorV - ok
17:47:30.0963 3624 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:47:30.0978 3624 idsvc - ok
17:47:30.0978 3624 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:47:30.0978 3624 iirsp - ok
17:47:31.0010 3624 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
17:47:31.0010 3624 IKEEXT - ok
17:47:31.0041 3624 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
17:47:31.0041 3624 intelide - ok
17:47:31.0056 3624 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:47:31.0056 3624 intelppm - ok
17:47:31.0072 3624 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:47:31.0072 3624 IPBusEnum - ok
17:47:31.0088 3624 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:47:31.0088 3624 IpFilterDriver - ok
17:47:31.0103 3624 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:47:31.0103 3624 iphlpsvc - ok
17:47:31.0103 3624 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:47:31.0119 3624 IPMIDRV - ok
17:47:31.0134 3624 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:47:31.0134 3624 IPNAT - ok
17:47:31.0134 3624 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:47:31.0134 3624 IRENUM - ok
17:47:31.0150 3624 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
17:47:31.0150 3624 isapnp - ok
17:47:31.0166 3624 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:47:31.0166 3624 iScsiPrt - ok
17:47:31.0181 3624 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:47:31.0181 3624 kbdclass - ok
17:47:31.0181 3624 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:47:31.0181 3624 kbdhid - ok
17:47:31.0197 3624 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
17:47:31.0197 3624 KeyIso - ok
17:47:31.0244 3624 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:47:31.0244 3624 KSecDD - ok
17:47:31.0275 3624 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:47:31.0275 3624 KSecPkg - ok
17:47:31.0306 3624 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:47:31.0306 3624 ksthunk - ok
17:47:31.0337 3624 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:47:31.0337 3624 KtmRm - ok
17:47:31.0384 3624 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:47:31.0384 3624 LanmanServer - ok
17:47:31.0415 3624 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:47:31.0415 3624 LanmanWorkstation - ok
17:47:31.0431 3624 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:47:31.0431 3624 lltdio - ok
17:47:31.0462 3624 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:47:31.0462 3624 lltdsvc - ok
17:47:31.0478 3624 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:47:31.0478 3624 lmhosts - ok
17:47:31.0493 3624 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:47:31.0493 3624 LSI_FC - ok
17:47:31.0493 3624 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:47:31.0493 3624 LSI_SAS - ok
17:47:31.0509 3624 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:47:31.0509 3624 LSI_SAS2 - ok
17:47:31.0524 3624 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:47:31.0524 3624 LSI_SCSI - ok
17:47:31.0524 3624 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:47:31.0540 3624 luafv - ok
17:47:31.0556 3624 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:47:31.0556 3624 Mcx2Svc - ok
17:47:31.0587 3624 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:47:31.0587 3624 megasas - ok
17:47:31.0602 3624 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:47:31.0602 3624 MegaSR - ok
17:47:31.0634 3624 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:47:31.0634 3624 MMCSS - ok
17:47:31.0634 3624 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:47:31.0634 3624 Modem - ok
17:47:31.0649 3624 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:47:31.0649 3624 monitor - ok
17:47:31.0665 3624 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:47:31.0665 3624 mouclass - ok
17:47:31.0665 3624 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:47:31.0665 3624 mouhid - ok
17:47:31.0680 3624 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:47:31.0680 3624 mountmgr - ok
17:47:31.0727 3624 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:47:31.0743 3624 MozillaMaintenance - ok
17:47:31.0758 3624 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
17:47:31.0758 3624 mpio - ok
17:47:31.0774 3624 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:47:31.0774 3624 mpsdrv - ok
17:47:31.0821 3624 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:47:31.0836 3624 MpsSvc - ok
17:47:31.0852 3624 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:47:31.0852 3624 MRxDAV - ok
17:47:31.0883 3624 [ B7F3D2C40BDF8FFB73EBFB19C77734E2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:47:31.0883 3624 mrxsmb - ok
17:47:31.0914 3624 [ 86C6F88B5168CE21CF8D69D0B3FF5D19 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:47:31.0914 3624 mrxsmb10 - ok
17:47:31.0930 3624 [ B081069251C8E9F42CB8769D07148F9C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:47:31.0930 3624 mrxsmb20 - ok
17:47:31.0961 3624 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
17:47:31.0961 3624 msahci - ok
17:47:31.0977 3624 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
17:47:31.0977 3624 msdsm - ok
17:47:31.0992 3624 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:47:31.0992 3624 MSDTC - ok
17:47:32.0008 3624 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:47:32.0008 3624 Msfs - ok
17:47:32.0008 3624 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:47:32.0008 3624 mshidkmdf - ok
17:47:32.0024 3624 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
17:47:32.0024 3624 msisadrv - ok
17:47:32.0039 3624 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:47:32.0039 3624 MSiSCSI - ok
17:47:32.0055 3624 msiserver - ok
17:47:32.0070 3624 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:47:32.0070 3624 MSKSSRV - ok
17:47:32.0086 3624 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:47:32.0086 3624 MSPCLOCK - ok
17:47:32.0086 3624 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:47:32.0086 3624 MSPQM - ok
17:47:32.0102 3624 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:47:32.0117 3624 MsRPC - ok
17:47:32.0117 3624 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:47:32.0117 3624 mssmbios - ok
17:47:32.0133 3624 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:47:32.0133 3624 MSTEE - ok
17:47:32.0133 3624 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:47:32.0133 3624 MTConfig - ok
17:47:32.0148 3624 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:47:32.0148 3624 Mup - ok
17:47:32.0195 3624 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
17:47:32.0195 3624 napagent - ok
17:47:32.0226 3624 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:47:32.0242 3624 NativeWifiP - ok
17:47:32.0273 3624 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:47:32.0304 3624 NDIS - ok
17:47:32.0304 3624 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:47:32.0304 3624 NdisCap - ok
17:47:32.0320 3624 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:47:32.0320 3624 NdisTapi - ok
17:47:32.0320 3624 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:47:32.0320 3624 Ndisuio - ok
17:47:32.0336 3624 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:47:32.0336 3624 NdisWan - ok
17:47:32.0336 3624 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:47:32.0336 3624 NDProxy - ok
17:47:32.0351 3624 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:47:32.0351 3624 NetBIOS - ok
17:47:32.0351 3624 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:47:32.0367 3624 NetBT - ok
17:47:32.0382 3624 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
17:47:32.0382 3624 Netlogon - ok
17:47:32.0414 3624 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:47:32.0414 3624 Netman - ok
17:47:32.0445 3624 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:47:32.0445 3624 netprofm - ok
17:47:32.0460 3624 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:47:32.0460 3624 NetTcpPortSharing - ok
17:47:32.0492 3624 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:47:32.0492 3624 nfrd960 - ok
17:47:32.0507 3624 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:47:32.0507 3624 NlaSvc - ok
17:47:32.0523 3624 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:47:32.0523 3624 Npfs - ok
17:47:32.0523 3624 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:47:32.0523 3624 nsi - ok
17:47:32.0538 3624 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:47:32.0538 3624 nsiproxy - ok
17:47:32.0570 3624 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:47:32.0601 3624 Ntfs - ok
17:47:32.0601 3624 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:47:32.0601 3624 Null - ok
17:47:32.0601 3624 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
17:47:32.0616 3624 nvraid - ok
17:47:32.0616 3624 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
17:47:32.0616 3624 nvstor - ok
17:47:32.0632 3624 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
17:47:32.0632 3624 nv_agp - ok
17:47:32.0648 3624 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:47:32.0648 3624 ohci1394 - ok
17:47:32.0694 3624 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:47:32.0694 3624 ose - ok
17:47:32.0741 3624 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:47:32.0757 3624 p2pimsvc - ok
17:47:32.0772 3624 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:47:32.0772 3624 p2psvc - ok
17:47:32.0788 3624 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:47:32.0788 3624 Parport - ok
17:47:32.0835 3624 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:47:32.0835 3624 partmgr - ok
17:47:32.0850 3624 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:47:32.0850 3624 PcaSvc - ok
17:47:32.0866 3624 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
17:47:32.0866 3624 pci - ok
17:47:32.0866 3624 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
17:47:32.0866 3624 pciide - ok
17:47:32.0882 3624 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:47:32.0882 3624 pcmcia - ok
17:47:32.0882 3624 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:47:32.0897 3624 pcw - ok
17:47:32.0928 3624 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:47:32.0928 3624 PEAUTH - ok
17:47:32.0975 3624 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:47:32.0991 3624 PeerDistSvc - ok
17:47:33.0162 3624 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:47:33.0162 3624 PerfHost - ok
17:47:33.0256 3624 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
17:47:33.0287 3624 pla - ok
17:47:33.0318 3624 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:47:33.0334 3624 PlugPlay - ok
17:47:33.0334 3624 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:47:33.0334 3624 PNRPAutoReg - ok
17:47:33.0365 3624 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:47:33.0365 3624 PNRPsvc - ok
17:47:33.0381 3624 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:47:33.0396 3624 PolicyAgent - ok
17:47:33.0412 3624 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:47:33.0412 3624 Power - ok
17:47:33.0443 3624 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:47:33.0443 3624 PptpMiniport - ok
17:47:33.0459 3624 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:47:33.0459 3624 Processor - ok
17:47:33.0490 3624 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
17:47:33.0490 3624 ProfSvc - ok
17:47:33.0506 3624 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:47:33.0506 3624 ProtectedStorage - ok
17:47:33.0599 3624 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:47:33.0615 3624 Psched - ok
17:47:33.0708 3624 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:47:33.0740 3624 ql2300 - ok
17:47:33.0740 3624 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:47:33.0740 3624 ql40xx - ok
17:47:33.0771 3624 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:47:33.0771 3624 QWAVE - ok
17:47:33.0786 3624 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:47:33.0786 3624 QWAVEdrv - ok
17:47:33.0802 3624 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:47:33.0802 3624 RasAcd - ok
17:47:33.0833 3624 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:47:33.0833 3624 RasAgileVpn - ok
17:47:33.0833 3624 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:47:33.0849 3624 RasAuto - ok
17:47:33.0849 3624 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:47:33.0849 3624 Rasl2tp - ok
17:47:33.0864 3624 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
17:47:33.0864 3624 RasMan - ok
17:47:33.0880 3624 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:47:33.0880 3624 RasPppoe - ok
17:47:33.0880 3624 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:47:33.0880 3624 RasSstp - ok
17:47:33.0896 3624 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:47:33.0896 3624 rdbss - ok
17:47:33.0896 3624 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:47:33.0911 3624 rdpbus - ok
17:47:33.0911 3624 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:47:33.0911 3624 RDPCDD - ok
17:47:33.0942 3624 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:47:33.0942 3624 RDPDR - ok
17:47:33.0958 3624 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:47:33.0958 3624 RDPENCDD - ok
17:47:33.0974 3624 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:47:33.0974 3624 RDPREFMP - ok
17:47:34.0005 3624 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:47:34.0005 3624 RDPWD - ok
17:47:34.0020 3624 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:47:34.0020 3624 rdyboost - ok
17:47:34.0052 3624 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:47:34.0052 3624 RemoteAccess - ok
17:47:34.0067 3624 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:47:34.0067 3624 RemoteRegistry - ok
17:47:34.0098 3624 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:47:34.0114 3624 RpcEptMapper - ok
17:47:34.0114 3624 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:47:34.0114 3624 RpcLocator - ok
17:47:34.0145 3624 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
17:47:34.0145 3624 RpcSs - ok
17:47:34.0176 3624 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:47:34.0176 3624 rspndr - ok
17:47:34.0239 3624 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:47:34.0239 3624 RTL8167 - ok
17:47:34.0270 3624 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
17:47:34.0270 3624 s3cap - ok
17:47:34.0286 3624 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
17:47:34.0286 3624 SamSs - ok
17:47:34.0286 3624 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
17:47:34.0301 3624 sbp2port - ok
17:47:34.0317 3624 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:47:34.0317 3624 SCardSvr - ok
17:47:34.0317 3624 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:47:34.0317 3624 scfilter - ok
17:47:34.0364 3624 [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule C:\Windows\system32\schedsvc.dll
17:47:34.0364 3624 Schedule - ok
17:47:34.0379 3624 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:47:34.0379 3624 SCPolicySvc - ok
17:47:34.0395 3624 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:47:34.0395 3624 SDRSVC - ok
17:47:34.0442 3624 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:47:34.0442 3624 secdrv - ok
17:47:34.0457 3624 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
17:47:34.0457 3624 seclogon - ok
17:47:34.0473 3624 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:47:34.0473 3624 SENS - ok
17:47:34.0473 3624 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:47:34.0473 3624 SensrSvc - ok
17:47:34.0488 3624 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:47:34.0488 3624 Serenum - ok
17:47:34.0504 3624 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:47:34.0504 3624 Serial - ok
17:47:34.0520 3624 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:47:34.0520 3624 sermouse - ok
17:47:34.0551 3624 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
17:47:34.0551 3624 SessionEnv - ok
17:47:34.0551 3624 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:47:34.0551 3624 sffdisk - ok
17:47:34.0566 3624 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:47:34.0566 3624 sffp_mmc - ok
17:47:34.0566 3624 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:47:34.0566 3624 sffp_sd - ok
17:47:34.0582 3624 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:47:34.0582 3624 sfloppy - ok
17:47:34.0598 3624 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:47:34.0598 3624 SharedAccess - ok
17:47:34.0629 3624 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:47:34.0629 3624 ShellHWDetection - ok
17:47:34.0629 3624 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:47:34.0629 3624 SiSRaid2 - ok
17:47:34.0644 3624 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:47:34.0644 3624 SiSRaid4 - ok
17:47:34.0660 3624 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:47:34.0660 3624 Smb - ok
17:47:34.0691 3624 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:47:34.0691 3624 SNMPTRAP - ok
17:47:34.0691 3624 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:47:34.0691 3624 spldr - ok
17:47:34.0738 3624 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
17:47:34.0738 3624 Spooler - ok
17:47:34.0847 3624 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
17:47:34.0878 3624 sppsvc - ok
17:47:34.0894 3624 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:47:34.0894 3624 sppuinotify - ok
17:47:34.0925 3624 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:47:34.0925 3624 srv - ok
17:47:34.0941 3624 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:47:34.0956 3624 srv2 - ok
17:47:34.0972 3624 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:47:34.0972 3624 srvnet - ok
17:47:35.0003 3624 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:47:35.0019 3624 SSDPSRV - ok
17:47:35.0019 3624 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:47:35.0034 3624 SstpSvc - ok
17:47:35.0050 3624 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:47:35.0050 3624 stexstor - ok
17:47:35.0081 3624 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
17:47:35.0097 3624 stisvc - ok
17:47:35.0112 3624 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
17:47:35.0112 3624 storflt - ok
17:47:35.0128 3624 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
17:47:35.0128 3624 storvsc - ok
17:47:35.0128 3624 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:47:35.0128 3624 swenum - ok
17:47:35.0159 3624 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:47:35.0159 3624 swprv - ok
17:47:35.0206 3624 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
17:47:35.0222 3624 SysMain - ok
17:47:35.0237 3624 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:47:35.0237 3624 TabletInputService - ok
17:47:35.0253 3624 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
17:47:35.0253 3624 TapiSrv - ok
17:47:35.0268 3624 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:47:35.0268 3624 TBS - ok
17:47:35.0331 3624 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:47:35.0346 3624 Tcpip - ok
17:47:35.0378 3624 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:47:35.0393 3624 TCPIP6 - ok
17:47:35.0424 3624 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:47:35.0424 3624 tcpipreg - ok
17:47:35.0424 3624 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:47:35.0440 3624 TDPIPE - ok
17:47:35.0456 3624 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:47:35.0456 3624 TDTCP - ok
17:47:35.0471 3624 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:47:35.0487 3624 tdx - ok
17:47:35.0487 3624 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:47:35.0487 3624 TermDD - ok
17:47:35.0518 3624 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
17:47:35.0534 3624 TermService - ok
17:47:35.0549 3624 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:47:35.0549 3624 Themes - ok
17:47:35.0565 3624 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:47:35.0565 3624 THREADORDER - ok
17:47:35.0580 3624 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:47:35.0580 3624 TrkWks - ok
17:47:35.0612 3624 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:47:35.0612 3624 TrustedInstaller - ok
17:47:35.0627 3624 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:47:35.0643 3624 tssecsrv - ok
17:47:35.0658 3624 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:47:35.0658 3624 tunnel - ok
17:47:35.0674 3624 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:47:35.0674 3624 uagp35 - ok
17:47:35.0690 3624 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:47:35.0705 3624 udfs - ok
17:47:35.0721 3624 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:47:35.0736 3624 UI0Detect - ok
17:47:35.0752 3624 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
17:47:35.0752 3624 uliagpkx - ok
17:47:35.0752 3624 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:47:35.0752 3624 umbus - ok
17:47:35.0752 3624 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:47:35.0768 3624 UmPass - ok
17:47:35.0783 3624 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
17:47:35.0783 3624 UmRdpService - ok
17:47:35.0799 3624 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:47:35.0799 3624 upnphost - ok
17:47:35.0814 3624 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:47:35.0814 3624 usbccgp - ok
17:47:35.0830 3624 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
17:47:35.0830 3624 usbcir - ok
17:47:35.0846 3624 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:47:35.0846 3624 usbehci - ok
17:47:35.0877 3624 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:47:35.0877 3624 usbhub - ok
17:47:35.0877 3624 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:47:35.0877 3624 usbohci - ok
17:47:35.0892 3624 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:47:35.0892 3624 usbprint - ok
17:47:35.0908 3624 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:47:35.0908 3624 USBSTOR - ok
17:47:35.0908 3624 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:47:35.0924 3624 usbuhci - ok
17:47:35.0939 3624 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:47:35.0955 3624 usbvideo - ok
17:47:35.0955 3624 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:47:35.0955 3624 UxSms - ok
17:47:35.0970 3624 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
17:47:35.0986 3624 VaultSvc - ok
17:47:35.0986 3624 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
17:47:35.0986 3624 vdrvroot - ok
17:47:36.0017 3624 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
17:47:36.0017 3624 vds - ok
17:47:36.0033 3624 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:47:36.0033 3624 vga - ok
17:47:36.0048 3624 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:47:36.0048 3624 VgaSave - ok
17:47:36.0064 3624 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
17:47:36.0064 3624 vhdmp - ok
17:47:36.0064 3624 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
17:47:36.0064 3624 viaide - ok
17:47:36.0111 3624 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
17:47:36.0111 3624 vmbus - ok
17:47:36.0126 3624 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
17:47:36.0126 3624 VMBusHID - ok
17:47:36.0126 3624 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
17:47:36.0126 3624 volmgr - ok
17:47:36.0142 3624 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:47:36.0158 3624 volmgrx - ok
17:47:36.0189 3624 [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
17:47:36.0189 3624 volsnap - ok
17:47:36.0251 3624 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:47:36.0251 3624 vsmraid - ok
17:47:36.0314 3624 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
17:47:36.0345 3624 VSS - ok
17:47:36.0345 3624 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:47:36.0345 3624 vwifibus - ok
17:47:36.0360 3624 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:47:36.0360 3624 vwififlt - ok
17:47:36.0376 3624 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:47:36.0376 3624 W32Time - ok
17:47:36.0392 3624 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:47:36.0392 3624 WacomPen - ok
17:47:36.0407 3624 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:47:36.0407 3624 WANARP - ok
17:47:36.0407 3624 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:47:36.0423 3624 Wanarpv6 - ok
17:47:36.0454 3624 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
17:47:36.0485 3624 wbengine - ok
17:47:36.0485 3624 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:47:36.0485 3624 WbioSrvc - ok
17:47:36.0501 3624 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:47:36.0501 3624 wcncsvc - ok
17:47:36.0516 3624 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:47:36.0516 3624 WcsPlugInService - ok
17:47:36.0532 3624 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:47:36.0532 3624 Wd - ok
17:47:36.0579 3624 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:47:36.0594 3624 Wdf01000 - ok
17:47:36.0610 3624 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:47:36.0610 3624 WdiServiceHost - ok
17:47:36.0626 3624 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:47:36.0626 3624 WdiSystemHost - ok
17:47:36.0657 3624 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
17:47:36.0657 3624 WebClient - ok
17:47:36.0688 3624 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:47:36.0704 3624 Wecsvc - ok
17:47:36.0704 3624 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:47:36.0719 3624 wercplsupport - ok
17:47:36.0735 3624 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:47:36.0735 3624 WerSvc - ok
17:47:36.0766 3624 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:47:36.0766 3624 WfpLwf - ok
17:47:36.0766 3624 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:47:36.0782 3624 WIMMount - ok
17:47:36.0797 3624 WinDefend - ok
17:47:36.0797 3624 WinHttpAutoProxySvc - ok
17:47:36.0906 3624 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:47:36.0906 3624 Winmgmt - ok
17:47:36.0969 3624 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
17:47:36.0984 3624 WinRM - ok
17:47:37.0031 3624 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:47:37.0031 3624 Wlansvc - ok
17:47:37.0062 3624 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:47:37.0062 3624 WmiAcpi - ok
17:47:37.0094 3624 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:47:37.0094 3624 wmiApSrv - ok
17:47:37.0125 3624 WMPNetworkSvc - ok
17:47:37.0140 3624 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:47:37.0140 3624 WPCSvc - ok
17:47:37.0140 3624 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:47:37.0156 3624 WPDBusEnum - ok
17:47:37.0156 3624 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:47:37.0156 3624 ws2ifsl - ok
17:47:37.0187 3624 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
17:47:37.0187 3624 wscsvc - ok
17:47:37.0203 3624 WSearch - ok
17:47:37.0281 3624 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:47:37.0296 3624 wuauserv - ok
17:47:37.0328 3624 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:47:37.0328 3624 WudfPf - ok
17:47:37.0359 3624 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:47:37.0359 3624 wudfsvc - ok
17:47:37.0374 3624 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:47:37.0374 3624 WwanSvc - ok
17:47:37.0390 3624 ================ Scan global ===============================
17:47:37.0406 3624 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:47:37.0437 3624 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
17:47:37.0437 3624 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
17:47:37.0468 3624 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:47:37.0515 3624 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:47:37.0515 3624 [Global] - ok
17:47:37.0515 3624 ================ Scan MBR ==================================
17:47:37.0530 3624 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:47:37.0827 3624 \Device\Harddisk0\DR0 - ok
17:47:37.0842 3624 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
17:47:38.0201 3624 \Device\Harddisk1\DR1 - ok
17:47:38.0201 3624 ================ Scan VBR ==================================
17:47:38.0217 3624 [ 7D41F354FA0D635070014652ED8E3E69 ] \Device\Harddisk0\DR0\Partition1
17:47:38.0217 3624 \Device\Harddisk0\DR0\Partition1 - ok
17:47:38.0248 3624 [ 48DA800ACCA5F0227AA4935EE71CE785 ] \Device\Harddisk0\DR0\Partition2
17:47:38.0248 3624 \Device\Harddisk0\DR0\Partition2 - ok
17:47:38.0279 3624 [ A56F59111126170C67B8F53F8CFB7983 ] \Device\Harddisk0\DR0\Partition3
17:47:38.0279 3624 \Device\Harddisk0\DR0\Partition3 - ok
17:47:38.0295 3624 [ 59383E75D7EA4D9E4ECF89843A887BED ] \Device\Harddisk0\DR0\Partition4
17:47:38.0295 3624 \Device\Harddisk0\DR0\Partition4 - ok
17:47:38.0295 3624 [ 0793985EAE16EF38FC09A4AAB4D7BED9 ] \Device\Harddisk1\DR1\Partition1
17:47:38.0310 3624 \Device\Harddisk1\DR1\Partition1 - ok
17:47:38.0310 3624 ============================================================
17:47:38.0310 3624 Scan finished
17:47:38.0310 3624 ============================================================
17:47:38.0326 3532 Detected object count: 0
17:47:38.0326 3532 Actual detected object count: 0
17:48:01.0742 1860 Deinitialize success
dds DDS Logfile: DDS Logfile: Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464
Run by *** at 17:49:39 on 2013-02-23
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.49.1031.18.4092.3045 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_6_602_168_ActiveX.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
uRun: [BrowserChoice] "C:\Windows\System32\browserchoice.exe" /run
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{C9438DF3-D57A-471D-B83C-437B61D9A16D} : DHCPNameServer = 192.168.0.1
SSODL: WebCheck - <orphaned>
x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe
x64-IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\74yhqh0k.default\
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
.
============= SERVICES / DRIVERS ===============
.
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 203264]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R3 RTL8167;Realtek 8167 NT-Treiber;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
.
=============== Created Last 30 ================
.
2013-02-23 16:00:46 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5E89F641-6F88-4EBC-8251-CE5265E5F204}\offreg.dll
2013-02-23 15:27:14 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
2013-02-23 15:27:09 -------- d-----w- C:\Windows\System32\wbem\en-US
2013-02-23 03:55:12 311808 ----a-w- C:\Windows\System32\msv1_0.dll
2013-02-23 03:55:12 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2013-02-23 03:43:26 2560 ----a-w- C:\Windows\System32\drivers\de-DE\wdf01000.sys.mui
2013-02-23 03:43:25 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-02-23 03:43:25 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-02-23 03:43:25 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-02-23 03:29:24 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2013-02-23 03:29:24 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2013-02-23 03:29:24 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2013-02-23 03:29:24 444752 ----a-w- C:\Windows\System32\mscoree.dll
2013-02-23 03:29:24 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2013-02-23 03:29:24 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2013-02-23 03:29:24 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2013-02-23 03:29:24 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2013-02-23 03:29:24 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2013-02-23 03:29:24 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2013-02-23 03:27:28 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2013-02-23 03:15:28 -------- d-----w- C:\Users\***\AppData\Local\Macromedia
2013-02-23 03:04:11 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2013-02-23 03:03:55 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2013-02-23 03:03:55 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-02-23 03:03:55 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-02-23 03:03:55 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-02-23 03:03:55 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2013-02-23 03:03:55 100864 ----a-w- C:\Windows\System32\fontsub.dll
2013-02-23 03:02:48 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-02-23 03:02:48 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-02-23 03:02:48 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-02-23 03:02:48 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-02-23 03:02:47 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-02-23 03:02:47 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-02-23 03:02:47 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-02-23 02:57:30 80896 ----a-w- C:\Windows\System32\imagehlp.dll
2013-02-23 02:57:30 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-02-23 02:57:30 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-02-23 02:57:30 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-02-23 02:57:30 158720 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-02-23 02:54:45 -------- d-----w- C:\Users\***\AppData\Local\Microsoft Help
2013-02-23 02:53:23 243712 ----a-w- C:\Windows\System32\drivers\ks.sys
2013-02-23 02:53:23 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys
2013-02-23 02:49:19 3150848 ----a-w- C:\Windows\System32\win32k.sys
2013-02-23 02:49:13 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2013-02-23 02:49:12 641536 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2013-02-23 02:49:12 552960 ----a-w- C:\Windows\System32\msdri.dll
2013-02-23 02:49:12 258560 ----a-w- C:\Windows\System32\mpg2splt.ax
2013-02-23 02:49:11 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2013-02-23 02:49:01 5504880 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-02-23 02:49:00 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-02-23 02:47:57 46592 ----a-w- C:\Windows\SysWow64\fpb.rs
2013-02-23 02:46:54 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2013-02-23 02:45:52 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe
2013-02-23 02:45:52 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
2013-02-23 02:45:52 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll
2013-02-23 02:45:51 295792 ----a-w- C:\Windows\System32\drivers\volsnap.sys
2013-02-23 02:45:49 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-02-23 02:45:49 223448 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-02-23 02:45:48 95744 ----a-w- C:\Windows\System32\synceng.dll
2013-02-23 02:45:47 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2013-02-23 02:45:43 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2013-02-23 02:45:42 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2013-02-23 02:45:41 1739160 ----a-w- C:\Windows\System32\ntdll.dll
2013-02-23 02:45:41 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-02-23 02:43:59 46592 ----a-w- C:\Windows\System32\msasn1.dll
2013-02-23 02:43:59 34816 ----a-w- C:\Windows\SysWow64\msasn1.dll
2013-02-23 02:43:58 503808 ----a-w- C:\Windows\System32\srcore.dll
2013-02-23 02:43:57 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2013-02-23 02:43:01 1425408 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll
2013-02-23 02:43:00 987136 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll
2013-02-23 02:41:54 3138048 ----a-w- C:\Windows\System32\mstscax.dll
2013-02-23 02:40:43 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2013-02-23 02:40:43 286720 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2013-02-23 02:40:43 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2013-02-23 02:40:43 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2013-02-23 02:40:40 -------- d-----w- C:\Users\***\AppData\Local\Mozilla
2013-02-23 02:39:44 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2013-02-23 02:39:44 634368 ----a-w- C:\Windows\System32\msvcrt.dll
2013-02-23 02:39:23 58880 ----a-w- C:\Windows\System32\browcli.dll
2013-02-23 02:39:23 41472 ----a-w- C:\Windows\SysWow64\browcli.dll
2013-02-23 02:39:23 136704 ----a-w- C:\Windows\System32\browser.dll
2013-02-23 02:39:05 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2013-02-23 02:39:05 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2013-02-23 02:39:05 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2013-02-23 02:38:11 112000 ----a-w- C:\Windows\System32\consent.exe
2013-02-23 02:37:52 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2013-02-23 02:37:52 31232 ----a-w- C:\Windows\System32\prevhost.exe
2013-02-23 02:33:54 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-02-23 02:33:54 67584 ----a-w- C:\Windows\splwow64.exe
2013-02-23 02:33:54 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2013-02-23 02:33:54 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-02-23 02:33:17 -------- d-----w- C:\Users\***\AppData\Roaming\BitTorrent
2013-02-23 02:32:39 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2013-02-23 02:32:39 236032 ----a-w- C:\Windows\System32\srvsvc.dll
2013-02-23 02:30:56 182272 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-02-23 02:30:56 1462784 ----a-w- C:\Windows\System32\crypt32.dll
2013-02-23 02:30:56 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2013-02-23 02:30:56 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-02-23 02:30:56 1157632 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-02-23 02:30:56 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-02-23 02:29:48 77312 ----a-w- C:\Windows\System32\packager.dll
2013-02-23 02:29:48 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2013-02-23 02:14:39 -------- d-----w- C:\Program Files\Classic Shell
2013-02-23 02:13:47 -------- d-sh--w- C:\Windows\Installer
2013-02-23 02:13:34 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-23 02:13:34 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-23 02:09:00 9162192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5E89F641-6F88-4EBC-8251-CE5265E5F204}\mpengine.dll
2013-02-23 02:09:00 273840 ------w- C:\Windows\System32\MpSigStub.exe
2013-02-23 01:58:42 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-02-23 01:58:42 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-02-23 01:58:42 139264 ----a-w- C:\Windows\System32\cabview.dll
2013-02-23 01:58:42 132608 ----a-w- C:\Windows\SysWow64\cabview.dll
2013-02-23 01:58:42 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-02-23 01:53:27 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-02-23 01:53:15 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-02-23 01:53:05 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-02-23 01:53:05 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-02-23 01:48:30 0 ----a-w- C:\Windows\ativpsrm.bin
2013-02-23 01:45:46 -------- d-----w- C:\Windows\Panther
.
==================== Find3M ====================
.
2013-01-04 05:41:01 1893224 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-01-04 05:40:54 287576 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-01-04 05:37:01 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-01-04 05:37:00 243200 ----a-w- C:\Windows\System32\wow64.dll
2013-01-04 05:37:00 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-01-04 05:36:33 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-01-04 05:33:49 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-01-04 05:30:34 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2013-01-04 05:27:03 6144 ---ha-w- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-01-04 05:27:03 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 05:27:03 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-01-04 05:27:02 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 05:27:02 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-04 05:27:02 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-01-04 05:27:01 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-04 05:27:01 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-01-04 05:27:00 4608 ---ha-w- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-04 05:27:00 3584 ---ha-w- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-04 05:27:00 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-01-04 04:51:09 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-01-04 04:51:08 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-01-04 03:19:55 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-01-04 02:48:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-01-04 02:48:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-01-04 02:48:34 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-01-04 02:48:33 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-01-04 02:43:35 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 02:43:34 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-01-04 02:43:34 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 02:43:34 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-12-07 05:41:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 05:35:34 2745856 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 05:04:20 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 04:57:38 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 03:21:08 45568 ----a-w- C:\Windows\SysWow64\oflc-nz.rs
2012-12-07 03:21:08 44544 ----a-w- C:\Windows\SysWow64\pegibbfc.rs
2012-12-07 03:21:08 43520 ----a-w- C:\Windows\SysWow64\csrr.rs
2012-12-07 03:21:08 30720 ----a-w- C:\Windows\SysWow64\usk.rs
2012-12-07 03:21:08 23552 ----a-w- C:\Windows\SysWow64\oflc.rs
2012-12-07 03:21:07 20480 ----a-w- C:\Windows\SysWow64\pegi-pt.rs
2012-12-07 03:21:06 20480 ----a-w- C:\Windows\SysWow64\pegi.rs
2012-12-07 03:21:06 20480 ----a-w- C:\Windows\SysWow64\pegi-fi.rs
2012-12-07 03:21:05 55296 ----a-w- C:\Windows\SysWow64\cero.rs
2012-12-07 03:21:05 51712 ----a-w- C:\Windows\SysWow64\esrb.rs
2012-12-07 03:21:05 21504 ----a-w- C:\Windows\SysWow64\grb.rs
2012-12-07 03:21:04 40960 ----a-w- C:\Windows\SysWow64\cob-au.rs
2012-12-07 03:21:04 15360 ----a-w- C:\Windows\SysWow64\djctq.rs
.
============= FINISH: 17:50:04,64 ===============
--- --- --- dds attach: Code:
ATTFilter .
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 23.02.2013 02:52:30
System Uptime: 23.02.2013 16:28:27 (1 hours ago)
.
Motherboard: Hewlett-Packard | | 3637
Processor: AMD Athlon(tm) II Dual-Core M300 | Socket S1G3 | 2000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 285 GiB total, 260,81 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 2,204 GiB free.
E: is FIXED (FAT32) - 0 GiB total, 0,094 GiB free.
F: is CDROM ()
G: is FIXED (NTFS) - 466 GiB total, 25,139 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ACPI\ENE0100\4&2DB57F6&0
Manufacturer:
Name:
PNP Device ID: ACPI\ENE0100\4&2DB57F6&0
Service:
.
==== System Restore Points ===================
.
RP1: 23.02.2013 02:52:44 - Windows Update
RP2: 23.02.2013 02:58:45 - Windows Update
RP3: 23.02.2013 03:14:06 - Installed Classic Shell
RP4: 23.02.2013 03:27:33 - Windows Modules Installer
RP5: 23.02.2013 03:51:47 - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Classic Shell
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Mozilla Firefox 19.0 (x86 de)
Mozilla Maintenance Service
.
==== End Of File ===========================
Danke! Geändert von akakesios (23.02.2013 um 18:02 Uhr) |
|
23.02.2013, 18:21
| #4 |
| /// TB-Ausbilder | trotz Neuaufsetzen des Systems: Iexplore.exe im Taskmanager Das sieht eigentlich gut aus. Nur eine Frage: Wozu hast du ein Laufwerk E: mit so einer geringen Größe? Ist das Absicht?
__________________  Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
23.02.2013, 18:45
| #5 |
| | trotz Neuaufsetzen des Systems: Iexplore.exe im Taskmanager Nein, Absicht ist das nicht..Das Laufwerk war nach der Windows Installation plötzlich da.. Sieht alles gut aus? Aber dass Problem besteht weiter, ich kann keine Videos im Internet anschauen, es laufen parallel mehrer iexplore Prozesse die am Arbeitsspeicher saugen... Und das obwohl ich die Platte formatiert habe..Ich verstehs nicht |
|
23.02.2013, 19:24
| #6 |
| /// TB-Ausbilder | trotz Neuaufsetzen des Systems: Iexplore.exe im Taskmanager Nein das ist gar nicht gut! Ich brauche dazu einen externen Scan. Scan mit Farbar's Recovery Scan Tool
__________________ --> trotz Neuaufsetzen des Systems: Iexplore.exe im Taskmanager |
|
23.02.2013, 20:53
| #7 |
| | trotz Neuaufsetzen des Systems: Iexplore.exe im Taskmanager FRST64: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2013 01
Ran by SYSTEM at 23-02-2013 20:38:32
Running from H:\
Windows 7 Ultimate (X64) OS Language: German Standard
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe [160256 2012-12-29] (IvoSoft)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKU\***\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3673728 2012-11-06] (DT Soft Ltd)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
==================== Services (Whitelisted) ===================
==================== Drivers (Whitelisted) =====================
1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [283200 2013-02-23] (DT Soft Ltd)
==================== NetSvcs (Whitelisted) ====================
==================== One Month Created Files and Folders ========
2013-02-23 20:38 - 2013-02-23 20:38 - 00000000 ____D C:\FRST
2013-02-23 20:30 - 2013-02-23 20:33 - 01464427 ____A (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-02-23 20:12 - 2013-02-23 20:12 - 01559112 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-02-23 20:11 - 2013-02-23 20:11 - 00909666 ____A (Farbar) C:\Users\***\Downloads\FRST(2).exe
2013-02-23 20:11 - 2013-02-23 20:11 - 00909666 ____A (Farbar) C:\Users\***\Downloads\FRST(1).exe
2013-02-23 20:10 - 2013-02-23 20:10 - 00909666 ____A (Farbar) C:\Users\***\Downloads\FRST.exe
2013-02-23 20:10 - 2013-02-23 20:10 - 00000000 ____D C:\85295e3757de8bbc211cc5f71ef3
2013-02-23 20:09 - 2013-02-23 20:10 - 50349920 ____A (Microsoft Corporation) C:\Users\***\Downloads\dotnetfx45_full_x86_x64.exe
2013-02-23 19:10 - 2013-02-23 19:10 - 00000000 ____D C:\Windows\PCHEALTH
2013-02-23 19:10 - 2013-02-23 19:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-02-23 19:10 - 2013-02-23 19:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-02-23 19:10 - 2013-02-23 19:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-02-23 19:08 - 2013-02-23 19:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-02-23 19:01 - 2013-02-23 19:01 - 00000000 ____D C:\Users\***\AppData\Roaming\WinRAR
2013-02-23 19:00 - 2013-02-23 19:01 - 00000000 ____D C:\Program Files\WinRAR
2013-02-23 19:00 - 2013-02-23 19:00 - 01758824 ____A C:\Users\***\Downloads\winrar-x64-420d.exe
2013-02-23 18:58 - 2013-02-23 19:05 - 00000000 ____D C:\Users\***\AppData\Roaming\DAEMON Tools Lite
2013-02-23 18:58 - 2013-02-23 19:05 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-02-23 18:58 - 2013-02-23 18:58 - 00283200 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2013-02-23 18:58 - 2013-02-23 18:58 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-02-23 18:56 - 2013-02-23 18:56 - 14682176 ____A (DT Soft Ltd) C:\Users\***\Downloads\DTLite4461-0327.exe
2013-02-23 18:39 - 2013-02-23 18:39 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2013-02-23 17:48 - 2013-02-23 17:48 - 00700783 ____R (Swearware) C:\Users\***\Desktop\dds+.exe
2013-02-23 17:43 - 2013-02-23 17:44 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\***\Desktop\tdsskiller.exe
2013-02-23 17:40 - 2013-02-23 17:40 - 00000000 ____A C:\Users\***\defogger_reenable
2013-02-23 16:57 - 2013-02-23 16:57 - 00050477 ____A C:\Users\***\Desktop\Defogger.exe
2013-02-23 16:30 - 2013-02-23 16:30 - 00001750 ____A C:\Users\Public\Desktop\Browserwahl.lnk
2013-02-23 16:25 - 2013-02-23 20:15 - 00016720 ____A C:\Windows\PFRO.log
2013-02-23 04:55 - 2009-09-10 07:28 - 00311808 ____A (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2013-02-23 04:55 - 2009-09-10 06:52 - 00257024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2013-02-23 04:49 - 2013-02-04 22:49 - 70004024 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-02-23 04:43 - 2012-07-26 05:55 - 00785512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2013-02-23 04:43 - 2012-07-26 05:55 - 00054376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2013-02-23 04:43 - 2012-07-26 03:36 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2013-02-23 04:43 - 2012-06-02 15:35 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-02-23 04:29 - 2009-11-25 12:47 - 01942856 ____A (Microsoft Corporation) C:\Windows\System32\dfshim.dll
2013-02-23 04:29 - 2009-11-25 12:47 - 01130824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2013-02-23 04:29 - 2009-11-25 12:47 - 00444752 ____A (Microsoft Corporation) C:\Windows\System32\mscoree.dll
2013-02-23 04:29 - 2009-11-25 12:47 - 00320352 ____A (Microsoft Corporation) C:\Windows\System32\PresentationHost.exe
2013-02-23 04:29 - 2009-11-25 12:47 - 00297808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2013-02-23 04:29 - 2009-11-25 12:47 - 00295264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2013-02-23 04:29 - 2009-11-25 12:47 - 00109912 ____A (Microsoft Corporation) C:\Windows\System32\PresentationHostProxy.dll
2013-02-23 04:29 - 2009-11-25 12:47 - 00099176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2013-02-23 04:29 - 2009-11-25 12:47 - 00049472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2013-02-23 04:29 - 2009-11-25 12:47 - 00048960 ____A (Microsoft Corporation) C:\Windows\System32\netfxperf.dll
2013-02-23 04:27 - 2010-02-23 09:16 - 00294912 ____A (Microsoft Corporation) C:\Windows\System32\browserchoice.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 17812992 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 12321280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 03695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-02-23 04:23 - 2013-02-23 04:23 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-02-23 04:23 - 2013-02-23 04:23 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-02-23 04:23 - 2013-02-23 04:23 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-02-23 04:23 - 2013-02-23 04:23 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-02-23 04:23 - 2013-02-23 04:23 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-02-23 04:23 - 2013-02-23 04:23 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-02-23 04:23 - 2013-02-23 04:23 - 00434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-02-23 04:23 - 2013-02-23 04:23 - 00353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-02-23 04:23 - 2013-02-23 04:23 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-02-23 04:23 - 2013-02-23 04:23 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-02-23 04:22 - 2013-02-23 04:25 - 00004747 ____A C:\Windows\IE9_main.log
2013-02-23 04:15 - 2013-02-23 04:15 - 00000000 ____D C:\Users\***\AppData\Local\Macromedia
2013-02-23 04:04 - 2013-02-23 04:04 - 00000000 ____D C:\Program Files\Microsoft Office
2013-02-23 04:04 - 2013-02-23 04:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-02-23 04:03 - 2013-02-23 19:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-02-23 04:03 - 2013-02-23 04:03 - 00000000 __RHD C:\MSOCache
2013-02-23 04:03 - 2012-12-16 17:52 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2013-02-23 04:03 - 2012-12-16 15:40 - 00367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2013-02-23 04:03 - 2012-12-16 15:25 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-02-23 04:03 - 2012-12-16 15:25 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-02-23 04:03 - 2009-10-19 15:46 - 00100864 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2013-02-23 04:03 - 2009-10-19 15:10 - 00070656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-02-23 04:02 - 2012-07-26 04:08 - 00744448 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2013-02-23 04:02 - 2012-07-26 04:08 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2013-02-23 04:02 - 2012-07-26 04:08 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2013-02-23 04:02 - 2012-07-26 04:08 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2013-02-23 04:02 - 2012-07-26 04:08 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2013-02-23 04:02 - 2012-07-26 03:26 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2013-02-23 04:02 - 2012-07-26 03:26 - 00087040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2013-02-23 04:02 - 2012-06-02 15:57 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-02-23 03:57 - 2012-03-01 07:54 - 00022896 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2013-02-23 03:57 - 2012-03-01 07:40 - 00080896 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2013-02-23 03:57 - 2012-03-01 07:35 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2013-02-23 03:57 - 2012-03-01 06:45 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-02-23 03:57 - 2012-03-01 06:40 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2013-02-23 03:54 - 2013-02-23 19:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-02-23 03:54 - 2013-02-23 03:54 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft Help
2013-02-23 03:53 - 2010-03-04 05:40 - 00184832 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2013-02-23 03:53 - 2010-03-04 05:32 - 00243712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2013-02-23 03:50 - 2011-01-26 07:53 - 00982912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-02-23 03:50 - 2011-01-26 07:53 - 00265088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-02-23 03:50 - 2011-01-26 07:31 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-02-23 03:50 - 2010-11-02 06:18 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2013-02-23 03:50 - 2010-11-02 06:12 - 01837568 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-02-23 03:50 - 2010-11-02 06:12 - 01540608 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-02-23 03:50 - 2010-11-02 06:12 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-02-23 03:50 - 2010-11-02 06:12 - 00902656 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-02-23 03:50 - 2010-11-02 05:41 - 00135168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2013-02-23 03:50 - 2010-11-02 05:35 - 01170944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-02-23 03:50 - 2010-11-02 05:35 - 01074176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-02-23 03:50 - 2010-11-02 05:35 - 00739840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-02-23 03:50 - 2010-06-26 06:31 - 01863680 ____A (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2013-02-23 03:50 - 2010-06-26 06:14 - 01495040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2013-02-23 03:50 - 2010-05-23 11:15 - 01619456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-02-23 03:50 - 2010-05-23 11:11 - 03181568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2013-02-23 03:50 - 2010-05-23 11:11 - 00196608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-02-23 03:50 - 2010-05-23 09:37 - 01888256 ____A (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-02-23 03:50 - 2010-05-23 09:35 - 04068864 ____A (Microsoft Corporation) C:\Windows\System32\mf.dll
2013-02-23 03:50 - 2010-05-23 09:35 - 00257024 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2013-02-23 03:50 - 2010-05-23 09:35 - 00206848 ____A (Microsoft Corporation) C:\Windows\System32\mfps.dll
2013-02-23 03:49 - 2013-01-04 04:22 - 03150848 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-02-23 03:49 - 2012-04-02 06:34 - 05504880 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-02-23 03:49 - 2012-04-02 05:46 - 03902320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-02-23 03:49 - 2010-08-04 08:07 - 00961024 ____A (Microsoft Corporation) C:\Windows\System32\CPFilters.dll
2013-02-23 03:49 - 2010-08-04 08:07 - 00552960 ____A (Microsoft Corporation) C:\Windows\System32\msdri.dll
2013-02-23 03:49 - 2010-08-04 08:05 - 00258560 ____A (Microsoft Corporation) C:\Windows\System32\mpg2splt.ax
2013-02-23 03:49 - 2010-08-04 07:18 - 00641536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2013-02-23 03:49 - 2010-08-04 07:15 - 00199680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2013-02-23 03:48 - 2013-01-04 06:41 - 01893224 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-02-23 03:48 - 2013-01-04 06:40 - 00287576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-02-23 03:48 - 2013-01-04 06:37 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2013-02-23 03:48 - 2013-01-04 06:37 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-02-23 03:48 - 2013-01-04 06:37 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2013-02-23 03:48 - 2013-01-04 06:36 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-02-23 03:48 - 2013-01-04 06:33 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2013-02-23 03:48 - 2013-01-04 06:30 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-02-23 03:48 - 2013-01-04 06:30 - 00424960 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-02-23 03:48 - 2013-01-04 06:27 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:27 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:27 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:27 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:27 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:27 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:27 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:27 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:27 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:27 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:27 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:26 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 06:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:51 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-02-23 03:48 - 2013-01-04 05:51 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-02-23 03:48 - 2013-01-04 05:51 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 05:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 04:19 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-02-23 03:48 - 2013-01-04 03:48 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-02-23 03:48 - 2013-01-04 03:48 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-02-23 03:48 - 2013-01-04 03:48 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-02-23 03:48 - 2013-01-04 03:48 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-02-23 03:48 - 2013-01-04 03:43 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 03:43 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 03:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-02-23 03:48 - 2013-01-04 03:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-02-23 03:48 - 2012-11-30 00:21 - 00420032 ____A C:\Windows\SysWOW64\locale.nls
2013-02-23 03:48 - 2012-11-30 00:19 - 00420032 ____A C:\Windows\System32\locale.nls
2013-02-23 03:48 - 2012-06-09 06:30 - 14165504 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-02-23 03:48 - 2012-06-09 05:46 - 12868608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-02-23 03:48 - 2012-04-02 05:46 - 03958128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-02-23 03:48 - 2010-12-21 07:16 - 00442880 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2013-02-23 03:48 - 2010-12-21 07:16 - 00258048 ____A (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2013-02-23 03:48 - 2010-12-21 07:16 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\wscsvc.dll
2013-02-23 03:48 - 2010-12-21 07:16 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\wscapi.dll
2013-02-23 03:48 - 2010-12-21 07:15 - 00264192 ____A (Microsoft Corporation) C:\Windows\System32\upnp.dll
2013-02-23 03:48 - 2010-12-21 07:15 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\slwga.dll
2013-02-23 03:48 - 2010-12-21 07:10 - 00100864 ____A (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2013-02-23 03:48 - 2010-12-21 06:38 - 00350720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-02-23 03:48 - 2010-12-21 06:38 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-02-23 03:48 - 2010-12-21 06:38 - 00204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2013-02-23 03:48 - 2010-12-21 06:38 - 00051200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2013-02-23 03:48 - 2010-12-21 06:38 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2013-02-23 03:48 - 2010-12-21 06:34 - 00080384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-02-23 03:47 - 2012-12-07 06:41 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\Wpc.dll
2013-02-23 03:47 - 2012-12-07 06:35 - 02745856 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
2013-02-23 03:47 - 2012-12-07 06:04 - 00308736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-02-23 03:47 - 2012-12-07 05:57 - 02576384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-02-23 03:47 - 2012-12-07 04:45 - 00055296 ____A (Microsoft) C:\Windows\System32\cero.rs
2013-02-23 03:47 - 2012-12-07 04:45 - 00051712 ____A (Microsoft) C:\Windows\System32\esrb.rs
2013-02-23 03:47 - 2012-12-07 04:45 - 00046592 ____A (Microsoft) C:\Windows\System32\fpb.rs
2013-02-23 03:47 - 2012-12-07 04:45 - 00045568 ____A (Microsoft) C:\Windows\System32\oflc-nz.rs
2013-02-23 03:47 - 2012-12-07 04:45 - 00044544 ____A (Microsoft) C:\Windows\System32\pegibbfc.rs
2013-02-23 03:47 - 2012-12-07 04:45 - 00043520 ____A (Microsoft) C:\Windows\System32\csrr.rs
2013-02-23 03:47 - 2012-12-07 04:45 - 00040960 ____A (Microsoft) C:\Windows\System32\cob-au.rs
2013-02-23 03:47 - 2012-12-07 04:45 - 00030720 ____A (Microsoft) C:\Windows\System32\usk.rs
2013-02-23 03:47 - 2012-12-07 04:45 - 00023552 ____A (Microsoft) C:\Windows\System32\oflc.rs
2013-02-23 03:47 - 2012-12-07 04:45 - 00021504 ____A (Microsoft) C:\Windows\System32\grb.rs
2013-02-23 03:47 - 2012-12-07 04:45 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-pt.rs
2013-02-23 03:47 - 2012-12-07 04:45 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-fi.rs
2013-02-23 03:47 - 2012-12-07 04:45 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi.rs
2013-02-23 03:47 - 2012-12-07 04:45 - 00015360 ____A (Microsoft) C:\Windows\System32\djctq.rs
2013-02-23 03:47 - 2012-12-07 04:21 - 00055296 ____A (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-02-23 03:47 - 2012-12-07 04:21 - 00051712 ____A (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-02-23 03:47 - 2012-12-07 04:21 - 00046592 ____A (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-02-23 03:47 - 2012-12-07 04:21 - 00045568 ____A (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-02-23 03:47 - 2012-12-07 04:21 - 00044544 ____A (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-02-23 03:47 - 2012-12-07 04:21 - 00043520 ____A (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-02-23 03:47 - 2012-12-07 04:21 - 00040960 ____A (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-02-23 03:47 - 2012-12-07 04:21 - 00030720 ____A (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-02-23 03:47 - 2012-12-07 04:21 - 00023552 ____A (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-02-23 03:47 - 2012-12-07 04:21 - 00021504 ____A (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-02-23 03:47 - 2012-12-07 04:21 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-02-23 03:47 - 2012-12-07 04:21 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-02-23 03:47 - 2012-12-07 04:21 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-02-23 03:47 - 2012-12-07 04:21 - 00015360 ____A (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-02-23 03:47 - 2012-11-02 06:30 - 02001408 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-02-23 03:47 - 2012-11-02 06:30 - 01880064 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-02-23 03:47 - 2012-11-02 05:50 - 01388544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-02-23 03:47 - 2012-11-02 05:50 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-02-23 03:47 - 2012-08-11 01:53 - 00714752 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2013-02-23 03:47 - 2012-08-11 00:54 - 00541184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-02-23 03:47 - 2012-06-02 06:38 - 00152432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-02-23 03:47 - 2012-06-02 06:38 - 00095088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2013-02-23 03:47 - 2012-06-02 06:37 - 00459216 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-02-23 03:47 - 2012-06-02 06:27 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-02-23 03:47 - 2012-06-02 05:48 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-02-23 03:47 - 2012-06-02 05:48 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-02-23 03:47 - 2012-06-02 05:42 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-02-23 03:47 - 2011-11-17 08:11 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2013-02-23 03:47 - 2011-11-17 08:11 - 00028672 ____A (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2013-02-23 03:47 - 2011-11-17 08:11 - 00028160 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll
2013-02-23 03:47 - 2011-11-17 08:08 - 01446912 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-02-23 03:47 - 2011-11-17 08:05 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
2013-02-23 03:47 - 2011-04-29 04:13 - 00461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2013-02-23 03:47 - 2011-04-29 04:12 - 00399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2013-02-23 03:47 - 2011-04-29 04:12 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2013-02-23 03:47 - 2011-03-12 13:03 - 00662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-02-23 03:47 - 2011-03-12 12:31 - 00442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-02-23 03:47 - 2009-12-19 10:50 - 00014848 ____A (Microsoft Corporation) C:\Windows\System32\tsbyuv.dll
2013-02-23 03:47 - 2009-12-19 10:49 - 01572352 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll
2013-02-23 03:47 - 2009-12-19 10:47 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\msvidc32.dll
2013-02-23 03:47 - 2009-12-19 10:47 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\msyuv.dll
2013-02-23 03:47 - 2009-12-19 10:47 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\msrle32.dll
2013-02-23 03:47 - 2009-12-19 10:46 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\iyuv_32.dll
2013-02-23 03:47 - 2009-12-19 10:02 - 01328640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2013-02-23 03:47 - 2009-12-19 10:02 - 00091648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll
2013-02-23 03:47 - 2009-12-19 10:02 - 00084480 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll
2013-02-23 03:47 - 2009-12-19 10:02 - 00050176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll
2013-02-23 03:47 - 2009-12-19 10:02 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll
2013-02-23 03:47 - 2009-12-19 10:02 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
2013-02-23 03:47 - 2009-12-19 10:02 - 00013312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll
2013-02-23 03:47 - 2009-12-19 10:02 - 00012288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll
2013-02-23 03:47 - 2009-10-31 07:34 - 02870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2013-02-23 03:47 - 2009-10-31 06:45 - 02614272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-02-23 03:47 - 2009-10-28 07:24 - 00389632 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2013-02-23 03:46 - 2012-11-22 11:32 - 00801280 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll
2013-02-23 03:46 - 2012-11-22 10:33 - 00627712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-02-23 03:46 - 2012-11-20 06:55 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-02-23 03:46 - 2012-11-20 06:10 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-02-23 03:46 - 2012-11-02 06:27 - 00478208 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2013-02-23 03:46 - 2012-11-02 05:48 - 00376832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-02-23 03:46 - 2012-08-24 19:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-02-23 03:46 - 2012-08-24 18:10 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-02-23 03:46 - 2012-08-02 18:55 - 00574464 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-02-23 03:46 - 2012-08-02 18:05 - 00490496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-02-23 03:46 - 2012-05-02 06:32 - 00208896 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2013-02-23 03:46 - 2012-04-28 04:50 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2013-02-23 03:46 - 2012-04-26 06:34 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2013-02-23 03:46 - 2012-04-26 06:34 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2013-02-23 03:46 - 2012-04-26 06:28 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2013-02-23 03:46 - 2012-04-07 13:18 - 03213824 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2013-02-23 03:46 - 2012-04-07 12:34 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2013-02-23 03:46 - 2012-03-17 08:55 - 00075632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2013-02-23 03:46 - 2012-01-03 07:24 - 00515584 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2013-02-23 03:46 - 2012-01-03 06:44 - 00478208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2013-02-23 03:46 - 2011-12-28 04:59 - 00499200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-02-23 03:46 - 2011-08-17 06:32 - 00613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2013-02-23 03:46 - 2011-08-17 06:27 - 00288256 ____A (Microsoft Corporation) C:\Windows\System32\MSNP.ax
2013-02-23 03:46 - 2011-08-17 06:27 - 00108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2013-02-23 03:46 - 2011-08-17 06:27 - 00104960 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax
2013-02-23 03:46 - 2011-08-17 06:27 - 00075776 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax
2013-02-23 03:46 - 2011-08-17 05:26 - 00465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2013-02-23 03:46 - 2011-08-17 05:22 - 00204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2013-02-23 03:46 - 2011-08-17 05:22 - 00075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2013-02-23 03:46 - 2011-08-17 05:22 - 00072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2013-02-23 03:46 - 2011-08-17 05:22 - 00059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2013-02-23 03:46 - 2011-04-22 21:18 - 00027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2013-02-23 03:46 - 2011-03-11 07:19 - 01395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2013-02-23 03:46 - 2011-03-11 07:19 - 01359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2013-02-23 03:46 - 2011-03-11 06:40 - 01164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2013-02-23 03:46 - 2011-03-11 06:40 - 01137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2013-02-23 03:46 - 2011-03-03 07:17 - 00356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2013-02-23 03:46 - 2011-03-03 07:17 - 00182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2013-02-23 03:46 - 2011-03-03 07:14 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2013-02-23 03:46 - 2011-03-03 06:29 - 00269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2013-02-23 03:46 - 2011-03-03 06:27 - 00028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2013-02-23 03:46 - 2011-02-24 07:30 - 00476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-02-23 03:46 - 2011-02-24 06:32 - 00288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-02-23 03:46 - 2011-02-05 13:41 - 00640896 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
2013-02-23 03:46 - 2011-02-05 13:41 - 00556928 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
2013-02-23 03:46 - 2011-02-05 13:41 - 00020352 ____A (Microsoft Corporation) C:\Windows\System32\kdusb.dll
2013-02-23 03:46 - 2011-02-05 13:41 - 00019328 ____A (Microsoft Corporation) C:\Windows\System32\kd1394.dll
2013-02-23 03:46 - 2011-02-05 13:41 - 00017792 ____A (Microsoft Corporation) C:\Windows\System32\kdcom.dll
2013-02-23 03:46 - 2011-02-05 13:39 - 00603976 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-02-23 03:46 - 2011-02-05 13:39 - 00518160 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-02-23 03:46 - 2011-01-17 07:17 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-02-23 03:46 - 2011-01-17 06:38 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-02-23 03:46 - 2010-11-02 06:12 - 00320512 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-02-23 03:46 - 2010-11-02 05:35 - 00218624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-02-23 03:46 - 2010-08-21 07:38 - 01024512 ____A (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2013-02-23 03:46 - 2010-08-21 07:31 - 00633856 ____A (Microsoft Corporation) C:\Windows\System32\comctl32.dll
2013-02-23 03:46 - 2010-08-21 06:36 - 00738816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2013-02-23 03:46 - 2010-08-21 06:33 - 00530432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-02-23 03:46 - 2010-07-29 07:30 - 00082944 ____A (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll
2013-02-23 03:46 - 2010-06-19 07:53 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\rtutils.dll
2013-02-23 03:46 - 2010-06-19 07:23 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2013-02-23 03:46 - 2010-01-19 10:05 - 00424960 ____A (Microsoft Corporation) C:\Windows\System32\secproc.dll
2013-02-23 03:46 - 2010-01-19 10:05 - 00422912 ____A (Microsoft Corporation) C:\Windows\System32\secproc_isv.dll
2013-02-23 03:46 - 2010-01-19 10:05 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp_isv.dll
2013-02-23 03:46 - 2010-01-19 10:05 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\secproc_ssp.dll
2013-02-23 03:46 - 2010-01-19 10:00 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_isv.exe
2013-02-23 03:46 - 2010-01-19 10:00 - 00356352 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate.exe
2013-02-23 03:46 - 2010-01-19 10:00 - 00306688 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp.exe
2013-02-23 03:46 - 2010-01-19 10:00 - 00305152 ____A (Microsoft Corporation) C:\Windows\System32\RMActivate_ssp_isv.exe
2013-02-23 03:46 - 2010-01-19 00:29 - 00369152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2013-02-23 03:46 - 2010-01-19 00:29 - 00365568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2013-02-23 03:46 - 2010-01-19 00:29 - 00085504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2013-02-23 03:46 - 2010-01-19 00:29 - 00085504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2013-02-23 03:46 - 2010-01-19 00:28 - 00324608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2013-02-23 03:46 - 2010-01-19 00:28 - 00320512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2013-02-23 03:46 - 2010-01-19 00:28 - 00280064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2013-02-23 03:46 - 2010-01-19 00:28 - 00277504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2013-02-23 03:46 - 2009-10-19 15:46 - 00148480 ____A (Microsoft Corporation) C:\Windows\System32\t2embed.dll
2013-02-23 03:46 - 2009-10-19 15:10 - 00108544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2013-02-23 03:45 - 2012-09-25 23:39 - 00095744 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2013-02-23 03:45 - 2012-09-25 22:55 - 00078336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-02-23 03:45 - 2012-09-06 18:38 - 00295792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2013-02-23 03:45 - 2011-11-17 08:14 - 01739160 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-02-23 03:45 - 2011-11-17 06:41 - 01292592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-02-23 03:45 - 2011-10-26 06:19 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-02-23 03:45 - 2010-08-31 05:32 - 00954752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2013-02-23 03:45 - 2010-08-31 05:32 - 00954288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2013-02-23 03:45 - 2009-09-26 07:20 - 00223448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-02-23 03:43 - 2012-05-05 09:30 - 00503808 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2013-02-23 03:43 - 2012-05-05 08:44 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2013-02-23 03:43 - 2009-08-29 08:50 - 00046592 ____A (Microsoft Corporation) C:\Windows\System32\msasn1.dll
2013-02-23 03:43 - 2009-08-29 07:57 - 00034816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2013-02-23 03:42 - 2010-10-16 06:17 - 00720896 ____A (Microsoft Corporation) C:\Windows\System32\odbc32.dll
2013-02-23 03:42 - 2010-10-16 05:34 - 00573440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2013-02-23 03:42 - 2010-09-01 06:21 - 14627840 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
2013-02-23 03:42 - 2010-09-01 06:12 - 12625920 ____A (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2013-02-23 03:42 - 2010-09-01 05:29 - 11406848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-02-23 03:42 - 2010-09-01 05:23 - 12625408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-02-23 03:41 - 2012-05-14 06:20 - 00956416 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2013-02-23 03:41 - 2011-10-15 07:25 - 00723456 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2013-02-23 03:41 - 2011-10-15 06:48 - 00534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2013-02-23 03:41 - 2011-08-27 06:40 - 00861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2013-02-23 03:41 - 2011-08-27 06:40 - 00331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2013-02-23 03:41 - 2011-08-27 05:43 - 00571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-02-23 03:41 - 2011-08-27 05:43 - 00233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2013-02-23 03:41 - 2011-05-24 12:21 - 00404992 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2013-02-23 03:41 - 2011-05-24 11:34 - 00145920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2013-02-23 03:41 - 2011-05-24 11:34 - 00064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2013-02-23 03:41 - 2011-05-24 11:34 - 00044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2013-02-23 03:41 - 2011-05-24 11:32 - 00252928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2013-02-23 03:41 - 2010-12-18 07:12 - 03138048 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-02-23 03:41 - 2010-12-18 07:08 - 01097216 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-02-23 03:41 - 2010-12-18 06:30 - 02690560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-02-23 03:41 - 2010-12-18 06:26 - 01034240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-02-23 03:40 - 2013-02-23 03:42 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-02-23 03:40 - 2013-02-23 03:40 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla
2013-02-23 03:40 - 2011-02-23 06:15 - 00286720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2013-02-23 03:40 - 2011-02-23 06:15 - 00157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2013-02-23 03:40 - 2011-02-23 06:15 - 00126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2013-02-23 03:40 - 2011-02-23 06:15 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2013-02-23 03:39 - 2012-07-04 23:04 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2013-02-23 03:39 - 2012-07-04 23:01 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2013-02-23 03:39 - 2012-07-04 23:01 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2013-02-23 03:39 - 2012-07-04 22:26 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2013-02-23 03:39 - 2012-07-04 22:23 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2013-02-23 03:39 - 2011-12-16 09:42 - 00634368 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2013-02-23 03:39 - 2011-12-16 08:59 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2013-02-23 03:39 - 2011-05-03 06:21 - 00976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2013-02-23 03:39 - 2011-05-03 05:50 - 00740864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2013-02-23 03:39 - 2011-02-12 07:14 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\FXSCOVER.exe
2013-02-23 03:38 - 2010-10-16 06:23 - 00112000 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-02-23 03:37 - 2011-02-18 07:33 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\prevhost.exe
2013-02-23 03:37 - 2011-02-18 06:33 - 00031232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2013-02-23 03:34 - 2013-02-23 16:30 - 00058496 ____A C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-02-23 03:33 - 2012-02-11 07:36 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-02-23 03:33 - 2012-02-11 07:29 - 00559104 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2013-02-23 03:33 - 2012-02-11 07:29 - 00067584 ____A (Microsoft Corporation) C:\Windows\splwow64.exe
2013-02-23 03:33 - 2012-02-11 06:44 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-02-23 03:32 - 2010-08-27 07:14 - 00236032 ____A (Microsoft Corporation) C:\Windows\System32\srvsvc.dll
2013-02-23 03:32 - 2010-08-27 06:46 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2013-02-23 03:31 - 2013-02-23 03:31 - 00000000 ____D C:\ProgramData\Mozilla
2013-02-23 03:31 - 2013-02-23 03:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-02-23 03:31 - 2013-02-23 03:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-02-23 03:30 - 2012-06-02 06:25 - 01462784 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-02-23 03:30 - 2012-06-02 06:25 - 00182272 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-02-23 03:30 - 2012-06-02 06:25 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-02-23 03:30 - 2012-06-02 05:45 - 01157632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-02-23 03:30 - 2012-06-02 05:45 - 00139264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-02-23 03:30 - 2012-06-02 05:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-02-23 03:29 - 2011-11-19 16:07 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll
2013-02-23 03:29 - 2011-11-19 15:06 - 00067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2013-02-23 03:15 - 2013-02-23 03:15 - 00000000 ____D C:\Users\***\AppData\Roaming\Macromedia
2013-02-23 03:15 - 2013-02-23 03:15 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe
2013-02-23 03:14 - 2013-02-23 03:14 - 00000000 ____D C:\Program Files\Classic Shell
2013-02-23 03:13 - 2013-02-23 03:47 - 00000000 ____D C:\ProgramData\Adobe
2013-02-23 03:13 - 2013-02-23 03:46 - 00691568 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-02-23 03:13 - 2013-02-23 03:46 - 00071024 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-02-23 03:13 - 2013-02-23 03:13 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-02-23 03:13 - 2013-02-23 03:13 - 00000000 ____D C:\Windows\System32\Macromed
2013-02-23 03:09 - 2013-01-17 01:28 - 00273840 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2013-02-23 02:58 - 2012-02-15 07:27 - 01031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2013-02-23 02:58 - 2012-02-15 06:44 - 00826368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-02-23 02:58 - 2012-02-15 05:46 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2013-02-23 02:58 - 2010-01-09 08:19 - 00139264 ____A (Microsoft Corporation) C:\Windows\System32\cabview.dll
2013-02-23 02:58 - 2010-01-09 07:52 - 00132608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2013-02-23 02:53 - 2012-06-02 23:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-02-23 02:53 - 2012-06-02 23:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-02-23 02:53 - 2012-06-02 23:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-02-23 02:53 - 2012-06-02 23:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2013-02-23 02:53 - 2012-06-02 23:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2013-02-23 02:53 - 2012-06-02 23:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-02-23 02:53 - 2012-06-02 23:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-02-23 02:53 - 2012-06-02 15:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-02-23 02:53 - 2012-06-02 15:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-02-23 02:52 - 2013-02-23 20:34 - 01108859 ____A C:\Windows\WindowsUpdate.log
2013-02-23 02:52 - 2013-02-23 17:40 - 00000000 ____D C:\users\***
2013-02-23 02:52 - 2013-02-23 02:52 - 00000020 ___SH C:\Users\***\ntuser.ini
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Public\Documents\Eigene Musik
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Public\Documents\Eigene Bilder
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\Vorlagen
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\Startmenü
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\Netzwerkumgebung
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\Lokale Einstellungen
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\Eigene Dateien
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\Druckumgebung
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\Documents\Eigene Musik
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\Documents\Eigene Bilder
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\AppData\Local\Verlauf
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\AppData\Local\Anwendungsdaten
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\Anwendungsdaten
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\Vorlagen
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\Startmenü
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\Netzwerkumgebung
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\Lokale Einstellungen
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\Eigene Dateien
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\Druckumgebung
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\Documents\Eigene Musik
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\Documents\Eigene Bilder
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\AppData\Local\Verlauf
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\AppData\Local\Anwendungsdaten
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\Anwendungsdaten
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default User\Documents\Eigene Musik
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default User\Documents\Eigene Bilder
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default User\AppData\Local\Verlauf
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Recovery
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Programme
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\ProgramData\Vorlagen
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\ProgramData\Startmenü
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\ProgramData\Favoriten
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\ProgramData\Dokumente
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\ProgramData\Anwendungsdaten
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Program Files\Gemeinsame Dateien
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Dokumente und Einstellungen
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 ____D C:\Users\***\AppData\Local\VirtualStore
2013-02-23 02:48 - 2013-02-23 02:48 - 00001313 ____A C:\Windows\TSSysprep.log
2013-02-23 02:48 - 2013-02-23 02:48 - 00000000 ____A C:\Windows\ativpsrm.bin
2013-02-23 02:45 - 2013-02-23 02:52 - 00000000 ____D C:\Windows\Panther
==================== One Month Modified Files and Folders =======
2013-02-23 20:38 - 2013-02-23 20:38 - 00000000 ____D C:\FRST
2013-02-23 20:34 - 2013-02-23 02:52 - 01108859 ____A C:\Windows\WindowsUpdate.log
2013-02-23 20:34 - 2009-07-14 05:45 - 00009584 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-02-23 20:34 - 2009-07-14 05:45 - 00009584 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-02-23 20:33 - 2013-02-23 20:30 - 01464427 ____A (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-02-23 20:32 - 2009-07-14 18:58 - 00698926 ____A C:\Windows\System32\perfh007.dat
2013-02-23 20:32 - 2009-07-14 18:58 - 00149034 ____A C:\Windows\System32\perfc007.dat
2013-02-23 20:32 - 2009-07-14 06:13 - 01618320 ____A C:\Windows\System32\PerfStringBackup.INI
2013-02-23 20:28 - 2009-07-14 06:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-02-23 20:27 - 2009-07-14 05:51 - 00017668 ____A C:\Windows\setupact.log
2013-02-23 20:15 - 2013-02-23 16:25 - 00016720 ____A C:\Windows\PFRO.log
2013-02-23 20:15 - 2009-07-14 05:45 - 00416360 ____A C:\Windows\System32\FNTCACHE.DAT
2013-02-23 20:12 - 2013-02-23 20:12 - 01559112 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-02-23 20:11 - 2013-02-23 20:11 - 00909666 ____A (Farbar) C:\Users\***\Downloads\FRST(2).exe
2013-02-23 20:11 - 2013-02-23 20:11 - 00909666 ____A (Farbar) C:\Users\***\Downloads\FRST(1).exe
2013-02-23 20:10 - 2013-02-23 20:10 - 00909666 ____A (Farbar) C:\Users\***\Downloads\FRST.exe
2013-02-23 20:10 - 2013-02-23 20:10 - 00000000 ____D C:\85295e3757de8bbc211cc5f71ef3
2013-02-23 20:10 - 2013-02-23 20:09 - 50349920 ____A (Microsoft Corporation) C:\Users\***\Downloads\dotnetfx45_full_x86_x64.exe
2013-02-23 19:14 - 2013-02-23 03:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-02-23 19:11 - 2009-07-14 19:18 - 00000000 ____D C:\Windows\ShellNew
2013-02-23 19:11 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2013-02-23 19:10 - 2013-02-23 19:10 - 00000000 ____D C:\Windows\PCHEALTH
2013-02-23 19:10 - 2013-02-23 19:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2013-02-23 19:10 - 2013-02-23 19:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2013-02-23 19:10 - 2013-02-23 19:10 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-02-23 19:10 - 2013-02-23 04:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-02-23 19:09 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-02-23 19:08 - 2013-02-23 19:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2013-02-23 19:08 - 2009-07-14 03:34 - 00000478 ____A C:\Windows\win.ini
2013-02-23 19:05 - 2013-02-23 18:58 - 00000000 ____D C:\Users\***\AppData\Roaming\DAEMON Tools Lite
2013-02-23 19:05 - 2013-02-23 18:58 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-02-23 19:01 - 2013-02-23 19:01 - 00000000 ____D C:\Users\***\AppData\Roaming\WinRAR
2013-02-23 19:01 - 2013-02-23 19:00 - 00000000 ____D C:\Program Files\WinRAR
2013-02-23 19:00 - 2013-02-23 19:00 - 01758824 ____A C:\Users\***\Downloads\winrar-x64-420d.exe
2013-02-23 18:58 - 2013-02-23 18:58 - 00283200 ____A (DT Soft Ltd) C:\Windows\System32\Drivers\dtsoftbus01.sys
2013-02-23 18:58 - 2013-02-23 18:58 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2013-02-23 18:56 - 2013-02-23 18:56 - 14682176 ____A (DT Soft Ltd) C:\Users\***\Downloads\DTLite4461-0327.exe
2013-02-23 18:39 - 2013-02-23 18:39 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2013-02-23 17:48 - 2013-02-23 17:48 - 00700783 ____R (Swearware) C:\Users\***\Desktop\dds+.exe
2013-02-23 17:44 - 2013-02-23 17:43 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\***\Desktop\tdsskiller.exe
2013-02-23 17:40 - 2013-02-23 17:40 - 00000000 ____A C:\Users\***\defogger_reenable
2013-02-23 17:40 - 2013-02-23 02:52 - 00000000 ____D C:\users\***
2013-02-23 17:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-02-23 16:57 - 2013-02-23 16:57 - 00050477 ____A C:\Users\***\Desktop\Defogger.exe
2013-02-23 16:30 - 2013-02-23 16:30 - 00001750 ____A C:\Users\Public\Desktop\Browserwahl.lnk
2013-02-23 16:30 - 2013-02-23 03:34 - 00058496 ____A C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-02-23 16:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-02-23 16:26 - 2009-07-14 19:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-02-23 04:25 - 2013-02-23 04:22 - 00004747 ____A C:\Windows\IE9_main.log
2013-02-23 04:23 - 2013-02-23 04:23 - 17812992 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 12321280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 03695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-02-23 04:23 - 2013-02-23 04:23 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-02-23 04:23 - 2013-02-23 04:23 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-02-23 04:23 - 2013-02-23 04:23 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-02-23 04:23 - 2013-02-23 04:23 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-02-23 04:23 - 2013-02-23 04:23 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-02-23 04:23 - 2013-02-23 04:23 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-02-23 04:23 - 2013-02-23 04:23 - 00434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-02-23 04:23 - 2013-02-23 04:23 - 00353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-02-23 04:23 - 2013-02-23 04:23 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-02-23 04:23 - 2013-02-23 04:23 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-02-23 04:23 - 2013-02-23 04:23 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-02-23 04:23 - 2013-02-23 04:23 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-02-23 04:15 - 2013-02-23 04:15 - 00000000 ____D C:\Users\***\AppData\Local\Macromedia
2013-02-23 04:04 - 2013-02-23 04:04 - 00000000 ____D C:\Program Files\Microsoft Office
2013-02-23 04:04 - 2013-02-23 04:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-02-23 04:03 - 2013-02-23 04:03 - 00000000 __RHD C:\MSOCache
2013-02-23 03:54 - 2013-02-23 03:54 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft Help
2013-02-23 03:47 - 2013-02-23 03:13 - 00000000 ____D C:\ProgramData\Adobe
2013-02-23 03:46 - 2013-02-23 03:13 - 00691568 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-02-23 03:46 - 2013-02-23 03:13 - 00071024 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-02-23 03:42 - 2013-02-23 03:40 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-02-23 03:40 - 2013-02-23 03:40 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla
2013-02-23 03:31 - 2013-02-23 03:31 - 00000000 ____D C:\ProgramData\Mozilla
2013-02-23 03:31 - 2013-02-23 03:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-02-23 03:31 - 2013-02-23 03:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-02-23 03:15 - 2013-02-23 03:15 - 00000000 ____D C:\Users\***\AppData\Roaming\Macromedia
2013-02-23 03:15 - 2013-02-23 03:15 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe
2013-02-23 03:14 - 2013-02-23 03:14 - 00000000 ____D C:\Program Files\Classic Shell
2013-02-23 03:13 - 2013-02-23 03:13 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-02-23 03:13 - 2013-02-23 03:13 - 00000000 ____D C:\Windows\System32\Macromed
2013-02-23 02:52 - 2013-02-23 02:52 - 00000020 ___SH C:\Users\***\ntuser.ini
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Public\Documents\Eigene Musik
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Public\Documents\Eigene Bilder
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\Vorlagen
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\Startmenü
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\Netzwerkumgebung
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\Lokale Einstellungen
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\Eigene Dateien
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\Druckumgebung
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\Documents\Eigene Musik
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\Documents\Eigene Bilder
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\AppData\Local\Verlauf
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\AppData\Local\Anwendungsdaten
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\***\Anwendungsdaten
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\Vorlagen
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\Startmenü
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\Netzwerkumgebung
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\Lokale Einstellungen
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\Eigene Dateien
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\Druckumgebung
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\Documents\Eigene Musik
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\Documents\Eigene Bilder
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\AppData\Local\Verlauf
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\AppData\Local\Anwendungsdaten
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default\Anwendungsdaten
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default User\Documents\Eigene Musik
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default User\Documents\Eigene Bilder
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default User\AppData\Local\Verlauf
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Recovery
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Programme
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\ProgramData\Vorlagen
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\ProgramData\Startmenü
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\ProgramData\Favoriten
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\ProgramData\Dokumente
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\ProgramData\Anwendungsdaten
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Program Files\Gemeinsame Dateien
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 __SHD C:\Dokumente und Einstellungen
2013-02-23 02:52 - 2013-02-23 02:52 - 00000000 ____D C:\Users\***\AppData\Local\VirtualStore
2013-02-23 02:52 - 2013-02-23 02:45 - 00000000 ____D C:\Windows\Panther
2013-02-23 02:52 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\System32\restore
2013-02-23 02:52 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-02-23 02:52 - 2009-07-14 04:20 - 00000000 __RHD C:\users\Default
2013-02-23 02:52 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Windows NT
2013-02-23 02:48 - 2013-02-23 02:48 - 00001313 ____A C:\Windows\TSSysprep.log
2013-02-23 02:48 - 2013-02-23 02:48 - 00000000 ____A C:\Windows\ativpsrm.bin
2013-02-23 02:48 - 2009-07-14 05:46 - 00001774 ____A C:\Windows\DtcInstall.log
2013-02-23 02:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\sysprep
2013-02-23 02:46 - 2009-07-14 19:18 - 00000000 ____D C:\Windows\CSC
2013-02-23 02:45 - 2009-07-14 06:38 - 00025600 __ASH C:\Windows\System32\config\BCD-Template.LOG
2013-02-23 02:45 - 2009-07-14 06:32 - 00028672 ____A C:\Windows\System32\config\BCD-Template
2013-02-04 22:49 - 2013-02-23 04:49 - 70004024 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2013-02-23 02:52:55
Restore point made on: 2013-02-23 02:58:49
Restore point made on: 2013-02-23 03:14:11
Restore point made on: 2013-02-23 03:27:39
Restore point made on: 2013-02-23 03:51:55
Restore point made on: 2013-02-23 18:59:00
Restore point made on: 2013-02-23 19:06:49
==================== Memory info ===========================
Percentage of memory in use: 14%
Total physical RAM: 4092.2 MB
Available physical RAM: 3483.18 MB
Total Pagefile: 4090.35 MB
Available Pagefile: 3468.01 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
==================== Partitions =============================
1 Drive c: () (Fixed) (Total:284.56 GB) (Free:254.66 GB) NTFS
2 Drive e: (RECOVERY) (Fixed) (Total:13.23 GB) (Free:2.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
4 Drive g: (GRMCULXFRER_DE_DVD) (CDROM) (Total:2.97 GB) (Free:0 GB) UDF
5 Drive h: () (Removable) (Total:3.76 GB) (Free:3.76 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
7 Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Datentr„ger ### Status Gr”áe Frei Dyn GPT
--------------- ------------- ------- ------- --- ---
Datentr„ger 0 Online 298 GB 0 B
Datentr„ger 1 Online 3862 MB 0 B
Partitions of Disk 0:
===============
Datentr„ger-ID: F1F61A28
Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Prim„r 199 MB 1024 KB
Partition 2 Prim„r 284 GB 200 MB
Partition 3 Prim„r 13 GB 284 GB
Partition 4 Prim„r 103 MB 297 GB
==================================================================================
Disk: 0
Partition 1
Typ : 07
Versteckt: Nein
Aktiv : Ja
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM NTFS Partition 199 MB Fehlerfre
=========================================================
Disk: 0
Partition 2
Typ : 07
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 284 GB Fehlerfre
=========================================================
Disk: 0
Partition 3
Typ : 07
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E RECOVERY NTFS Partition 13 GB Fehlerfre
=========================================================
Disk: 0
Partition 4
Typ : 0C
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F HP_TOOLS FAT32 Partition 103 MB Fehlerfre
=========================================================
Partitions of Disk 1:
===============
Datentr„ger-ID: 00000000
Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Prim„r 3861 MB 16 KB
==================================================================================
Disk: 1
Partition 1
Typ : 0C
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H FAT32 Wechselmed 3861 MB Fehlerfre
=========================================================
Last Boot: 2013-02-23 17:18
==================== End Of Log =============================
|
|
23.02.2013, 20:56
| #8 |
| /// TB-Ausbilder | trotz Neuaufsetzen des Systems: Iexplore.exe im Taskmanager Danke. Diese Partition scheint mir doch in Ordnung zu sein. Okay, dann schauen wir mal was Combofix so sagt. Scan mit Combofix
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
23.02.2013, 21:16
| #9 |
| | trotz Neuaufsetzen des Systems: Iexplore.exe im Taskmanager Combo Fix: Code:
ATTFilter ComboFix 13-02-23.01 - *** 23.02.2013 21:07:42.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.49.1031.18.4092.2976 [GMT 1:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-01-23 bis 2013-02-23 ))))))))))))))))))))))))))))))
.
.
2013-02-23 20:11 . 2013-02-23 20:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-23 20:07 . 2013-02-23 20:07 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5E89F641-6F88-4EBC-8251-CE5265E5F204}\offreg.dll
2013-02-23 19:38 . 2013-02-23 19:38 -------- d-----w- C:\FRST
2013-02-23 19:10 . 2013-02-23 19:10 -------- d-----w- C:\85295e3757de8bbc211cc5f71ef3
2013-02-23 18:10 . 2013-02-23 18:10 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2013-02-23 18:10 . 2013-02-23 19:11 -------- d-----w- c:\program files (x86)\Microsoft.NET
2013-02-23 18:10 . 2013-02-23 18:10 -------- d-----w- c:\windows\PCHEALTH
2013-02-23 18:10 . 2013-02-23 18:10 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
2013-02-23 18:10 . 2013-02-23 18:10 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2013-02-23 18:08 . 2013-02-23 18:08 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2013-02-23 18:00 . 2013-02-23 18:01 -------- d-----w- c:\program files\WinRAR
2013-02-23 17:58 . 2013-02-23 17:58 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-02-23 17:58 . 2013-02-23 17:58 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2013-02-23 17:58 . 2013-02-23 18:05 -------- d-----w- c:\programdata\DAEMON Tools Lite
2013-02-23 15:27 . 2013-02-23 15:27 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2013-02-23 15:27 . 2013-02-23 15:27 -------- d-----w- c:\windows\system32\wbem\en-US
2013-02-23 03:55 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll
2013-02-23 03:55 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2013-02-23 03:49 . 2013-02-04 21:49 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-02-23 03:43 . 2012-07-26 07:46 2560 ----a-w- c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2013-02-23 03:43 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-02-23 03:43 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-02-23 03:43 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-02-23 03:29 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2013-02-23 03:29 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2013-02-23 03:29 . 2009-11-25 11:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2013-02-23 03:29 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2013-02-23 03:29 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2013-02-23 03:29 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2013-02-23 03:29 . 2009-11-25 11:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2013-02-23 03:29 . 2009-11-25 11:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2013-02-23 03:29 . 2009-11-25 11:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2013-02-23 03:29 . 2009-11-25 11:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2013-02-23 03:27 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-02-23 03:04 . 2013-02-23 03:04 -------- d-----w- c:\program files\Microsoft Office
2013-02-23 03:04 . 2013-02-23 03:04 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2013-02-23 03:03 . 2012-12-16 16:52 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-02-23 03:03 . 2012-12-16 14:40 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-02-23 03:03 . 2012-12-16 14:25 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-02-23 03:03 . 2012-12-16 14:25 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-02-23 03:03 . 2009-10-19 14:46 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-02-23 03:03 . 2009-10-19 14:10 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-02-23 03:03 . 2013-02-23 03:03 -------- d-----r- C:\MSOCache
2013-02-23 03:02 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-02-23 03:02 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-02-23 03:02 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-02-23 03:02 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-02-23 03:02 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-02-23 03:02 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-02-23 03:02 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-02-23 02:57 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-02-23 02:57 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll
2013-02-23 02:57 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll
2013-02-23 02:57 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-02-23 02:57 . 2012-03-01 05:40 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-02-23 02:54 . 2013-02-23 18:14 -------- d-----w- c:\programdata\Microsoft Help
2013-02-23 02:53 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-02-23 02:53 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2013-02-23 02:49 . 2013-01-04 03:22 3150848 ----a-w- c:\windows\system32\win32k.sys
2013-02-23 02:49 . 2010-08-04 07:07 961024 ----a-w- c:\windows\system32\CPFilters.dll
2013-02-23 02:49 . 2010-08-04 07:07 552960 ----a-w- c:\windows\system32\msdri.dll
2013-02-23 02:49 . 2010-08-04 07:05 258560 ----a-w- c:\windows\system32\mpg2splt.ax
2013-02-23 02:49 . 2010-08-04 06:18 641536 ----a-w- c:\windows\SysWow64\CPFilters.dll
2013-02-23 02:49 . 2010-08-04 06:15 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2013-02-23 02:49 . 2012-04-02 05:34 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-23 02:49 . 2012-04-02 04:46 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-23 02:47 . 2012-12-07 05:41 441856 ----a-w- c:\windows\system32\Wpc.dll
2013-02-23 02:46 . 2011-03-11 06:19 1395712 ----a-w- c:\windows\system32\mfc42.dll
2013-02-23 02:45 . 2010-10-12 05:05 35328 ----a-w- c:\program files\Windows Mail\wabfind.dll
2013-02-23 02:45 . 2010-10-12 05:00 516096 ----a-w- c:\program files\Windows Mail\wab.exe
2013-02-23 02:45 . 2010-10-12 04:25 516096 ----a-w- c:\program files (x86)\Windows Mail\wab.exe
2013-02-23 02:45 . 2012-09-06 17:38 295792 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-02-23 02:45 . 2011-10-26 05:19 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-02-23 02:45 . 2009-09-26 06:20 223448 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-02-23 02:45 . 2012-09-25 22:39 95744 ----a-w- c:\windows\system32\synceng.dll
2013-02-23 02:45 . 2012-09-25 21:55 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2013-02-23 02:45 . 2010-08-31 04:32 954752 ----a-w- c:\windows\SysWow64\mfc40.dll
2013-02-23 02:45 . 2010-08-31 04:32 954288 ----a-w- c:\windows\SysWow64\mfc40u.dll
2013-02-23 02:45 . 2011-11-17 07:14 1739160 ----a-w- c:\windows\system32\ntdll.dll
2013-02-23 02:45 . 2011-11-17 05:41 1292592 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-02-23 02:43 . 2009-08-29 07:50 46592 ----a-w- c:\windows\system32\msasn1.dll
2013-02-23 02:43 . 2009-08-29 06:57 34816 ----a-w- c:\windows\SysWow64\msasn1.dll
2013-02-23 02:43 . 2012-05-05 08:30 503808 ----a-w- c:\windows\system32\srcore.dll
2013-02-23 02:43 . 2012-05-05 07:44 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2013-02-23 02:43 . 2012-06-06 05:50 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2013-02-23 02:43 . 2012-06-06 05:09 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2013-02-23 02:41 . 2010-12-18 06:12 3138048 ----a-w- c:\windows\system32\mstscax.dll
2013-02-23 02:40 . 2011-02-23 05:15 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2013-02-23 02:40 . 2011-02-23 05:15 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2013-02-23 02:40 . 2011-02-23 05:15 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2013-02-23 02:40 . 2011-02-23 05:15 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2013-02-23 02:39 . 2011-12-16 08:42 634368 ----a-w- c:\windows\system32\msvcrt.dll
2013-02-23 02:39 . 2011-12-16 07:59 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll
2013-02-23 02:39 . 2012-07-04 22:04 73216 ----a-w- c:\windows\system32\netapi32.dll
2013-02-23 02:39 . 2012-07-04 22:01 58880 ----a-w- c:\windows\system32\browcli.dll
2013-02-23 02:39 . 2012-07-04 22:01 136704 ----a-w- c:\windows\system32\browser.dll
2013-02-23 02:39 . 2012-07-04 21:23 41472 ----a-w- c:\windows\SysWow64\browcli.dll
2013-02-23 02:39 . 2011-05-03 05:21 976896 ----a-w- c:\windows\system32\inetcomm.dll
2013-02-23 02:39 . 2011-05-03 04:50 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2013-02-23 02:39 . 2011-02-12 06:14 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2013-02-23 02:38 . 2010-10-16 05:23 112000 ----a-w- c:\windows\system32\consent.exe
2013-02-23 02:37 . 2011-02-18 06:33 31232 ----a-w- c:\windows\system32\prevhost.exe
2013-02-23 02:37 . 2011-02-18 05:33 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2013-02-23 02:33 . 2012-02-11 06:36 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-02-23 02:33 . 2012-02-11 06:29 559104 ----a-w- c:\windows\system32\spoolsv.exe
2013-02-23 02:33 . 2012-02-11 06:29 67584 ----a-w- c:\windows\splwow64.exe
2013-02-23 02:33 . 2012-02-11 05:44 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-02-23 02:32 . 2010-08-27 06:14 236032 ----a-w- c:\windows\system32\srvsvc.dll
2013-02-23 02:32 . 2010-08-27 05:46 9728 ----a-w- c:\windows\SysWow64\sscore.dll
2013-02-23 02:31 . 2013-02-23 02:31 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-02-23 02:30 . 2012-06-02 05:25 182272 ----a-w- c:\windows\system32\cryptsvc.dll
2013-02-23 02:30 . 2012-06-02 05:25 1462784 ----a-w- c:\windows\system32\crypt32.dll
2013-02-23 02:30 . 2012-06-02 05:25 140288 ----a-w- c:\windows\system32\cryptnet.dll
2013-02-23 02:30 . 2012-06-02 04:45 139264 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-02-23 02:30 . 2012-06-02 04:45 1157632 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-02-23 02:30 . 2012-06-02 04:45 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-02-23 02:29 . 2011-11-19 15:07 77312 ----a-w- c:\windows\system32\packager.dll
2013-02-23 02:29 . 2011-11-19 14:06 67072 ----a-w- c:\windows\SysWow64\packager.dll
2013-02-23 02:14 . 2013-02-23 02:14 -------- d-----w- c:\program files\Classic Shell
2013-02-23 02:13 . 2013-02-23 19:14 -------- d-sh--w- c:\windows\Installer
2013-02-23 02:13 . 2013-02-23 02:46 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-23 02:13 . 2013-02-23 02:46 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-23 02:13 . 2013-02-23 02:13 -------- d-----w- c:\windows\SysWow64\Macromed
2013-02-23 02:13 . 2013-02-23 02:13 -------- d-----w- c:\windows\system32\Macromed
2013-02-23 02:09 . 2013-02-19 02:57 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5E89F641-6F88-4EBC-8251-CE5265E5F204}\mpengine.dll
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-04 04:43 . 2013-02-23 02:48 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2012-12-29 08:55 611328 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-23 283200]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
S3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2012-12-29 08:56 741888 ----a-w- c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Classic Start Menu"="c:\program files\Classic Shell\ClassicStartMenu.exe" [2012-12-29 160256]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\74yhqh0k.default\
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_168_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_168.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-02-23 21:13:02
ComboFix-quarantined-files.txt 2013-02-23 20:13
.
Vor Suchlauf: 8 Verzeichnis(se), 273.335.529.472 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 275.348.647.936 Bytes frei
.
- - End Of File - - AE3254D42D40B1345E4245A380AB9DF9
|
|
23.02.2013, 21:34
| #10 |
| /// TB-Ausbilder | trotz Neuaufsetzen des Systems: Iexplore.exe im Taskmanager Also ich seh da nix ungewöhnliches. Dann noch einmal ESET und dann ist schluss. Hinweis: Der Scan kann sehr lange (einige Stunden) dauern! 
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
23.02.2013, 22:47
| #11 |
| | trotz Neuaufsetzen des Systems: Iexplore.exe im Taskmanager Leider hat der Eset Scan nicht geklappt...Step 2 ist abgebrochen "Unexpected Error 2002" Habe mich genau an die Vorschrift gehalten... |
|
24.02.2013, 11:24
| #12 |
| /// TB-Ausbilder | trotz Neuaufsetzen des Systems: Iexplore.exe im Taskmanager Das passiert wohl gelegentlich. Bitte probiere es nochmals. Evtl auch aus dem abgesicherten Modus heraus.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
24.02.2013, 12:44
| #13 |
| | trotz Neuaufsetzen des Systems: Iexplore.exe im Taskmanager Es hat wieder nicht geklappt. Es hat wohl mit dem Proxy Server zu tun (unter Internetoptionen ist da nichts eingetragen..)Ich komme nicht einmal zu eigentlichen Scan weil es vorher schon am fehlenden Proxy Server scheitert..Was muss ich denn da eintragen? Ich hab schon gesucht und probiert, aber habe es nicht hinbekommen.. |
|
24.02.2013, 12:55
| #14 |
| /// TB-Ausbilder | trotz Neuaufsetzen des Systems: Iexplore.exe im Taskmanager Dann probieren wir eben eine Alternative: Onlinescan mit Panda Cloud Cleaner
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
24.02.2013, 13:04
| #15 |
| | trotz Neuaufsetzen des Systems: Iexplore.exe im Taskmanager Panda Code:
ATTFilter Suspicious Policy. POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] to be changed to: 0
|
|
| Themen zu trotz Neuaufsetzen des Systems: Iexplore.exe im Taskmanager |
| arbeitsspeicher, aufgesetzt, board, einiger, folge, folgendes, iexplore.exe, internet explorer, menge, namens, neuaufsetzten, neuer, problem, prozesse, sofort, system, system neu, task-manager, taskmanager, troja, trojaner, trojaner board, trotz, trotz neuaufsetzen, verbindung, verweisen, videos |
Linear-Darstellung
