Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   BKA- Trojaner, Vista 32bit, nach Start erscheint sofort Ukash (https://www.trojaner-board.de/120245-bka-trojaner-vista-32bit-start-erscheint-sofort-ukash.html)

pe__ka 24.07.2012 09:26
BKA- Trojaner, Vista 32bit, nach Start erscheint sofort Ukash
 
Hallo,

leider öffnet sich bei mir seit gestern Abend beim PC-Start eine Zahlungsaufforderung ans BKA per Ukash. Ich kann also keinen Scan starten. Kann mir jemand weiterhelfen? Welche Infos werden benötigt?
Abgesicherter Modus geht.. Weiß nicht, ob das was hilft..

Hoffe auf Hilfe!

Grüße

markusg 24.07.2012 17:47
hi
starte mal in den abgesicherten modus mit netzwerk, melde dich im betroffenen konto an
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

pe__ka 24.07.2012 19:20
Code:
OTL logfile created on: 24.07.2012 19:54:19 - Run 2
OTL by OldTimer - Version 3.2.42.2    Folder = C:\Users\Versuch\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1021,76 Mb Total Physical Memory | 609,26 Mb Available Physical Memory | 59,63% Memory free
2,25 Gb Paging File | 2,00 Gb Available in Paging File | 89,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 290,09 Gb Total Space | 85,37 Gb Free Space | 29,43% Space Free | Partition Type: NTFS
 
Computer Name: xxxxxxxxxxxxxxx-PC | User Name: Versuch | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.05.05 14:24:02 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Versuch\Desktop\OTL.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.07.18 13:25:47 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.09 22:22:02 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.09 22:21:56 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.05.09 22:21:56 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.10.31 02:31:52 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Stopped] -- C:\Programme\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)
SRV - [2010.08.04 14:44:24 | 000,266,240 | ---- | M] () [Auto | Stopped] -- C:\Programme\NETGEAR\WNA1100\WifiSvc.exe -- (WSWNA1100)
SRV - [2010.03.22 20:05:40 | 000,960,992 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Programme\NETGEAR\WNA1100\jswpsapi.exe -- (jswpsapi)
SRV - [2008.11.04 02:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008.10.25 12:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Office 2007\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.19 09:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2006.12.20 17:30:02 | 000,040,960 | ---- | M] (Softex Inc.) [Auto | Stopped] -- C:\Programme\Softex\OmniPass\OmniServ.exe -- (omniserv)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Versuch\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012.05.09 22:22:03 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.09 22:22:03 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.09.16 16:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.10.10 19:48:00 | 001,439,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athur.sys -- (athur)
DRV - [2009.10.08 16:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.09.22 04:20:42 | 000,043,520 | ---- | M] (VIA Technologies, Inc.              ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fetnd6v.sys -- (FETND6V)
DRV - [2008.07.30 07:51:30 | 000,277,736 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2008.05.15 02:28:00 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2008.01.17 17:15:11 | 000,715,248 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2007.09.29 05:13:56 | 003,154,944 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2007.09.29 05:13:56 | 003,154,944 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007.01.19 18:20:54 | 000,021,728 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SCMNdisP.sys -- (SCMNdisP)
DRV - [2006.12.20 17:16:22 | 000,139,144 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2006.11.01 22:18:15 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006.07.27 18:00:38 | 000,069,810 | ---- | M] (AuthenTec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\FLMckUSB.sys -- (FLMCKUSB) AuthenTec TruePrint USB Driver (AES3400, AES3500, AES4000)
DRV - [2003.10.15 18:52:50 | 000,174,530 | ---- | M] (OmniVision Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ov519vid.sys -- (ovt519)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ig?hl=de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDDD9B-79C5-458B-845D-42EC1411492A}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBS
IE - HKCU\..\SearchScopes\{FABFC7F3-531B-41A7-9C98-CD025E52E25E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-IDW&o=APN10023&src=kw&q={searchTerms}&locale=&apn_ptnrs=LL&apn_dtid=YYYYYYYYDE&apn_uid=5e46069d-e738-4c6d-bfe2-1e22be170fc2&apn_sauid=1D3F205B-C9D1-46D6-A960-31DFA967B1E9
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: C:\Program Files\ProtectDisc\License Helper\NPPDLicenseHelper.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.18 13:25:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.10.31 02:20:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.18 13:25:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.10.31 02:20:03 | 000,000,000 | ---D | M]
 
[2008.07.03 22:48:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Versuch\AppData\Roaming\mozilla\Extensions
[2012.07.04 01:25:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Versuch\AppData\Roaming\mozilla\Firefox\Profiles\iqnh3kfq.default\extensions
[2011.11.20 17:00:05 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Versuch\AppData\Roaming\mozilla\Firefox\Profiles\iqnh3kfq.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.04.30 16:24:29 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Versuch\AppData\Roaming\mozilla\Firefox\Profiles\iqnh3kfq.default\extensions\toolbar@ask.com
[2012.01.04 20:17:04 | 000,002,333 | ---- | M] () -- C:\Users\Versuch\AppData\Roaming\Mozilla\Firefox\Profiles\iqnh3kfq.default\searchplugins\askcom.xml
[2012.07.23 00:55:19 | 000,001,056 | ---- | M] () -- C:\Users\Versuch\AppData\Roaming\Mozilla\Firefox\Profiles\iqnh3kfq.default\searchplugins\icqplugin.xml
[2012.01.17 12:56:27 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2008.11.11 20:25:11 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.03.07 18:13:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}
[2012.07.18 13:25:48 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008.08.11 01:19:17 | 000,023,552 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\DrvMgt.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008.02.22 17:24:06 | 000,095,832 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\NPPDLicenseHelper.dll
[2008.08.11 01:19:18 | 000,110,592 | ---- | M] (SkillJam Technologies) -- C:\Program Files\mozilla firefox\plugins\npskilljamloader.dll
[2008.08.11 01:19:18 | 001,303,999 | ---- | M] (SkillJam Technologies, Inc.) -- C:\Program Files\mozilla firefox\plugins\npssp32.dll
[2010.01.14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.04.28 14:16:42 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.28 14:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.04.28 14:16:42 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.28 14:16:42 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.28 14:16:42 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.28 14:16:42 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.05.07 15:48:20 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office 2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) -  - No CLSID value found.
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATSwpNav] C:\Program Files\Fingerprint Sensor\ATSwpNav.exe (AuthenTec, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office 2007\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [mHotkey] C:\Windows\mHotkey.exe ()
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [recdisc] C:\Users\Versuch\AppData\Local\Microsoft\Windows\1898\recdisc.exe ()
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube Download - C:\Users\Versuch\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Versuch\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 2007\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 2007\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office 2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A8AEE4F-2D2F-4137-AAD7-30240DBA8F10}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D9882CDD-660E-44FB-B8E8-4F6BC637ED1A}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office 2007\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Versuch\Documents\PATRICK\pictures__O.O\taxi_driver.jpg
O24 - Desktop BackupWallPaper: C:\Users\Versuch\Documents\PATRICK\pictures__O.O\taxi_driver.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office 2007\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 6.0.1
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 6.0.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files\Microsoft Office 2007\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig - StartUpReg: HostManager - hkey= - key= - C:\Programme\Common Files\aol\1168853550\ee\aolsoftware.exe (America Online, Inc.)
MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Programme\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: Malwarebytes' Anti-Malware (reboot) - hkey= - key= - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
MsConfig - StartUpReg: OmniPass - hkey= - key= - C:\Programme\Softex\OmniPass\scureapp.exe ()
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: StartCCC - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - State: "startup" - 2
 
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.24 01:43:45 | 000,000,000 | ---D | C] -- C:\Users\Versuch\AppData\Roaming\hellomoto
[2012.07.04 19:44:52 | 000,000,000 | ---D | C] -- C:\Users\Versuch\Desktop\GRUNDSCHULMATERIAL
[2010.10.06 21:51:06 | 000,250,544 | ---- | C] (KeyWorks Software) -- C:\Program Files\Common Files\keyhelp.ocx
[30 C:\Users\Versuch\Desktop\*.tmp files -> C:\Users\Versuch\Desktop\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\Versuch\*.tmp files -> C:\Users\Versuch\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.24 19:49:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.24 19:23:28 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.24 19:23:27 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.24 19:23:02 | 000,000,132 | ---- | M] () -- C:\Users\Versuch\AppData\Roaming\-1313340398
[2012.07.24 17:05:03 | 000,000,446 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E71D1D21-BEDF-41DD-9481-F025251F282C}.job
[2012.07.24 17:00:00 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator.job
[2012.07.24 17:00:00 | 000,000,368 | ---- | M] () -- C:\Windows\tasks\Erweiterte Garantie.job
[2012.07.24 10:12:53 | 000,000,680 | ---- | M] () -- C:\Users\Versuch\AppData\Local\d3d9caps.dat
[2012.07.24 02:21:16 | 000,000,000 | ---- | M] () -- C:\Windows\System32\zubehör
[2012.07.18 15:47:33 | 000,642,482 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.07.18 15:47:33 | 000,607,470 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.18 15:47:33 | 000,131,828 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.07.18 15:47:33 | 000,108,742 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.17 23:13:03 | 000,060,750 | ---- | M] () -- C:\Users\Versuch\Desktop\tumblr_m7bjmrizhp1qd0ln0o1_500.jpg
[30 C:\Users\Versuch\Desktop\*.tmp files -> C:\Users\Versuch\Desktop\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\Versuch\*.tmp files -> C:\Users\Versuch\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.07.24 19:23:02 | 000,000,132 | ---- | C] () -- C:\Users\Versuch\AppData\Roaming\-1313340398
[2012.07.24 10:12:53 | 000,000,680 | ---- | C] () -- C:\Users\Versuch\AppData\Local\d3d9caps.dat
[2012.07.24 02:21:16 | 000,000,000 | ---- | C] () -- C:\Windows\System32\zubehör
[2012.07.17 23:14:27 | 000,060,750 | ---- | C] () -- C:\Users\Versuch\Desktop\tumblr_m7bjmrizhp1qd0ln0o1_500.jpg
[2012.05.07 15:29:56 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.05.07 15:29:56 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.05.07 15:29:56 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.05.07 15:29:56 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.05.07 15:29:56 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.08.16 13:38:40 | 000,000,926 | ---- | C] () -- C:\ProgramData\WavePad Sound Editor.lnk
[2011.08.16 13:38:13 | 000,000,930 | ---- | C] () -- C:\ProgramData\Switch Sound File Converter.lnk
[2010.12.19 19:46:11 | 000,001,194 | ---- | C] () -- C:\ProgramData\Free YouTube to DVD Converter.lnk
 
========== LOP Check ==========
 
[2009.11.04 21:51:14 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\Academic Software Zurich
[2009.01.15 19:01:51 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\ASCON Installer
[2008.01.17 17:29:03 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\DAEMON Tools
[2009.08.21 12:08:12 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\DeepBurner
[2012.02.12 20:51:29 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\DVDVideoSoft
[2011.11.20 16:59:57 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\DVDVideoSoftIEHelpers
[2007.10.22 12:39:19 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\eMule
[2012.04.27 10:59:06 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\Emwema
[2009.11.08 16:57:48 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\FreeVideoConverter
[2007.11.30 19:09:26 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\GetRightToGo
[2009.07.07 15:28:29 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\gtk-2.0
[2012.07.24 01:43:53 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\hellomoto
[2011.04.07 20:40:19 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\ICQ
[2007.04.04 23:36:23 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\ICQLite
[2012.07.05 19:30:01 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\Image Zone Express
[2011.10.31 02:56:23 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\My Games
[2011.06.07 14:48:41 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\NCH Swift Sound
[2008.01.01 23:36:45 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\OpenArena
[2009.03.29 23:32:07 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\OpenOffice.org
[2008.08.05 00:30:12 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\Opera
[2007.04.30 16:05:15 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\Packard Bell
[2007.04.26 14:14:05 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\Printer Info Cache
[2007.02.25 16:01:29 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\Template
[2009.06.16 23:14:34 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\TheLastRipper
[2012.02.07 22:05:06 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\TuneUp Software
[2007.11.27 17:57:10 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\Uniblue
[2010.07.14 00:55:13 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\VistaCodecs
[2007.08.21 23:52:13 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\Zylom
[2012.04.27 12:34:24 | 000,000,000 | ---D | M] -- C:\Users\Versuch\AppData\Roaming\Zyyly
[2012.07.24 17:00:00 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\Erweiterte Garantie.job
[2012.07.24 17:00:00 | 000,000,368 | ---- | M] () -- C:\Windows\Tasks\Recovery DVD Creator.job
[2012.07.24 19:24:15 | 000,032,510 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.07.24 17:05:03 | 000,000,446 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E71D1D21-BEDF-41DD-9481-F025251F282C}.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.05.07 15:57:11 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2007.03.05 21:20:55 | 000,000,000 | ---D | M] -- C:\ATI
[2009.09.16 19:17:48 | 000,000,000 | ---D | M] -- C:\boot
[2010.01.18 18:37:45 | 000,000,000 | ---D | M] -- C:\cofi
[2006.11.02 15:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2007.02.13 21:08:28 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2007.01.15 20:02:33 | 000,000,000 | ---D | M] -- C:\drivers
[2009.03.25 10:16:00 | 000,000,000 | ---D | M] -- C:\DVDVideoSoft
[2008.08.06 15:19:53 | 000,000,000 | ---D | M] -- C:\Games
[2008.04.29 10:08:28 | 000,000,000 | ---D | M] -- C:\MAGIX
[2009.07.01 18:46:51 | 000,000,000 | R--D | M] -- C:\MSOCache
[2008.05.28 11:10:26 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.06.02 18:55:20 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.05.04 21:35:21 | 000,000,000 | ---D | M] -- C:\ProgramData
[2007.02.13 21:08:28 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.05.07 15:57:02 | 000,000,000 | ---D | M] -- C:\Qoobox
[2010.01.15 19:51:22 | 000,000,000 | ---D | M] -- C:\rsit
[2012.07.23 19:18:25 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.04.12 21:38:35 | 000,000,000 | ---D | M] -- C:\Temp
[2007.02.23 01:56:26 | 000,000,000 | R--D | M] -- C:\Users
[2012.07.24 02:09:23 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
[2003.04.27 22:02:28 | 000,647,168 | ---- | M] () -- C:\Program Files\tetris.exe
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< MD5 for: AGP440.SYS  >
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\ERDNT\cache\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: AHCIX86S.SYS  >
[2006.12.29 01:51:56 | 000,110,592 | ---- | M] (ATI Technologies Inc.) MD5=67740F91B47434CC6173A35667A4BA66 -- C:\ATI\SUPPORT\7-10_vista32_dd_ccc_wdm_enu_53254\Driver\Packages\Drivers\SBDrv\SB6xx\RAID\LH\ahcix86s.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.02.14 04:05:57 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.02.14 04:05:57 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.02.14 04:05:56 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2007.11.15 14:37:45 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2007.11.15 14:37:44 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2007.04.04 12:52:19 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\ERDNT\cache\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2007.04.04 12:52:19 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2008.01.19 09:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2006.11.02 11:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
[2008.01.19 07:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.19 07:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
< %USERPROFILE%\*.* >
[2009.07.07 15:27:52 | 000,001,525 | ---- | M] () -- C:\Users\Versuch\.recently-used.xbel
[2012.05.04 10:56:36 | 000,000,020 | ---- | M] () -- C:\Users\Versuch\defogger_reenable
[2012.07.24 20:03:48 | 007,340,032 | -HS- | M] () -- C:\Users\Versuch\ntuser.dat
[2012.07.24 20:03:48 | 000,262,144 | -H-- | M] () -- C:\Users\Versuch\ntuser.dat.LOG1
[2007.02.23 00:11:58 | 000,000,000 | -H-- | M] () -- C:\Users\Versuch\ntuser.dat.LOG2
[2012.07.24 19:48:14 | 000,065,536 | -HS- | M] () -- C:\Users\Versuch\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.08.14 13:59:44 | 000,524,288 | -HS- | M] () -- C:\Users\Versuch\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2012.07.24 19:48:14 | 000,524,288 | -HS- | M] () -- C:\Users\Versuch\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2007.02.23 00:11:59 | 000,000,020 | -HS- | M] () -- C:\Users\Versuch\ntuser.ini
[1 C:\Users\Versuch\*.tmp files -> C:\Users\Versuch\*.tmp -> ]
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
Das kam bei raus.. Einen extra.txt gab es nicht..
Danke!!

markusg 25.07.2012 16:48
dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
:OTL
O4 - HKCU..\Run: [recdisc] C:\Users\Versuch\AppData\Local\Microsoft\Windows\1898\recdisc.exe ()
 :Files
C:\Users\Versuch\AppData\Local\Microsoft\Windows\1898
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[Reboot]


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!



Drücke bitte die http://larusso.trojaner-board.de/Images/windows.jpg + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus :)

pe__ka 26.07.2012 14:07
Code:
All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\recdisc deleted successfully.
C:\Users\Versuch\AppData\Local\Microsoft\Windows\1898\recdisc.exe moved successfully.
========== COMMANDS ==========
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Public
 
User: Versuch
->Flash cache emptied: 26106 bytes
 
Total Flash Files Cleaned = 0,00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
User: Versuch
->Temp folder emptied: 3536997 bytes
->Temporary Internet Files folder emptied: 259393394 bytes
->Java cache emptied: 5042043 bytes
->FireFox cache emptied: 1123175172 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 112716 bytes
->Flash cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 93765765 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3064374 bytes
RecycleBin emptied: 27357725 bytes
 
Total Files Cleaned = 1.445,00 mb
 
 
OTL by OldTimer - Version 3.2.42.2 log created on 07262012_144019

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
was meinst du mit dem roten hinweis ??

ich hab die datei zippen wollen sowie rar.. hat aber immer wieder abgebrochen mit dem hinweis, die datei sei nicht gefunden worden.. irgendwie wurde aber trotzdem was erstellt. das habe ich hochgeladen..

ach du meintest wohl die schritte, die darunter stehen.. (edit)..
danke dir!

markusg 26.07.2012 15:20
hi
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

pe__ka 26.07.2012 16:44
Code:
ComboFix 12-07-27.02 - Versuch 26.07.2012  17:09:22.6.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.49.1031.18.1022.422 [GMT 2:00]
ausgeführt von:: c:\users\Versuch\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-06-26 bis 2012-07-26  ))))))))))))))))))))))))))))))
.
.
2012-07-26 15:23 . 2012-07-26 15:24        --------        d-----w-        c:\users\Versuch\AppData\Local\temp
2012-07-26 15:23 . 2012-07-26 15:23        --------        d-----w-        c:\users\Public\AppData\Local\temp
2012-07-26 15:23 . 2012-07-26 15:23        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-07-26 12:40 . 2012-07-26 13:02        --------        d-----w-        C:\_OTL
2012-07-23 23:43 . 2012-07-23 23:43        --------        d-----w-        c:\users\Versuch\AppData\Roaming\hellomoto
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-02 22:19 . 2012-06-24 17:43        53784        ----a-w-        c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-24 17:43        45080        ----a-w-        c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-24 17:43        35864        ----a-w-        c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-24 17:43        577048        ----a-w-        c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-24 17:43        1933848        ----a-w-        c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-24 17:43        2422272        ----a-w-        c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-24 17:43        88576        ----a-w-        c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-24 17:42        171904        ----a-w-        c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-24 17:42        33792        ----a-w-        c:\windows\system32\wuapp.exe
2012-05-09 20:22 . 2012-05-04 19:35        83392        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2012-05-09 20:22 . 2012-05-04 19:35        137928        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2012-05-08 16:40 . 2012-05-18 14:00        6737808        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{06DF0626-1726-4969-9C82-93F7C1ED24A9}\mpengine.dll
2003-04-27 20:02 . 2007-04-13 21:49        647168        ----a-w-        c:\program files\tetris.exe
2003-03-21 11:45 . 2010-10-06 19:51        250544        ----a-w-        c:\program files\Common Files\keyhelp.ocx
2008-08-10 23:19 . 2008-08-10 23:19        23552        ----a-w-        c:\program files\mozilla firefox\plugins\DrvMgt.dll
2012-07-18 11:25 . 2012-04-28 12:16        136672        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((  SnapShot@2012-05-07_13.48.43  )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-06-24 17:43 . 2012-06-02 22:19        45080              c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_79d6786e99338140\wups2.dll
+ 2012-06-24 17:43 . 2012-06-02 22:19        53784              c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_79d6786e99338140\wuauclt.exe
+ 2012-06-24 17:42 . 2012-06-02 13:12        33792              c:\windows\winsxs\x86_microsoft-windows-w..pdateclient-activex_31bf3856ad364e35_7.6.7600.256_none_09f272fb52ab0c3f\wuapp.exe
+ 2012-06-24 17:43 . 2012-06-02 22:19        35864              c:\windows\winsxs\x86_microsoft-windows-w..owsupdateclient-aux_31bf3856ad364e35_7.6.7600.256_none_5fe7b2baacf3da43\wups.dll
+ 2012-06-24 17:43 . 2012-06-02 22:12        88576              c:\windows\winsxs\x86_microsoft-windows-w..owsupdateclient-aux_31bf3856ad364e35_7.6.7600.256_none_5fe7b2baacf3da43\wudriver.dll
+ 2012-05-11 09:05 . 2012-02-01 14:48        47104              c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6002.22789_none_19d42b54bb14d4c9\NBMapTIP.dll
+ 2009-09-14 01:03 . 2009-04-11 06:28        47104              c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6002.18579_none_19555c8fa1ef1be7\NBMapTIP.dll
+ 2012-05-11 09:05 . 2012-02-01 14:47        22528              c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.0.6002.22789_none_4fbadd1495216d8a\jnwppr.dll
+ 2012-05-11 09:05 . 2012-02-01 14:47        19968              c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.0.6002.22789_none_4fbadd1495216d8a\jnwmon.dll
+ 2012-05-11 09:05 . 2012-02-01 14:47        83968              c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.0.6002.22789_none_4fbadd1495216d8a\jnwdui.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35        22528              c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.0.6002.18579_none_4f3c0e4f7bfbb4a8\jnwppr.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35        19968              c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.0.6002.18579_none_4f3c0e4f7bfbb4a8\jnwmon.dll
+ 2008-05-28 00:50 . 2008-01-19 07:34        83968              c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.0.6002.18579_none_4f3c0e4f7bfbb4a8\jnwdui.dll
+ 2012-05-11 09:05 . 2012-02-01 13:43        47104              c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.0.6002.22789_none_4487926d63821c10\PDIALOG.exe
+ 2012-05-11 09:05 . 2012-02-01 14:47        22528              c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.0.6002.22789_none_4487926d63821c10\jnwppr.dll
+ 2012-05-11 09:05 . 2012-02-01 14:47        19968              c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.0.6002.22789_none_4487926d63821c10\jnwmon.dll
+ 2012-05-11 09:05 . 2012-02-01 14:47        83968              c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.0.6002.22789_none_4487926d63821c10\jnwdui.dll
+ 2012-05-11 09:05 . 2012-02-01 13:58        47104              c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.0.6002.18579_none_4408c3a84a5c632e\PDIALOG.exe
+ 2006-11-02 12:35 . 2006-11-02 12:35        22528              c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.0.6002.18579_none_4408c3a84a5c632e\jnwppr.dll
+ 2006-11-02 12:35 . 2006-11-02 12:35        19968              c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.0.6002.18579_none_4408c3a84a5c632e\jnwmon.dll
+ 2008-05-28 00:50 . 2008-01-19 07:34        83968              c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.0.6002.18579_none_4408c3a84a5c632e\jnwdui.dll
+ 2012-05-11 09:07 . 2012-03-20 23:28        52608              c:\windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.0.6002.22821_none_e3f795acd0c2ba40\partmgr.sys
+ 2012-05-11 09:07 . 2012-03-20 23:28        53120              c:\windows\winsxs\x86_microsoft-windows-partitionmanager_31bf3856ad364e35_6.0.6002.18600_none_e3829689b795cc16\partmgr.sys
+ 2012-01-31 12:18 . 2011-11-16 16:23        72704              c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\secur32.dll
+ 2012-05-11 09:07 . 2012-03-29 13:39        31232              c:\windows\winsxs\x86_microsoft-windows-l..istry-support-tcpip_31bf3856ad364e35_6.0.6002.22828_none_887fba2e1bb9d59a\tcpipreg.sys
+ 2009-09-14 01:03 . 2009-03-30 04:42        24576              c:\windows\winsxs\msil_system.drawing.resources_b03f5f7f11d50a3a_6.0.6002.22840_de-de_a5572dc832c724c4\System.Drawing.Resources.dll
+ 2009-09-14 01:03 . 2009-03-30 04:42        24576              c:\windows\winsxs\msil_system.drawing.resources_b03f5f7f11d50a3a_6.0.6002.18618_de-de_bc211d8e19234570\System.Drawing.Resources.dll
+ 2007-02-23 18:09 . 2012-07-26 12:47        66336              c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2007-02-22 23:51 . 2012-07-26 12:47        11602              c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2978858628-215539607-716368754-1003_UserData.bin
+ 2012-05-11 09:07 . 2012-03-20 23:28        53120              c:\windows\System32\drivers\partmgr.sys
+ 2007-02-13 19:09 . 2012-07-26 12:49        16384              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-02-13 19:09 . 2012-05-07 12:29        16384              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-02-13 19:09 . 2012-07-26 12:49        49152              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2007-02-13 19:09 . 2012-05-07 12:29        49152              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2007-02-13 19:09 . 2012-07-26 12:49        32768              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2007-02-13 19:09 . 2012-05-07 12:29        32768              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2007-02-22 22:09 . 2012-07-23 23:55        49120              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
- 2009-07-01 16:43 . 2010-11-20 12:48        90112              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2009-07-01 16:43 . 2012-05-20 13:03        90112              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\xlicons.exe
- 2009-07-01 16:43 . 2010-11-20 12:48        45056              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2009-07-01 16:43 . 2012-05-20 13:03        45056              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2009-07-01 16:43 . 2012-05-20 13:03        22528              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\unbndico.exe
- 2009-07-01 16:43 . 2010-11-20 12:48        22528              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\unbndico.exe
- 2009-07-01 16:43 . 2010-11-20 12:48        30720              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\pptico.exe
+ 2009-07-01 16:43 . 2012-05-20 13:03        30720              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\pptico.exe
+ 2009-07-01 16:43 . 2012-05-20 13:03        16384              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2009-07-01 16:43 . 2010-11-20 12:48        16384              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2009-07-01 16:43 . 2010-11-20 12:48        34304              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2009-07-01 16:43 . 2012-05-20 13:03        34304              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2009-07-01 16:43 . 2010-11-20 12:48        81920              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2009-07-01 16:43 . 2012-05-20 13:03        81920              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2009-12-01 15:37 . 2012-05-18 14:07        35088              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-12-01 15:37 . 2012-04-16 16:40        35088              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-12-01 15:37 . 2012-05-18 14:07        18704              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-12-01 15:37 . 2012-04-16 16:40        18704              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-12-01 15:37 . 2012-05-18 14:07        20240              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2009-12-01 15:37 . 2012-04-16 16:40        20240              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-11-12 19:07 . 2012-05-18 13:48        49152              c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-11-12 19:07 . 2012-02-21 16:45        49152              c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        24064              c:\windows\assembly\NativeImages_v2.0.50727_32\WiaProxy32\9cb310353abcdcc24a64f4db2501aa02\WiaProxy32.ni.exe
+ 2012-05-18 13:52 . 2012-05-18 13:52        60928              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\d79fbb634edd91438e69d7a016befee6\UIAutomationProvider.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        60928              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5fd0071c259b92078ced7cd752a14730\UIAutomationProvider.ni.dll
+ 2012-05-18 18:00 . 2012-05-18 18:00        37888              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\ca40e5899faf8370b08b746d19e59374\System.Windows.Presentation.ni.dll
+ 2012-05-18 13:52 . 2012-05-18 13:52        37888              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\720949a235ebad340634bc4e8bd760ca\System.Windows.Presentation.ni.dll
+ 2012-05-18 18:00 . 2012-05-18 18:00        36864              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\71b54071bbbc06635f5edf3cd179b499\System.Web.DynamicData.Design.ni.dll
+ 2012-05-18 17:37 . 2012-05-18 17:37        94208              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\8346ba5de36fcea2fe0397e8126f1e7d\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-05-18 17:37 . 2012-05-18 17:37        82944              c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\5739f9bcab6a880ce911252751579918\System.AddIn.Contract.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        44032              c:\windows\assembly\NativeImages_v2.0.50727_32\stdole\c0a4c84b83fcc10c3ea3ed9b3f20046c\stdole.ni.dll
+ 2012-05-18 17:37 . 2012-05-18 17:37        47104              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\b57a0cd0fae107256365e988c9fe3395\PresentationFontCache.ni.exe
+ 2012-05-18 13:52 . 2012-05-18 13:52        47104              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\9719449612dcf182a5b1ebe4745d6c59\PresentationFontCache.ni.exe
+ 2012-05-18 17:36 . 2012-05-18 17:36        39424              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\6e1aa62b07ad7a0f21448099927d3de2\PresentationCFFRasterizer.ni.dll
+ 2012-05-18 13:52 . 2012-05-18 13:52        39424              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\67c8a79bcc2200a5fcd81720c8a16c66\PresentationCFFRasterizer.ni.dll
+ 2012-05-18 17:33 . 2012-05-18 17:33        25600              c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.StylusR#\b088b9b0c4240c3acbebf6ed66031e68\PaintDotNet.StylusReader.ni.dll
+ 2012-05-18 17:37 . 2012-05-18 17:37        79872              c:\windows\assembly\NativeImages_v2.0.50727_32\napcrypt\f35ea215449a9b2f3d1c281a83bf8db6\napcrypt.ni.dll
+ 2012-05-18 17:37 . 2012-05-18 17:37        17920              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Run#\e48756c89aad809db34274b048f8630a\Microsoft.WSMan.Runtime.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        55296              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\fb2cc92e2aa127fefa1672c78a5c6aaa\Microsoft.Vsa.ni.dll
+ 2012-05-18 17:33 . 2012-05-18 17:33        15872              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\be3c3ca8bfb03375bc89f799349b03f3\Microsoft.VisualC.ni.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        74752              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\cf2240ba58c2d94b41a74344dc5f64a0\Microsoft.Build.Framework.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        65024              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\5c46d310587bd60cdc5a1e6a3bcdef27\Microsoft.Build.Framework.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        68608              c:\windows\assembly\NativeImages_v2.0.50727_32\loadmxf\3713e414a1dade2bdd0ac8d8b6b621f6\loadmxf.ni.exe
+ 2012-05-18 17:33 . 2012-05-18 17:33        94208              c:\windows\assembly\NativeImages_v2.0.50727_32\Interop.WIA\3de41f22b0c4cdc1e8f07ac5af4be42c\Interop.WIA.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        57856              c:\windows\assembly\NativeImages_v2.0.50727_32\ehiUserXp\255a7647cad0ec58c01053d7bdddd928\ehiUserXp.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        55296              c:\windows\assembly\NativeImages_v2.0.50727_32\ehiReplay\a3f7c7da452ed56ff97ddc37f1b3f60e\ehiReplay.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        23552              c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtCOM\bc07bf1aeb176548dde8971360cfa5a9\ehiExtCOM.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        39424              c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtCOM\8122af1ab8c449705ced9e8844f002bd\ehExtCOM.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        14336              c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\005dde0bf145dbbd30b5e832feb956e9\dfsvc.ni.exe
+ 2012-05-18 17:34 . 2012-05-18 17:34        81408              c:\windows\assembly\NativeImages_v2.0.50727_32\DdsFileType\bd1e1a7a92fd4f61b7c6a90b6c0748c9\DdsFileType.ni.dll
+ 2012-05-18 17:33 . 2012-05-18 17:33        25600              c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll
+ 2006-11-02 08:26 . 2006-11-02 09:41        2048              c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6002.18644_none_8a2d40b894197fc2\msxml6r.dll
+ 2006-11-02 08:26 . 2006-11-02 09:41        2048              c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6002.18644_none_8a2d8510941932df\msxml3r.dll
+ 2012-01-31 12:18 . 2011-11-16 14:12        9728              c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe
- 2012-05-07 12:24 . 2012-05-07 12:24        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-26 12:43 . 2012-07-26 12:43        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-05-07 12:24 . 2012-05-07 12:24        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-26 12:43 . 2012-07-26 12:43        2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-01 16:43 . 2012-05-20 13:03        3584              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2009-07-01 16:43 . 2010-11-20 12:48        3584              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2009-07-01 16:43 . 2010-11-20 12:48        8192              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\mspicons.exe
+ 2009-07-01 16:43 . 2012-05-20 13:03        8192              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2009-07-01 16:43 . 2010-11-20 12:48        2560              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2009-07-01 16:43 . 2012-05-20 13:03        2560              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2012-05-11 09:05 . 2012-01-03 10:54        299792              c:\windows\winsxs\x86_wpf-xpsviewerexe_31bf3856ad364e35_6.0.6002.22771_none_cb58dd201f0af867\XPSViewer.exe
+ 2012-05-11 09:05 . 2012-01-03 10:57        299280              c:\windows\winsxs\x86_wpf-xpsviewerexe_31bf3856ad364e35_6.0.6002.18565_none_cade0f8305e1a4e1\XPSViewer.exe
+ 2012-05-11 09:05 . 2012-02-13 11:00        532480              c:\windows\winsxs\x86_wpf-reachframework_31bf3856ad364e35_6.0.6002.22797_none_023ffdb33f40088b\ReachFramework.dll
+ 2012-05-11 09:05 . 2012-02-13 11:02        532480              c:\windows\winsxs\x86_wpf-reachframework_31bf3856ad364e35_6.0.6002.18582_none_01bc2d7c261ed0f6\ReachFramework.dll
+ 2012-05-11 09:05 . 2012-02-13 11:00        131360              c:\windows\winsxs\x86_wpf-presentationhostdll_31bf3856ad364e35_6.0.6002.22797_none_72213fbc3685c3ee\PresentationHostDLL.dll
+ 2012-05-11 09:05 . 2012-01-03 10:54        131360              c:\windows\winsxs\x86_wpf-presentationhostdll_31bf3856ad364e35_6.0.6002.22771_none_7230ddd8367af402\PresentationHostDLL.dll
+ 2012-05-11 09:05 . 2012-02-13 11:02        130848              c:\windows\winsxs\x86_wpf-presentationhostdll_31bf3856ad364e35_6.0.6002.18582_none_719d6f851d648c59\PresentationHostDLL.dll
+ 2012-05-11 09:05 . 2012-01-03 10:57        130848              c:\windows\winsxs\x86_wpf-presentationhostdll_31bf3856ad364e35_6.0.6002.18565_none_71b6103b1d51a07c\PresentationHostDLL.dll
+ 2012-05-11 09:05 . 2012-02-13 11:00        368640              c:\windows\winsxs\x86_system.printing_31bf3856ad364e35_6.0.6002.22797_none_755635408ca2d5ce\System.Printing.dll
+ 2012-05-11 09:05 . 2012-02-13 11:02        368640              c:\windows\winsxs\x86_system.printing_31bf3856ad364e35_6.0.6002.18582_none_74d2650973819e39\System.Printing.dll
+ 2012-05-11 09:07 . 2012-01-03 10:57        389888              c:\windows\winsxs\x86_netfx-sos_dll_b03f5f7f11d50a3a_6.0.6002.22770_none_fd05108e14caec14\SOS.dll
+ 2012-05-11 09:07 . 2012-01-03 10:58        389888              c:\windows\winsxs\x86_netfx-sos_dll_b03f5f7f11d50a3a_6.0.6002.18564_none_13d15c07fb24d8ea\SOS.dll
+ 2012-05-11 09:07 . 2012-01-03 10:55        364816              c:\windows\winsxs\x86_netfx-mscorjit_dll_b03f5f7f11d50a3a_6.0.6002.22770_none_a871fb614b219c32\mscorjit.dll
+ 2012-05-11 09:07 . 2012-01-03 10:57        364816              c:\windows\winsxs\x86_netfx-mscorjit_dll_b03f5f7f11d50a3a_6.0.6002.18564_none_bf3e46db317b8908\mscorjit.dll
+ 2012-05-11 09:07 . 2012-01-03 10:55        990480              c:\windows\winsxs\x86_netfx-mscordacwks_b03f5f7f11d50a3a_6.0.6002.22770_none_1436c8cd20d60fff\mscordacwks.dll
+ 2012-05-11 09:07 . 2012-01-03 10:57        989968              c:\windows\winsxs\x86_netfx-mscordacwks_b03f5f7f11d50a3a_6.0.6002.18564_none_2b031447072ffcd5\mscordacwks.dll
+ 2012-06-24 17:42 . 2012-06-02 13:19        171904              c:\windows\winsxs\x86_microsoft-windows-w..pdateclient-activex_31bf3856ad364e35_7.6.7600.256_none_09f272fb52ab0c3f\wuwebv.dll
+ 2012-06-24 17:43 . 2012-06-02 22:19        577048              c:\windows\winsxs\x86_microsoft-windows-w..owsupdateclient-aux_31bf3856ad364e35_7.6.7600.256_none_5fe7b2baacf3da43\wuapi.dll
+ 2012-05-11 09:07 . 2012-03-30 12:39        914304              c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
+ 2012-05-11 09:07 . 2012-03-30 12:39        905600              c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
+ 2012-05-11 09:05 . 2012-02-01 14:48        484352              c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6002.22789_none_19d42b54bb14d4c9\MSPVWCTL.DLL
+ 2012-05-11 09:05 . 2012-02-01 14:47        983040              c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6002.22789_none_19d42b54bb14d4c9\JNTFiltr.dll
+ 2012-05-11 09:05 . 2012-02-01 14:47        672768              c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6002.22789_none_19d42b54bb14d4c9\InkSeg.dll
+ 2008-05-28 00:51 . 2008-01-19 07:35        484352              c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6002.18579_none_19555c8fa1ef1be7\MSPVWCTL.DLL
+ 2012-05-11 09:05 . 2012-02-01 15:10        983040              c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6002.18579_none_19555c8fa1ef1be7\JNTFiltr.dll
+ 2008-05-28 00:51 . 2008-01-19 07:34        672768              c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6002.18579_none_19555c8fa1ef1be7\InkSeg.dll
+ 2012-05-11 09:05 . 2012-02-01 14:48        153600              c:\windows\winsxs\x86_microsoft-windows-t..platform-comruntime_31bf3856ad364e35_6.0.6002.22789_none_ccb32adc4d8c00b7\rtscom.dll
+ 2012-05-11 09:05 . 2012-02-01 14:47        936960              c:\windows\winsxs\x86_microsoft-windows-t..platform-comruntime_31bf3856ad364e35_6.0.6002.22789_none_ccb32adc4d8c00b7\journal.dll
+ 2012-05-11 09:05 . 2012-02-01 14:47        217600              c:\windows\winsxs\x86_microsoft-windows-t..platform-comruntime_31bf3856ad364e35_6.0.6002.22789_none_ccb32adc4d8c00b7\InkEd.dll
+ 2012-05-11 09:05 . 2012-02-01 14:47        276992              c:\windows\winsxs\x86_microsoft-windows-t..platform-comruntime_31bf3856ad364e35_6.0.6002.22789_none_ccb32adc4d8c00b7\InkDiv.dll
+ 2009-09-14 01:03 . 2009-04-11 06:28        153600              c:\windows\winsxs\x86_microsoft-windows-t..platform-comruntime_31bf3856ad364e35_6.0.6002.18579_none_cc345c17346647d5\rtscom.dll
+ 2012-05-11 09:05 . 2012-02-01 15:10        936960              c:\windows\winsxs\x86_microsoft-windows-t..platform-comruntime_31bf3856ad364e35_6.0.6002.18579_none_cc345c17346647d5\journal.dll
+ 2009-09-14 01:04 . 2009-04-11 06:28        217600              c:\windows\winsxs\x86_microsoft-windows-t..platform-comruntime_31bf3856ad364e35_6.0.6002.18579_none_cc345c17346647d5\InkEd.dll
+ 2008-05-28 00:51 . 2008-01-19 07:34        276992              c:\windows\winsxs\x86_microsoft-windows-t..platform-comruntime_31bf3856ad364e35_6.0.6002.18579_none_cc345c17346647d5\InkDiv.dll
+ 2012-05-11 09:05 . 2012-02-01 14:47        964608              c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.0.6002.22789_none_4fbadd1495216d8a\JNWDRV.dll
+ 2012-05-11 09:05 . 2012-02-01 15:10        964608              c:\windows\winsxs\x86_microsoft-windows-t..ournalnotewriterqfe_31bf3856ad364e35_6.0.6002.18579_none_4f3c0e4f7bfbb4a8\JNWDRV.dll
+ 2012-05-11 09:05 . 2012-02-01 14:47        964608              c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.0.6002.22789_none_4487926d63821c10\JNWDRV.dll
+ 2012-05-11 09:05 . 2012-02-01 15:10        964608              c:\windows\winsxs\x86_microsoft-windows-t..c-journalnotewriter_31bf3856ad364e35_6.0.6002.18579_none_4408c3a84a5c632e\JNWDRV.dll
+ 2012-05-11 09:05 . 2012-03-01 14:46        219648              c:\windows\winsxs\x86_microsoft-windows-directx-direct3d10.1_31bf3856ad364e35_7.0.6002.22807_none_44111d604ab6499e\d3d10_1core.dll
+ 2012-05-11 09:05 . 2012-03-01 14:46        160768              c:\windows\winsxs\x86_microsoft-windows-directx-direct3d10.1_31bf3856ad364e35_7.0.6002.22807_none_44111d604ab6499e\d3d10_1.dll
+ 2012-05-11 09:05 . 2012-02-29 15:09        219648              c:\windows\winsxs\x86_microsoft-windows-directx-direct3d10.1_31bf3856ad364e35_7.0.6002.18592_none_43212c0b31e62c4c\d3d10_1core.dll
+ 2012-05-11 09:05 . 2012-02-29 15:09        160768              c:\windows\winsxs\x86_microsoft-windows-directx-direct3d10.1_31bf3856ad364e35_7.0.6002.18592_none_43212c0b31e62c4c\d3d10_1.dll
+ 2012-05-11 09:05 . 2012-03-01 13:31        683008              c:\windows\winsxs\x86_microsoft-windows-d2d_31bf3856ad364e35_7.0.6002.22807_none_9b8486befd152bd6\d2d1.dll
+ 2012-05-11 09:05 . 2012-02-29 13:44        683008              c:\windows\winsxs\x86_microsoft-windows-d2d_31bf3856ad364e35_7.0.6002.18592_none_9a949569e4450e84\d2d1.dll
+ 2009-09-14 01:03 . 2009-03-30 04:42        434176              c:\windows\winsxs\msil_system.windows.forms.resources_b77a5c561934e089_6.0.6002.22823_de-de_9f2630f2eea844db\System.Windows.Forms.Resources.dll
+ 2009-09-14 01:03 . 2009-03-30 04:42        434176              c:\windows\winsxs\msil_system.windows.forms.resources_b77a5c561934e089_6.0.6002.22770_de-de_9f2b76e0eea3765a\System.Windows.Forms.Resources.dll
+ 2009-09-14 01:03 . 2009-03-30 04:42        434176              c:\windows\winsxs\msil_system.windows.forms.resources_b77a5c561934e089_6.0.6002.18601_de-de_b5f204d2d5027e94\System.Windows.Forms.Resources.dll
+ 2009-09-14 01:03 . 2009-03-30 04:42        434176              c:\windows\winsxs\msil_system.windows.forms.resources_b77a5c561934e089_6.0.6002.18564_de-de_b5f7c25ad4fd6330\System.Windows.Forms.Resources.dll
+ 2009-09-14 01:03 . 2009-03-30 04:42        212992              c:\windows\winsxs\msil_system.resources_b77a5c561934e089_6.0.6002.22770_de-de_4f34d409d6329154\system.resources.dll
+ 2009-09-14 01:03 . 2009-03-30 04:42        212992              c:\windows\winsxs\msil_system.resources_b77a5c561934e089_6.0.6002.18564_de-de_66011f83bc8c7e2a\system.resources.dll
+ 2009-09-14 01:03 . 2009-03-30 04:42        544768              c:\windows\winsxs\msil_system.design.resources_b03f5f7f11d50a3a_6.0.6002.22823_de-de_fd972f61fa4c39d7\System.Design.Resources.dll
+ 2009-09-14 01:03 . 2009-03-30 04:42        544768              c:\windows\winsxs\msil_system.design.resources_b03f5f7f11d50a3a_6.0.6002.18601_de-de_14630341e0a67390\System.Design.Resources.dll
+ 2012-05-11 09:05 . 2012-02-13 11:00        532480              c:\windows\winsxs\msil_reachframework_31bf3856ad364e35_6.0.6002.22797_none_43c52a271807407a\ReachFramework.dll
+ 2012-05-11 09:05 . 2012-02-13 11:02        532480              c:\windows\winsxs\msil_reachframework_31bf3856ad364e35_6.0.6002.18582_none_434159effee608e5\ReachFramework.dll
+ 2009-09-14 01:03 . 2009-03-30 04:42        315392              c:\windows\winsxs\msil_mscorlib.resources_b77a5c561934e089_6.0.6002.22770_de-de_4e617901b4c0e6ec\mscorlib.resources.dll
+ 2009-09-14 01:03 . 2009-03-30 04:42        315392              c:\windows\winsxs\msil_mscorlib.resources_b77a5c561934e089_6.0.6002.18564_de-de_652dc47b9b1ad3c2\mscorlib.resources.dll
+ 2012-05-11 09:05 . 2012-01-03 10:57        299280              c:\windows\System32\XPSViewer\XPSViewer.exe
+ 2007-02-15 20:28 . 2012-07-17 17:51        830008              c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
+ 2006-11-02 13:05 . 2012-07-26 12:47        120004              c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2012-05-11 09:05 . 2012-02-01 15:10        964608              c:\windows\System32\spool\drivers\w32x86\3\JNWDRV.dll
- 2008-05-28 00:52 . 2008-01-19 07:34        964608              c:\windows\System32\spool\drivers\w32x86\3\JNWDRV.dll
+ 2006-11-02 10:33 . 2012-07-18 13:47        607470              c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2012-05-02 20:14        607470              c:\windows\System32\perfh009.dat
+ 2007-01-15 18:12 . 2012-07-18 13:47        642482              c:\windows\System32\perfh007.dat
- 2007-01-15 18:12 . 2012-05-02 20:14        642482              c:\windows\System32\perfh007.dat
+ 2006-11-02 10:33 . 2012-07-18 13:47        108742              c:\windows\System32\perfc009.dat
- 2006-11-02 10:33 . 2012-05-02 20:14        108742              c:\windows\System32\perfc009.dat
+ 2007-01-15 18:12 . 2012-07-18 13:47        131828              c:\windows\System32\perfc007.dat
- 2007-01-15 18:12 . 2012-05-02 20:14        131828              c:\windows\System32\perfc007.dat
+ 2006-11-02 12:47 . 2012-05-18 17:12        466664              c:\windows\System32\FNTCACHE.DAT
- 2006-11-02 12:47 . 2012-04-06 16:34        466664              c:\windows\System32\FNTCACHE.DAT
+ 2012-05-11 09:07 . 2012-03-30 12:39        905600              c:\windows\System32\drivers\tcpip.sys
- 2012-03-13 23:15 . 2012-02-14 15:45        219648              c:\windows\System32\d3d10_1core.dll
+ 2012-05-11 09:05 . 2012-03-01 14:46        219648              c:\windows\System32\d3d10_1core.dll
- 2012-03-13 23:15 . 2012-02-14 15:45        160768              c:\windows\System32\d3d10_1.dll
+ 2012-05-11 09:05 . 2012-03-01 14:46        160768              c:\windows\System32\d3d10_1.dll
- 2012-03-13 23:15 . 2012-02-13 13:47        683008              c:\windows\System32\d2d1.dll
+ 2012-05-11 09:05 . 2012-02-29 13:44        683008              c:\windows\System32\d2d1.dll
+ 2009-06-16 17:10 . 2012-05-29 17:53        262144              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-06-16 17:10 . 2012-05-04 18:59        262144              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2011-02-16 00:33 . 2012-05-06 22:45        462740              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-02-16 00:33 . 2012-07-24 15:05        462740              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-07-24 15:05 . 2012-07-24 15:05        463508              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat
+ 2012-05-11 09:05 . 2012-02-13 11:02        130848              c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2012-05-11 09:07 . 2012-01-03 10:58        389888              c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2012-05-11 09:07 . 2012-01-03 10:57        364816              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2012-05-11 09:07 . 2012-01-03 10:57        989968              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2009-07-01 16:43 . 2010-11-20 12:48        114688              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2009-07-01 16:43 . 2012-05-20 13:03        114688              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\outicon.exe
- 2009-07-01 16:43 . 2010-11-20 12:48        167936              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2009-07-01 16:43 . 2012-05-20 13:03        167936              c:\windows\Installer\{90280407-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2009-12-01 15:37 . 2012-05-18 14:07        888080              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-12-01 15:37 . 2012-04-16 16:40        888080              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-12-01 15:37 . 2012-05-18 14:07        272648              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2009-12-01 15:37 . 2012-04-16 16:40        272648              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2009-12-01 15:37 . 2012-05-18 14:07        922384              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2009-12-01 15:37 . 2012-04-16 16:40        922384              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2009-12-01 15:37 . 2012-04-16 16:40        845584              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-12-01 15:37 . 2012-05-18 14:07        845584              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-12-01 15:37 . 2012-05-18 14:07        217864              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2009-12-01 15:37 . 2012-04-16 16:40        217864              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2009-12-01 15:37 . 2012-04-16 16:40        184080              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-12-01 15:37 . 2012-05-18 14:07        184080              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2009-12-01 15:37 . 2012-04-16 16:40        159504              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2009-12-01 15:37 . 2012-05-18 14:07        159504              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2012-05-18 18:00 . 2012-05-18 18:00        321536              c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\fbf74afe74e81261415b050305c2a870\WsatConfig.ni.exe
+ 2012-05-18 13:53 . 2012-05-18 13:53        240128              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\c5d3ce0f4bd207d6304b2348c3e621de\WindowsFormsIntegration.ni.dll
+ 2012-05-18 18:00 . 2012-05-18 18:00        240128              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\be701ce708835e0162cb863d3a4eeb49\WindowsFormsIntegration.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        187904              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\5ebaa15cccc356bc3afba0c8f56977f7\UIAutomationTypes.ni.dll
+ 2012-05-18 13:52 . 2012-05-18 13:52        447488              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\b9321e183f2450c35a544a5a125ac030\UIAutomationClient.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        447488              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\2250edc2c1512efa1c5788b787c93420\UIAutomationClient.ni.dll
+ 2012-05-18 18:00 . 2012-05-18 18:00        235520              c:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\aaccc6d20e77e0f082e5af55a18079b8\TaskScheduler.ni.dll
+ 2012-05-18 18:00 . 2012-05-18 18:00        400896              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\f925b35bd6833e57067ad1f5c1bb5f17\System.Xml.Linq.ni.dll
+ 2012-05-18 18:00 . 2012-05-18 18:00        129536              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\c8ab679cadce23450692652d699c4e85\System.Web.Routing.ni.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        202240              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\2b12e6b3c3c29fdcfd7675deb0286c51\System.Web.RegularExpressions.ni.dll
+ 2012-05-18 18:00 . 2012-05-18 18:00        859648              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\56964f70f3ba0388dedc87982c88da55\System.Web.Extensions.Design.ni.dll
+ 2012-05-18 18:00 . 2012-05-18 18:00        328704              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\e8ced8a9d13f997516c6f6da6ff27823\System.Web.Entity.ni.dll
+ 2012-05-18 18:00 . 2012-05-18 18:00        301056              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\711b34b33420fd054c5f1f8bd760f513\System.Web.Entity.Design.ni.dll
+ 2012-05-18 18:00 . 2012-05-18 18:00        547328              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\e8096caba914910c629bc5ea5eaceb26\System.Web.DynamicData.ni.dll
+ 2012-05-18 18:00 . 2012-05-18 18:00        141312              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\3812cf943328524a6c5b468dea70510b\System.Web.Abstractions.ni.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        627200              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\b6d83a652c94b32fc8f99a6df0acd7f4\System.Transactions.ni.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        212992              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\675632907c226b0c67a2407f2ddd4bf7\System.ServiceProcess.ni.dll
+ 2012-05-18 17:33 . 2012-05-18 17:33        679936              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\442135bc0b503b42ab2d752c23bea631\System.Security.ni.dll
+ 2012-05-18 17:33 . 2012-05-18 17:33        311296              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1ee6b56dc9985fbbdeb373b611ac4fb3\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        771584              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
+ 2012-05-18 17:59 . 2012-05-18 17:59        621056              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\934c97ed4999b35cb0b81bf8aba085bd\System.Net.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        593408              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\d93c05ef66a875441065ccce2a399577\System.Messaging.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        998400              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll
+ 2012-05-18 17:59 . 2012-05-18 17:59        330752              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\d33a548d929f66fe400903ffe768d0f0\System.Management.Instrumentation.ni.dll
+ 2012-05-18 17:59 . 2012-05-18 17:59        381440              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\998dfe1266cf798e1ff574eb7fd2bfa8\System.IO.Log.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        212992              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\75df548d77c2833a48c5da51424c93f1\System.IdentityModel.Selectors.ni.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        280064              c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4b5eaa70d2900b98ccf6fd9915f34d69\System.EnterpriseServices.Wrapper.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        627712              c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4b5eaa70d2900b98ccf6fd9915f34d69\System.EnterpriseServices.ni.dll
+ 2012-05-18 17:20 . 2012-05-18 17:20        208384              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\11dd8eecb9bcf7bcc550c50d68555588\System.Drawing.Design.ni.dll
+ 2012-05-18 17:59 . 2012-05-18 17:59        881152              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\dc66ec040f382fef55b98e1f20ea783f\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        455680              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\99e4eb6fb13794d1a0b10e4f2b14d106\System.DirectoryServices.Protocols.ni.dll
+ 2012-05-18 17:38 . 2012-05-18 17:38        939008              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\72714f72a04c6233a2b50324eec8cc4a\System.Data.Services.Client.ni.dll
+ 2012-05-18 17:59 . 2012-05-18 17:59        354816              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\0213b2a09139aa03e485fd4b66753809\System.Data.Services.Design.ni.dll
+ 2012-05-18 17:38 . 2012-05-18 17:38        756736              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\6f763ae9a8467a9871dd6780d4d2c6a7\System.Data.Entity.Design.ni.dll
+ 2012-05-18 17:37 . 2012-05-18 17:37        135680              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\fcda8e8e987949b85a1fe6ce03ecba9b\System.Data.DataSetExtensions.ni.dll
+ 2012-05-18 17:33 . 2012-05-18 17:33        971264              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        141312              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\f55611b6eee35375eaaf903f302e8a14\System.Configuration.Install.ni.dll
+ 2012-05-18 17:37 . 2012-05-18 17:37        633856              c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\2e06b217b01a361f04d8f7640a3b5ae1\System.AddIn.ni.dll
+ 2012-05-18 18:00 . 2012-05-18 18:00        232448              c:\windows\assembly\NativeImages_v2.0.50727_32\sysglobl\4440dde36b8d3ba20512beb05505451b\sysglobl.ni.dll
+ 2012-05-18 17:37 . 2012-05-18 17:37        366080              c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\5d10dacced9bb34b5e0e6e0bdd0f7631\SMSvcHost.ni.exe
+ 2012-05-18 17:35 . 2012-05-18 17:35        256000              c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\521fb04fdfbb0039a34cc91111d11804\SMDiagnostics.ni.dll
+ 2012-05-18 17:37 . 2012-05-18 17:37        320512              c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\90ee142ef8d567092c7afdf3c79c814b\ServiceModelReg.ni.exe
+ 2012-05-18 17:19 . 2012-05-18 17:19        224768              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d81872939252c65b6f1127f331b84de0\PresentationFramework.Classic.ni.dll
+ 2012-05-18 13:49 . 2012-05-18 13:49        368128              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ce5577dc50faa48b5d07c25632c53462\PresentationFramework.Aero.ni.dll
+ 2012-05-18 13:49 . 2012-05-18 13:49        258048              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ce086d618c19258a6682a2a29af55dd9\PresentationFramework.Royale.ni.dll
+ 2012-05-18 17:19 . 2012-05-18 17:19        368128              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c8c3ab08933fef9fb6657da871395c46\PresentationFramework.Aero.ni.dll
+ 2012-05-18 17:20 . 2012-05-18 17:20        539648              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bbfbadb527a3ce339eef5f304a12f0c7\PresentationFramework.Luna.ni.dll
+ 2012-05-18 13:49 . 2012-05-18 13:49        539648              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6a9e0d3cec0e844931df8c0eb43fca12\PresentationFramework.Luna.ni.dll
+ 2012-05-18 13:49 . 2012-05-18 13:49        224768              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\118d9ec1a0bbf3fd006cbe0a6090d7e6\PresentationFramework.Classic.ni.dll
+ 2012-05-18 17:20 . 2012-05-18 17:20        258048              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\00112c66cb7cb4c8f8a284320a2fa2b1\PresentationFramework.Royale.ni.dll
+ 2012-05-18 17:33 . 2012-05-18 17:33        601088              c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.SystemL#\ca62e8ceac06d7409672855cecc10ea4\PaintDotNet.SystemLayer.ni.dll
+ 2012-05-18 17:33 . 2012-05-18 17:33        322048              c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Resourc#\c723259332d98607ae6e3276b673da08\PaintDotNet.Resources.ni.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        643072              c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Effects\23080b4832fb7c25866ee008ecec6648\PaintDotNet.Effects.ni.dll
+ 2012-05-18 17:33 . 2012-05-18 17:33        695808              c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Data\a1a279a3725183d1ec70c029dafc4fab\PaintDotNet.Data.ni.dll
+ 2012-05-18 17:33 . 2012-05-18 17:33        227328              c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Base\a87322fc0bcc8abb5e8682abfcf342a0\PaintDotNet.Base.ni.dll
+ 2012-05-18 17:37 . 2012-05-18 17:37        724992              c:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\c3d993293f0dcb7a30204c7096c2a5bb\napsnap.ni.dll
+ 2012-05-18 17:37 . 2012-05-18 17:37        110080              c:\windows\assembly\NativeImages_v2.0.50727_32\napinit\48520a91e99e86416014b9b6d2a7c2a6\napinit.ni.dll
+ 2012-05-18 17:37 . 2012-05-18 17:37        115712              c:\windows\assembly\NativeImages_v2.0.50727_32\naphlpr\fafb8f5ecc491637dd61c7efd321a68a\naphlpr.ni.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        133632              c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\91ba322c3cb72f03d15016e81f2f08e8\MSBuild.ni.exe
+ 2012-05-18 17:36 . 2012-05-18 17:36        285184              c:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\e8aacd74110db73e98fb9f66dd87a0cd\MMCFxCommon.ni.dll
+ 2012-05-18 17:37 . 2012-05-18 17:37        508928              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.WSMan.Man#\ee837f53d1dfa574e7f908907cde5762\Microsoft.WSMan.Management.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        386560              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\2561c194ae93e7d81c1921d7f8bc4d9d\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-05-18 13:52 . 2012-05-18 13:52        729600              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\fe2f0dcb5833316d267719565307b0d1\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        156160              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\ece80059173e49adf749b12ab865d21e\Microsoft.PowerShell.Security.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        729600              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\a253fd3940797d138fc8c5974b7e1f7a\Microsoft.PowerShell.GraphicalHost.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        737792              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\74dbe658cfe06e384430fe5ae7d29310\Microsoft.PowerShell.Commands.Management.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        515584              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\12925e39b3ba4256b20d62aa94df1043\Microsoft.PowerShell.ConsoleHost.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        291328              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\012d9816bed18f463f1a7997acdc3d15\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        593408              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\ed2a004821673496979d825ce6b333b6\Microsoft.MediaCenter.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        659968              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\49708553beac29dc425492f9520f607b\Microsoft.MediaCenter.Sports.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        227840              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\40ed5b7a3dc409d4bfb5cbc22b2de3f9\Microsoft.MediaCenter.Shell.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        558592              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\7e0bd3eec312b342c4c1b718bb1ba0ae\Microsoft.ManagementConsole.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        144384              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\66b5642e7fb6c41c7c9f320c39cc04ad\Microsoft.Build.Utilities.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        175104              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\33d8c9635b28feaeb2711f402e1afac2\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        888320              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\c424f04095959cd8a5c03f2904cbd698\Microsoft.Build.Engine.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        222720              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\1e48dcddad33d81cd6e0c429c17094a1\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        238592              c:\windows\assembly\NativeImages_v2.0.50727_32\Mcx2Dvcs\d9ef7a0b14036b65f7d8b0c39542f679\Mcx2Dvcs.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        254976              c:\windows\assembly\NativeImages_v2.0.50727_32\mcupdate\f6536b4c26373b75c1037433213d7fb0\mcupdate.ni.exe
+ 2012-05-18 17:35 . 2012-05-18 17:35        225280              c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\a49b94a226262de9fc167c662d9175e6\mcstoredb.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        642560              c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\cb292a571ceb92b81b41cf52eac16d83\mcstore.ni.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        504320              c:\windows\assembly\NativeImages_v2.0.50727_32\ICSharpCode.SharpZi#\de8baf94d243697760a340c96e5a4bec\ICSharpCode.SharpZipLib.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        543744              c:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\81fff530629c9ff044083998fc608618\EventViewer.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        103936              c:\windows\assembly\NativeImages_v2.0.50727_32\ehiWUapi\026110bb02fb6ad6ca94b7b2fde54013\ehiWUapi.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        338432              c:\windows\assembly\NativeImages_v2.0.50727_32\ehiwmp\7d7fb67c9ca0865f01c81615bfa39752\ehiwmp.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        797696              c:\windows\assembly\NativeImages_v2.0.50727_32\ehiVidCtl\517658fd6bfd5187c3293b54121b057e\ehiVidCtl.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        965632              c:\windows\assembly\NativeImages_v2.0.50727_32\ehiProxy\286a98a691096f98d57f0f9cb9d03690\ehiProxy.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        565760              c:\windows\assembly\NativeImages_v2.0.50727_32\ehiPlay\67ddb639b0e4210abaf7d19d72013cb5\ehiPlay.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        160768              c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\07d99efbb39707d01236f56cb1299524\ehiExtens.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        243200              c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost\9467ebde730619d44e3f9338563b52b5\ehExtHost.ni.exe
+ 2012-05-18 17:35 . 2012-05-18 17:35        305152              c:\windows\assembly\NativeImages_v2.0.50727_32\ehepgdat\7bb80e892853c7ddec7925a7278c03ea\ehepgdat.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        220160              c:\windows\assembly\NativeImages_v2.0.50727_32\ehCIR\2794be5c73dd6a6efe1ec1c5e8396024\ehCIR.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        220672              c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\8455a2be044530a091b714f5a6415d6b\CustomMarshalers.ni.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        410112              c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\b434a5d366e71df6c19d51bfab284ed8\ComSvcConfig.ni.exe
+ 2012-05-18 17:33 . 2012-05-18 17:33        386560              c:\windows\assembly\NativeImages_v2.0.50727_32\BDATunePIA\e20f2a67e463b0096433b4473c5aedfe\BDATunePIA.ni.dll
+ 2012-05-18 17:33 . 2012-05-18 17:33        842240              c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\bc7c2b8dced50ff2a4e7dc937f9a5022\AspNetMMCExt.ni.dll
+ 2012-05-11 09:05 . 2012-02-13 11:02        532480              c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2009-09-14 01:06 . 2009-02-18 18:39        532480              c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
- 2009-09-14 01:05 . 2009-02-18 18:39        368640              c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-05-11 09:05 . 2012-02-13 11:02        368640              c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2012-05-11 09:05 . 2012-02-13 11:00        1253376              c:\windows\winsxs\x86_wpf-windowsbase_31bf3856ad364e35_6.0.6002.22797_none_5982df675e4ca7a6\WindowsBase.dll
+ 2012-05-11 09:05 . 2012-01-03 10:54        1253376              c:\windows\winsxs\x86_wpf-windowsbase_31bf3856ad364e35_6.0.6002.22771_none_59927d835e41d7ba\WindowsBase.dll
+ 2012-05-11 09:05 . 2012-02-13 11:02        1249280              c:\windows\winsxs\x86_wpf-windowsbase_31bf3856ad364e35_6.0.6002.18582_none_58ff0f30452b7011\WindowsBase.dll
+ 2012-05-11 09:05 . 2012-01-03 10:57        1249280              c:\windows\winsxs\x86_wpf-windowsbase_31bf3856ad364e35_6.0.6002.18565_none_5917afe645188434\WindowsBase.dll
+ 2012-05-11 09:05 . 2012-02-13 11:00        5283840              c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6002.22797_none_709c2e896c7cefd0\PresentationFramework.dll
+ 2012-05-11 09:05 . 2012-01-03 10:54        5283840              c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6002.22771_none_70abcca56c721fe4\PresentationFramework.dll
+ 2012-05-11 09:05 . 2012-02-13 11:02        5283840              c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6002.18582_none_70185e52535bb83b\PresentationFramework.dll
+ 2012-05-11 09:05 . 2012-01-03 10:57        5283840              c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6002.18565_none_7030ff085348cc5e\PresentationFramework.dll
+ 2012-05-11 09:05 . 2012-02-13 11:00        1738008              c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6002.22797_none_ae46e4c2a67ad1a3\wpfgfx_v0300.dll
+ 2012-05-11 09:05 . 2012-02-13 11:00        4218880              c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6002.22797_none_ae46e4c2a67ad1a3\PresentationCore.dll
+ 2012-05-11 09:05 . 2012-01-03 10:54        1737496              c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6002.22771_none_ae5682dea67001b7\wpfgfx_v0300.dll
+ 2012-05-11 09:05 . 2012-01-03 10:54        4218880              c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6002.22771_none_ae5682dea67001b7\PresentationCore.dll
+ 2012-05-11 09:05 . 2012-02-13 11:02        1736984              c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6002.18582_none_adc3148b8d599a0e\wpfgfx_v0300.dll
+ 2012-05-11 09:05 . 2012-02-13 11:02        4214784              c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6002.18582_none_adc3148b8d599a0e\PresentationCore.dll
+ 2009-09-14 01:06 . 2009-02-18 18:39        1737064              c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6002.18565_none_addbb5418d46ae31\wpfgfx_v0300.dll
+ 2012-05-11 09:05 . 2012-01-03 10:56        4214784              c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6002.18565_none_addbb5418d46ae31\PresentationCore.dll
+ 2012-05-11 09:07 . 2012-01-03 10:55        5925648              c:\windows\winsxs\x86_netfx-mscorwks_dll_b03f5f7f11d50a3a_6.0.6002.22770_none_1b72a5e648d5042c\mscorwks.dll
+ 2012-05-11 09:07 . 2012-01-03 10:57        5913872              c:\windows\winsxs\x86_netfx-mscorwks_dll_b03f5f7f11d50a3a_6.0.6002.18564_none_323ef1602f2ef102\mscorwks.dll
+ 2012-05-11 09:07 . 2012-01-03 10:55        4550656              c:\windows\winsxs\x86_mscorlib_b77a5c561934e089_6.0.6002.22770_none_b0cbd6f8db4d9fa7\mscorlib.dll
+ 2012-05-11 09:07 . 2012-01-03 10:57        4550656              c:\windows\winsxs\x86_mscorlib_b77a5c561934e089_6.0.6002.18564_none_c7982272c1a78c7d\mscorlib.dll
+ 2012-05-11 09:05 . 2012-02-10 16:22        1838592              c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.6002.22795_none_76dd7d7d7cbccda9\GdiPlus.dll
+ 2012-05-11 09:05 . 2012-02-03 15:11        1838592              c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.6002.18581_none_8daa7f376315ed77\GdiPlus.dll
+ 2012-05-11 09:05 . 2012-02-10 16:22        1748992              c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.22795_none_878c0e98e3b6f402\GdiPlus.dll
+ 2012-05-11 09:05 . 2012-02-03 15:11        1748992              c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll
+ 2012-06-24 17:43 . 2012-06-02 22:12        2422272              c:\windows\winsxs\x86_microsoft-windows-windowsupdateclient-ui_31bf3856ad364e35_7.6.7600.256_none_f7839c193937c3f1\wucltux.dll
+ 2012-05-11 09:05 . 2012-04-02 13:23        2053120              c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22831_none_bb442befb0e20f5e\win32k.sys
+ 2012-05-11 09:05 . 2012-04-02 13:36        2044928              c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18607_none_bae0febe97a6b6a4\win32k.sys
+ 2012-06-24 17:43 . 2012-06-02 22:19        1933848              c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_79d6786e99338140\wuaueng.dll
+ 2012-05-11 09:05 . 2012-02-01 14:48        1218048              c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6002.22789_none_19d42b54bb14d4c9\NBDoc.DLL
+ 2012-05-11 09:05 . 2012-02-01 13:44        1850880              c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6002.22789_none_19d42b54bb14d4c9\Journal.exe
+ 2012-05-11 09:05 . 2012-02-01 15:11        1218048              c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6002.18579_none_19555c8fa1ef1be7\NBDoc.DLL
+ 2009-09-14 01:04 . 2009-04-11 06:27        1850880              c:\windows\winsxs\x86_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.0.6002.18579_none_19555c8fa1ef1be7\Journal.exe
+ 2012-05-11 09:05 . 2012-02-01 14:47        1404416              c:\windows\winsxs\x86_microsoft-windows-t..platform-comruntime_31bf3856ad364e35_6.0.6002.22789_none_ccb32adc4d8c00b7\InkObj.dll
+ 2012-05-11 09:05 . 2012-02-01 15:10        1404928              c:\windows\winsxs\x86_microsoft-windows-t..platform-comruntime_31bf3856ad364e35_6.0.6002.18579_none_cc345c17346647d5\InkObj.dll
+ 2012-05-11 09:05 . 2012-04-03 08:16        3552640              c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_6e8113d5ca7e5806\ntoskrnl.exe
+ 2012-05-11 09:05 . 2012-04-03 08:16        3604352              c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.22831_none_6e8113d5ca7e5806\ntkrnlpa.exe
+ 2012-05-11 09:05 . 2012-04-03 08:16        3550080              c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_6e1de6a4b142ff4c\ntoskrnl.exe
+ 2012-05-11 09:05 . 2012-04-03 08:16        3602816              c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6002.18607_none_6e1de6a4b142ff4c\ntkrnlpa.exe
+ 2012-01-31 12:18 . 2011-11-16 16:21        1259008              c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsasrv.dll
+ 2012-05-11 09:05 . 2012-03-01 13:50        1172480              c:\windows\winsxs\x86_microsoft-windows-directx-warp10_31bf3856ad364e35_7.0.6002.22807_none_de4b43def7d09125\d3d10warp.dll
+ 2012-05-11 09:05 . 2012-02-29 14:08        1172480              c:\windows\winsxs\x86_microsoft-windows-directx-warp10_31bf3856ad364e35_7.0.6002.18592_none_dd5b5289df0073d3\d3d10warp.dll
+ 2012-05-11 09:05 . 2012-03-01 13:27        1069056              c:\windows\winsxs\x86_microsoft-windows-directwrite_31bf3856ad364e35_7.0.6002.22807_none_c6850f1ca0934258\DWrite.dll
+ 2012-05-11 09:05 . 2012-02-29 13:41        1069056              c:\windows\winsxs\x86_microsoft-windows-directwrite_31bf3856ad364e35_7.0.6002.18592_none_c5951dc787c32506\DWrite.dll
+ 2012-05-11 09:05 . 2012-02-13 11:00        1253376              c:\windows\winsxs\msil_windowsbase_31bf3856ad364e35_6.0.6002.22797_none_9934bcf6462a1fdd\WindowsBase.dll
+ 2012-05-11 09:05 . 2012-01-03 10:54        1253376              c:\windows\winsxs\msil_windowsbase_31bf3856ad364e35_6.0.6002.22771_none_99445b12461f4ff1\WindowsBase.dll
+ 2012-05-11 09:05 . 2012-02-13 11:02        1249280              c:\windows\winsxs\msil_windowsbase_31bf3856ad364e35_6.0.6002.18582_none_98b0ecbf2d08e848\WindowsBase.dll
+ 2012-05-11 09:05 . 2012-01-03 10:57        1249280              c:\windows\winsxs\msil_windowsbase_31bf3856ad364e35_6.0.6002.18565_none_98c98d752cf5fc6b\WindowsBase.dll
+ 2012-05-11 09:07 . 2012-01-03 10:57        3190784              c:\windows\winsxs\msil_system_b77a5c561934e089_6.0.6002.22770_none_c3a51da375ea59e4\System.dll
+ 2012-05-11 09:07 . 2012-01-03 10:58        3186688              c:\windows\winsxs\msil_system_b77a5c561934e089_6.0.6002.18564_none_da71691d5c4446ba\System.dll
+ 2012-05-11 09:07 . 2012-01-03 10:57        5025792              c:\windows\winsxs\msil_system.windows.forms_b77a5c561934e089_6.0.6002.22770_none_1a012a7c5d7cabdc\System.Windows.Forms.dll
+ 2012-05-11 09:07 . 2012-01-03 10:58        5025792              c:\windows\winsxs\msil_system.windows.forms_b77a5c561934e089_6.0.6002.18564_none_30cd75f643d698b2\System.Windows.Forms.dll
+ 2012-05-11 09:05 . 2012-02-13 11:00        5283840              c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6002.22797_none_78cd68880a83439f\PresentationFramework.dll
+ 2012-05-11 09:05 . 2012-01-03 10:54        5283840              c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6002.22771_none_78dd06a40a7873b3\PresentationFramework.dll
+ 2012-05-11 09:05 . 2012-02-13 11:02        5283840              c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6002.18582_none_78499850f1620c0a\PresentationFramework.dll
+ 2012-05-11 09:05 . 2012-01-03 10:57        5283840              c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6002.18565_none_78623906f14f202d\PresentationFramework.dll
+ 2012-05-11 09:05 . 2012-04-02 13:36        2044928              c:\windows\System32\win32k.sys
- 2006-11-02 10:22 . 2012-04-17 22:21        6815744              c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2006-11-02 10:22 . 2012-07-11 09:42        6815744              c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2012-05-11 09:05 . 2012-04-03 08:16        3550080              c:\windows\System32\ntoskrnl.exe
- 2012-04-16 16:37 . 2012-03-06 06:39        3550080              c:\windows\System32\ntoskrnl.exe
+ 2012-05-11 09:05 . 2012-04-03 08:16        3602816              c:\windows\System32\ntkrnlpa.exe
- 2012-04-16 16:37 . 2012-03-06 06:39        3602816              c:\windows\System32\ntkrnlpa.exe
+ 2012-05-11 09:05 . 2012-02-29 13:41        1069056              c:\windows\System32\DWrite.dll
- 2012-03-13 23:15 . 2012-02-13 14:12        1172480              c:\windows\System32\d3d10warp.dll
+ 2012-05-11 09:05 . 2012-02-29 14:08        1172480              c:\windows\System32\d3d10warp.dll
+ 2011-10-28 01:04 . 2012-07-23 19:48        7066668              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2978858628-215539607-716368754-1003-8192.dat
+ 2012-05-11 09:05 . 2012-02-13 11:02        1736984              c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
- 2011-06-28 12:58 . 2011-03-29 10:53        5025792              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2012-05-11 09:07 . 2012-01-03 10:58        5025792              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2012-05-11 09:07 . 2012-01-03 10:58        3186688              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
- 2012-02-15 17:18 . 2011-11-01 11:23        3186688              c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2012-05-11 09:07 . 2012-01-03 10:57        5913872              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2012-05-11 09:07 . 2012-01-03 10:57        4550656              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2011-10-12 18:23 . 2011-07-08 11:53        4550656              c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2012-04-04 20:38 . 2012-04-04 20:38        2831360              c:\windows\Installer\687b7c.msp
+ 2012-04-28 19:44 . 2012-04-28 19:44        9101824              c:\windows\Installer\687b66.msp
+ 2012-04-28 19:44 . 2012-04-28 19:44        9586176              c:\windows\Installer\687b50.msp
+ 2012-04-30 12:38 . 2012-04-30 12:38        5011456              c:\windows\Installer\687b38.msp
+ 2012-04-04 20:38 . 2012-04-04 20:38        3620864              c:\windows\Installer\687b22.msp
+ 2012-03-15 00:24 . 2012-03-15 00:24        1795584              c:\windows\Installer\687b0c.msp
+ 2012-04-28 19:43 . 2012-04-28 19:43        8459264              c:\windows\Installer\687af6.msp
+ 2012-02-17 06:45 . 2012-02-17 06:45        2299392              c:\windows\Installer\687ae0.msp
- 2009-12-01 15:37 . 2012-04-16 16:40        1172240              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-12-01 15:37 . 2012-05-18 14:07        1172240              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-12-01 15:37 . 2012-05-18 14:07        1165584              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2009-12-01 15:37 . 2012-04-16 16:40        1165584              c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2012-05-18 17:19 . 2012-05-18 17:19        3325952              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll
+ 2012-05-18 13:47 . 2012-05-18 13:47        3325952              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\51d48bc9237197f60243fb8b14f27e9f\WindowsBase.ni.dll
+ 2012-05-18 13:53 . 2012-05-18 13:53        1049600              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\c12b7122aa96b3d39582604b8a1d04dd\UIAutomationClientsideProviders.ni.dll
+ 2012-05-18 18:00 . 2012-05-18 18:00        1049600              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\5554cc3dcd06e8820c9db3d509d9fae7\UIAutomationClientsideProviders.ni.dll
+ 2012-05-18 17:19 . 2012-05-18 17:19        7953408              c:\windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
+ 2012-05-18 17:21 . 2012-05-18 17:21        5450752              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
+ 2012-05-18 18:00 . 2012-05-18 18:00        1356288              c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\3934cd5857a60c454030d1c9a14a5a21\System.WorkflowServices.ni.dll
+ 2012-05-18 17:21 . 2012-05-18 17:21        1911296              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\2b734aec63ce9276dfd271ef0a4458a0\System.Workflow.Runtime.ni.dll
+ 2012-05-18 17:21 . 2012-05-18 17:21        4514304              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\414aa8fab914a3418860fb61a0746fd2\System.Workflow.ComponentModel.ni.dll
+ 2012-05-18 17:21 . 2012-05-18 17:21        2992640              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\c4b6c4a3246cc0660008ad7701d888c6\System.Workflow.Activities.ni.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        1840640              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\24556241d64589a6b95b7eaa7432295b\System.Web.Services.ni.dll
+ 2012-05-18 18:00 . 2012-05-18 18:00        2209280              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\0978e723c6d6741c5f2d1c37e3660345\System.Web.Mobile.ni.dll
+ 2012-05-18 18:00 . 2012-05-18 18:00        2405888              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\9bea9b43c9c4fefff36d42e6aa6b0eec\System.Web.Extensions.ni.dll
+ 2012-05-18 18:00 . 2012-05-18 18:00        1917440              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\7ed29e11a515872908672cb05b7ff4d3\System.Speech.ni.dll
+ 2012-05-18 18:00 . 2012-05-18 18:00        1705984              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\6546e0f4253ce30900e5ff902672a8bc\System.ServiceModel.Web.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        2346496              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1619144e1a9eaca847e53b952b21820b\System.Runtime.Serialization.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        1035776              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\f95c423a31ac401b5d81c9cd455e3676\System.Printing.ni.dll
+ 2012-05-18 13:52 . 2012-05-18 13:52        1035776              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\64ac5d6492dcd9965324ea3c3c100bca\System.Printing.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        8365056              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.A#\6a54f9f4af6fd2a19111200f0082349d\System.Management.Automation.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        1070080              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\32983e3f4c5c20053e6673f37a58a874\System.IdentityModel.ni.dll
+ 2012-05-18 17:20 . 2012-05-18 17:20        1591808              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        1116672              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\2352398c304c3cb6c0909099e39cfb19\System.DirectoryServices.ni.dll
+ 2012-05-18 17:33 . 2012-05-18 17:33        1801216              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\d374b09ce3f31ebd3e4cb3c64ca91a42\System.Deployment.ni.dll
+ 2012-05-18 17:20 . 2012-05-18 17:20        6621696              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\bfdd10e0a0aacf46bac557ffc5d55ba5\System.Data.ni.dll
+ 2012-05-18 17:33 . 2012-05-18 17:33        2510336              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\761fe0d0364a9a9515b8fd20b72150af\System.Data.SqlXml.ni.dll
+ 2012-05-18 17:38 . 2012-05-18 17:38        1328128              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\7080e56dddae7f08a2dacf0451a27d54\System.Data.Services.ni.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        1119232              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\35930a8bda01bcaa3f992622bc63e17a\System.Data.OracleClient.ni.dll
+ 2012-05-18 17:20 . 2012-05-18 17:20        2516480              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\25cbbaeba2e4efdca4bee27760ffb36d\System.Data.Linq.ni.dll
+ 2012-05-18 17:37 . 2012-05-18 17:37        9924096              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\5a93198249be78f582fc89d835403fe8\System.Data.Entity.ni.dll
+ 2012-05-18 17:20 . 2012-05-18 17:20        2295296              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\0f2b877ed16daa577f95be735a63d19c\System.Core.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        2146816              c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\e840ddcecb65ec23d027b253950d5a00\ReachFramework.ni.dll
+ 2012-05-18 13:52 . 2012-05-18 13:52        2146816              c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\497159d4e758485579c0b3350d2bf1c6\ReachFramework.ni.dll
+ 2012-05-18 13:52 . 2012-05-18 13:52        1657856              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\ed6ddd5bc1c26383bcc29fd4a5565bb4\PresentationUI.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        1657856              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\7cd9d41ca84c508d58475df4db9d220d\PresentationUI.ni.dll
+ 2012-05-18 17:37 . 2012-05-18 17:37        1451008              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\fc59920e9bbba90d812714c1748e2cec\PresentationBuildTasks.ni.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        2019840              c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet\71c8609d5d91907e37646bae0a37e4dc\PaintDotNet.ni.exe
+ 2012-05-18 17:33 . 2012-05-18 17:33        1812480              c:\windows\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Core\88df4c36bc126aa9f09b1a1cc902685b\PaintDotNet.Core.ni.dll
+ 2012-05-18 17:37 . 2012-05-18 17:37        2538496              c:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\210233057a1cdfb7b1f304282b2b3988\Narrator.ni.exe
+ 2012-05-18 17:37 . 2012-05-18 17:37        1536512              c:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\d91a5256dee77a6bdb2767c6c9e01a54\MMCEx.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        6340096              c:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\085ec54d0a1e305de561b55836c5ec91\MIGUIControls.ni.dll
+ 2012-05-18 17:37 . 2012-05-18 17:37        1711616              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\3c92d4b3ec56936eab8e17ed81940c10\Microsoft.VisualBasic.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        1093120              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\e606f5aa1e01220753f6a032c07b43a7\Microsoft.Transactions.Bridge.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        1704448              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\d5d216b357e42d79f4f2e942200a2261\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        3722752              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\d2a8cd6eba3bd57c1c5b2974b0342f93\Microsoft.PowerShell.Editor.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        1609728              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\cf2a0189e9d197bee8411e3711f76782\Microsoft.PowerShell.Commands.Utility.ni.dll
+ 2012-05-18 13:52 . 2012-05-18 13:52        3722752              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\9e74526a69e08ce0d02188a8bb43e3c8\Microsoft.PowerShell.Editor.ni.dll
+ 2012-05-18 13:52 . 2012-05-18 13:52        1704448              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\1772065664dbdc906b1434d8b0e776d5\Microsoft.PowerShell.GPowerShell.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        5486080              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\516a383324800a15493cfe6412cbb71d\Microsoft.MediaCenter.UI.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        2332160              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\47b205f629edc7e1065e1bd6c3d50834\Microsoft.JScript.ni.dll
+ 2012-05-18 17:33 . 2012-05-18 17:33        1356288              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\c6fa5ed85e03c8437847bf51eefda7bb\Microsoft.Ink.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        1966080              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\fcf4a03940394213dfc5ccc00fc7dd83\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-05-18 17:36 . 2012-05-18 17:36        1620992              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\26e5108aa22d39b2054c544eca7f7023\Microsoft.Build.Tasks.ni.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        1888768              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\452da9a588cd455890d8762dcae073af\Microsoft.Build.Engine.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        1732608              c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\b7bef07ca1e5abb7a55dbbbc318903fe\ehRecObj.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        2130432              c:\windows\assembly\NativeImages_v2.0.50727_32\ehepg\00d9844d50e9752452263da331a3fd8c\ehepg.ni.dll
- 2010-06-23 10:06 . 2010-04-05 12:19        1249280              c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2012-05-11 09:05 . 2012-02-13 11:02        1249280              c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2012-02-15 17:18 . 2011-11-01 11:23        3186688              c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-05-11 09:07 . 2012-01-03 10:58        3186688              c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-06-28 12:58 . 2011-03-29 10:53        5025792              c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-05-11 09:07 . 2012-01-03 10:58        5025792              c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-05-11 09:05 . 2012-02-13 11:02        5283840              c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2012-05-11 09:05 . 2012-02-13 11:02        1736984              c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
- 2010-06-23 10:06 . 2010-04-05 12:19        4214784              c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2012-05-11 09:05 . 2012-02-13 11:02        4214784              c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2011-10-12 18:23 . 2011-07-08 11:53        4550656              c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-05-11 09:07 . 2012-01-03 10:57        4550656              c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2006-11-02 10:24 . 2012-05-18 14:03        55656824              c:\windows\System32\mrt.exe
+ 2012-05-18 13:47 . 2012-05-18 13:47        20343808              c:\windows\Installer\687acc.msp
+ 2012-05-18 17:20 . 2012-05-18 17:20        12430848              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll
+ 2012-05-18 17:34 . 2012-05-18 17:34        11820032              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        17404416              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1dac5ff29f483e19c77b23b00ba533f9\System.ServiceModel.ni.dll
+ 2012-05-18 17:20 . 2012-05-18 17:20        10683392              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\b03386569c9ce7b2079f3fb3aaf370e6\System.Design.ni.dll
+ 2012-05-18 17:19 . 2012-05-18 17:19        14329856              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c466fbf8e50c7c11b2fa994707124290\PresentationFramework.ni.dll
+ 2012-05-18 13:49 . 2012-05-18 13:49        14328832              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\947a2f5a83624cc61512e2a8be8d7f4a\PresentationFramework.ni.dll
+ 2012-05-18 17:19 . 2012-05-18 17:19        12219392              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\b4ade6954a61a7626858c123dc951ba6\PresentationCore.ni.dll
+ 2012-05-18 13:48 . 2012-05-18 13:48        12216832              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\47de04e504b5adeba3b6855231eff282\PresentationCore.ni.dll
+ 2012-05-18 17:18 . 2012-05-18 17:18        11492352              c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
+ 2012-05-18 17:35 . 2012-05-18 17:35        11588096              c:\windows\assembly\NativeImages_v2.0.50727_32\ehshell\620e624cf59935af07591fba2bf80e70\ehshell.ni.dll
+ 2009-06-03 21:18 . 2012-07-11 08:39        359534175              c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
.
-- Snapshot auf jetziges Datum zurückgesetzt --
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-01-04 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-01-04 18:20        1514152        ----a-w-        c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2012-01-04 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATSwpNav"="c:\program files\Fingerprint Sensor\ATSwpNav -run" [X]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704]
"mHotkey"="mHotkey.exe" [2006-06-19 559104]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-20 228088]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-08-25 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-08-25 81920]
"GrooveMonitor"="c:\program files\Microsoft Office 2007\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2012-01-04 1391272]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-09 348624]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WNA1100 Setup-Assistent.lnk - c:\program files\NETGEAR\WNA1100\WNA1100.exe [2012-4-12 4545024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"BindDirectlyToPropertySetStorage"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux8"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59        937920        ----a-r-        c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-07 22:58        37296        ----a-w-        c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-04-12 22:46        1135912        ----a-w-        c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44        31072        ----a-w-        c:\program files\Microsoft Office 2007\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
2006-11-14 13:47        50736        ----a-w-        c:\program files\Common Files\aol\1168853550\ee\aolsoftware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-12-10 19:52        49152        ----a-w-        c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-10-09 16:06        421736        ----a-w-        c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
2012-04-04 13:56        981680        ----a-w-        c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OmniPass]
2006-12-20 15:32        2519040        ----a-w-        c:\program files\Softex\OmniPass\scureapp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38        421888        ----a-w-        c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2006-11-10 11:35        90112        ----a-w-        c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2010-01-13 22:44        37888        ----a-w-        c:\program files\winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12        REG_MULTI_SZ          Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt        REG_MULTI_SZ          hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation        REG_MULTI_SZ          FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-26 c:\windows\Tasks\Erweiterte Garantie.job
- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-01-15 16:38]
.
2012-07-26 c:\windows\Tasks\Recovery DVD Creator.job
- c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2007-01-15 16:34]
.
2012-07-26 c:\windows\Tasks\User_Feed_Synchronization-{E71D1D21-BEDF-41DD-9481-F025251F282C}.job
- c:\windows\system32\msfeedssync.exe [2012-02-08 11:36]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/ig?hl=de
mStart Page = about:blank
mWindow Title = Microsoft Internet Explorer
uInternet Settings,ProxyOverride = <local>;*.local
IE: Free YouTube Download - c:\users\Versuch\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Versuch\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Versuch\AppData\Roaming\Mozilla\Firefox\Profiles\iqnh3kfq.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-07-26 17:23
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2978858628-215539607-716368754-1003\Software\SecuROM\License information*]
"datasecu"=hex:b0,6a,1b,a3,df,24,54,68,dd,34,fd,3e,4e,e5,41,e9,96,bf,be,1f,dd,
  cd,0d,ac,d7,48,20,6d,08,92,3f,84,47,f2,d1,8a,90,57,a4,91,dd,95,3e,90,d3,07,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
Zeit der Fertigstellung: 2012-07-26  17:32:54
ComboFix-quarantined-files.txt  2012-07-26 15:32
ComboFix2.txt  2012-05-07 13:56
ComboFix3.txt  2010-08-14 09:57
.
Vor Suchlauf: 17 Verzeichnis(se), 91.948.859.392 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 97.754.877.952 Bytes frei
.
- - End Of File - - FB3C27BC0A6DCDB4C1DBA97D01C76A0E
da ist das ding ;)

markusg 26.07.2012 19:03
hi
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

pe__ka 27.07.2012 13:37
Code:
14:32:34.0291 7104        TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
14:32:34.0490 7104        ============================================================
14:32:34.0490 7104        Current date / time: 2012/07/27 14:32:34.0490
14:32:34.0490 7104        SystemInfo:
14:32:34.0490 7104       
14:32:34.0490 7104        OS Version: 6.0.6002 ServicePack: 2.0
14:32:34.0490 7104        Product type: Workstation
14:32:34.0490 7104        ComputerName: PATRICKUNDDÉ-PC
14:32:34.0491 7104        UserName: Versuch
14:32:34.0491 7104        Windows directory: C:\Windows
14:32:34.0491 7104        System windows directory: C:\Windows
14:32:34.0491 7104        Processor architecture: Intel x86
14:32:34.0491 7104        Number of processors: 2
14:32:34.0491 7104        Page size: 0x1000
14:32:34.0491 7104        Boot type: Normal boot
14:32:34.0491 7104        ============================================================
14:32:36.0279 7104        Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:32:36.0500 7104        ============================================================
14:32:36.0500 7104        \Device\Harddisk0\DR0:
14:32:36.0513 7104        MBR partitions:
14:32:36.0513 7104        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x10029D5, BlocksNum 0x2442B8DB
14:32:36.0513 7104        ============================================================
14:32:36.0704 7104        C: <-> \Device\Harddisk0\DR0\Partition0
14:32:36.0722 7104        ============================================================
14:32:36.0722 7104        Initialize success
14:32:36.0722 7104        ============================================================
14:33:04.0838 7656        ============================================================
14:33:04.0838 7656        Scan started
14:33:04.0838 7656        Mode: Manual; SigCheck; TDLFS;
14:33:04.0838 7656        ============================================================
14:33:05.0725 7656        61883          (585e64bb6dfbc0a2f1f0b554ded012df) C:\Windows\system32\DRIVERS\61883.sys
14:33:06.0178 7656        61883 - ok
14:33:06.0257 7656        acedrv11        (27f954120babb8a00f8745d8f5bc9b82) C:\Windows\system32\drivers\acedrv11.sys
14:33:06.0372 7656        acedrv11 - ok
14:33:06.0433 7656        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
14:33:06.0463 7656        ACPI - ok
14:33:06.0540 7656        adp94xx        (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
14:33:06.0618 7656        adp94xx - ok
14:33:06.0647 7656        adpahci        (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
14:33:06.0696 7656        adpahci - ok
14:33:06.0712 7656        adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
14:33:06.0755 7656        adpu160m - ok
14:33:06.0777 7656        adpu320        (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
14:33:06.0815 7656        adpu320 - ok
14:33:06.0877 7656        AeLookupSvc    (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
14:33:07.0065 7656        AeLookupSvc - ok
14:33:07.0144 7656        AFD            (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
14:33:07.0270 7656        AFD - ok
14:33:07.0363 7656        agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
14:33:07.0394 7656        agp440 - ok
14:33:07.0447 7656        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
14:33:07.0477 7656        aic78xx - ok
14:33:07.0503 7656        ALG            (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
14:33:07.0564 7656        ALG - ok
14:33:07.0592 7656        aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
14:33:07.0636 7656        aliide - ok
14:33:07.0681 7656        amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
14:33:07.0714 7656        amdagp - ok
14:33:07.0738 7656        amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
14:33:07.0764 7656        amdide - ok
14:33:07.0806 7656        AmdK7          (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
14:33:07.0989 7656        AmdK7 - ok
14:33:08.0009 7656        AmdK8          (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
14:33:08.0106 7656        AmdK8 - ok
14:33:08.0189 7656        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files\Avira\AntiVir Desktop\sched.exe
14:33:08.0247 7656        AntiVirSchedulerService - ok
14:33:08.0270 7656        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
14:33:08.0290 7656        AntiVirService - ok
14:33:08.0324 7656        AntiVirWebService (676894fa57b671fec5c3f05f8929e03b) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
14:33:08.0408 7656        AntiVirWebService - ok
14:33:08.0489 7656        Appinfo        (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
14:33:08.0557 7656        Appinfo - ok
14:33:08.0664 7656        Apple Mobile Device (d8e18021f91ad79ca8491cb5a5da22d4) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:33:08.0693 7656        Apple Mobile Device - ok
14:33:08.0751 7656        arc            (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
14:33:08.0790 7656        arc - ok
14:33:08.0850 7656        arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
14:33:08.0883 7656        arcsas - ok
14:33:09.0108 7656        aspnet_state    (40c145f12ff461a0220303bda134f598) C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:33:09.0220 7656        aspnet_state - ok
14:33:09.0267 7656        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
14:33:09.0342 7656        AsyncMac - ok
14:33:09.0383 7656        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
14:33:09.0396 7656        atapi - ok
14:33:09.0510 7656        athur          (f1fc2fd87ff77f63cd7f8bf95940b40c) C:\Windows\system32\DRIVERS\athur.sys
14:33:09.0725 7656        athur - ok
14:33:09.0860 7656        Ati External Event Utility (33ae5829bc9e8a71a493895b2ff7032c) C:\Windows\system32\Ati2evxx.exe
14:33:09.0969 7656        Ati External Event Utility - ok
14:33:10.0199 7656        atikmdag        (05853dc3d0549b6a0f2111840ba2ca26) C:\Windows\system32\DRIVERS\atikmdag.sys
14:33:10.0513 7656        atikmdag - ok
14:33:10.0660 7656        ATSWPDRV        (3ee6c0dc85872ad65447aa9b8dfeff30) C:\Windows\system32\DRIVERS\ATSwpDrv.sys
14:33:10.0696 7656        ATSWPDRV - ok
14:33:10.0767 7656        AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
14:33:10.0858 7656        AudioEndpointBuilder - ok
14:33:10.0867 7656        Audiosrv        (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
14:33:10.0896 7656        Audiosrv - ok
14:33:10.0924 7656        Avc            (f4b56425a00beb32f5fa6603ff7b0ea2) C:\Windows\system32\DRIVERS\avc.sys
14:33:10.0984 7656        Avc - ok
14:33:11.0014 7656        avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\Windows\system32\DRIVERS\avgntflt.sys
14:33:11.0053 7656        avgntflt - ok
14:33:11.0098 7656        avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\Windows\system32\DRIVERS\avipbb.sys
14:33:11.0141 7656        avipbb - ok
14:33:11.0165 7656        avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
14:33:11.0193 7656        avkmgr - ok
14:33:11.0288 7656        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
14:33:11.0328 7656        Beep - ok
14:33:11.0404 7656        BFE            (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
14:33:11.0508 7656        BFE - ok
14:33:11.0585 7656        BITS            (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
14:33:11.0698 7656        BITS - ok
14:33:11.0703 7656        blbdrive - ok
14:33:11.0825 7656        Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
14:33:11.0857 7656        Bonjour Service - ok
14:33:11.0892 7656        bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
14:33:11.0978 7656        bowser - ok
14:33:12.0024 7656        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
14:33:12.0085 7656        BrFiltLo - ok
14:33:12.0106 7656        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
14:33:12.0172 7656        BrFiltUp - ok
14:33:12.0202 7656        Browser        (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
14:33:12.0268 7656        Browser - ok
14:33:12.0321 7656        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
14:33:12.0399 7656        Brserid - ok
14:33:12.0424 7656        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
14:33:12.0509 7656        BrSerWdm - ok
14:33:12.0541 7656        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
14:33:12.0630 7656        BrUsbMdm - ok
14:33:12.0659 7656        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
14:33:12.0732 7656        BrUsbSer - ok
14:33:12.0782 7656        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
14:33:12.0874 7656        BTHMODEM - ok
14:33:13.0057 7656        catchme - ok
14:33:13.0114 7656        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
14:33:13.0188 7656        cdfs - ok
14:33:13.0257 7656        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
14:33:13.0332 7656        cdrom - ok
14:33:13.0431 7656        CertPropSvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
14:33:13.0495 7656        CertPropSvc - ok
14:33:13.0531 7656        circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
14:33:13.0611 7656        circlass - ok
14:33:13.0650 7656        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
14:33:13.0702 7656        CLFS - ok
14:33:13.0775 7656        clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:33:13.0807 7656        clr_optimization_v2.0.50727_32 - ok
14:33:13.0883 7656        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:33:13.0910 7656        clr_optimization_v4.0.30319_32 - ok
14:33:13.0923 7656        cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
14:33:13.0954 7656        cmdide - ok
14:33:13.0973 7656        Compbatt        (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
14:33:14.0002 7656        Compbatt - ok
14:33:14.0008 7656        COMSysApp - ok
14:33:14.0030 7656        crcdisk        (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
14:33:14.0062 7656        crcdisk - ok
14:33:14.0083 7656        Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
14:33:14.0171 7656        Crusoe - ok
14:33:14.0251 7656        CryptSvc        (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
14:33:14.0293 7656        CryptSvc - ok
14:33:14.0408 7656        DBService      (48297bf3339bc56dd7d7524d7a1740aa) C:\Program Files\Common Files\DATA BECKER Shared\DBService.exe
14:33:14.0466 7656        DBService ( UnsignedFile.Multi.Generic ) - warning
14:33:14.0466 7656        DBService - detected UnsignedFile.Multi.Generic (1)
14:33:14.0533 7656        DcomLaunch      (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
14:33:14.0657 7656        DcomLaunch - ok
14:33:14.0697 7656        DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
14:33:14.0778 7656        DfsC - ok
14:33:14.0924 7656        DFSR            (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
14:33:15.0225 7656        DFSR - ok
14:33:15.0382 7656        Dhcp            (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
14:33:15.0461 7656        Dhcp - ok
14:33:15.0563 7656        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
14:33:15.0600 7656        disk - ok
14:33:15.0648 7656        Dnscache        (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
14:33:15.0732 7656        Dnscache - ok
14:33:15.0777 7656        dot3svc        (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
14:33:15.0856 7656        dot3svc - ok
14:33:15.0911 7656        Dot4            (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
14:33:15.0984 7656        Dot4 - ok
14:33:16.0015 7656        Dot4Print      (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:33:16.0075 7656        Dot4Print - ok
14:33:16.0099 7656        dot4usb        (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
14:33:16.0146 7656        dot4usb - ok
14:33:16.0203 7656        DPS            (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
14:33:16.0253 7656        DPS - ok
14:33:16.0285 7656        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
14:33:16.0333 7656        drmkaud - ok
14:33:16.0392 7656        DXGKrnl        (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
14:33:16.0471 7656        DXGKrnl - ok
14:33:16.0541 7656        E1G60          (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
14:33:16.0652 7656        E1G60 - ok
14:33:16.0722 7656        EapHost        (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
14:33:16.0780 7656        EapHost - ok
14:33:16.0843 7656        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
14:33:16.0874 7656        Ecache - ok
14:33:16.0938 7656        ehRecvr        (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
14:33:17.0057 7656        ehRecvr - ok
14:33:17.0082 7656        ehSched        (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
14:33:17.0189 7656        ehSched - ok
14:33:17.0206 7656        ehstart        (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
14:33:17.0240 7656        ehstart - ok
14:33:17.0292 7656        elxstor        (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
14:33:17.0336 7656        elxstor - ok
14:33:17.0403 7656        EMDMgmt        (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
14:33:17.0591 7656        EMDMgmt - ok
14:33:17.0681 7656        EventSystem    (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
14:33:17.0762 7656        EventSystem - ok
14:33:17.0864 7656        exfat          (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
14:33:17.0976 7656        exfat - ok
14:33:18.0036 7656        fastfat        (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
14:33:18.0089 7656        fastfat - ok
14:33:18.0137 7656        fdc            (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
14:33:18.0219 7656        fdc - ok
14:33:18.0259 7656        fdPHost        (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
14:33:18.0293 7656        fdPHost - ok
14:33:18.0321 7656        FDResPub        (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
14:33:18.0408 7656        FDResPub - ok
14:33:18.0459 7656        FETND6V        (403bedad0226653ba8d05aefc3f04a0c) C:\Windows\system32\DRIVERS\fetnd6v.sys
14:33:18.0512 7656        FETND6V - ok
14:33:18.0541 7656        FETNDIS        (b2b2c38e916184ff8523c7439ddd417f) C:\Windows\system32\DRIVERS\fetnd5.sys
14:33:18.0615 7656        FETNDIS - ok
14:33:18.0657 7656        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
14:33:18.0702 7656        FileInfo - ok
14:33:18.0728 7656        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
14:33:18.0781 7656        Filetrace - ok
14:33:18.0817 7656        FLMCKUSB        (7b854c3d489f38b5a031a5330d356ac3) C:\Windows\system32\drivers\flmckusb.sys
14:33:18.0881 7656        FLMCKUSB - ok
14:33:18.0911 7656        flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
14:33:18.0973 7656        flpydisk - ok
14:33:19.0017 7656        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
14:33:19.0070 7656        FltMgr - ok
14:33:19.0173 7656        FontCache      (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
14:33:19.0277 7656        FontCache - ok
14:33:19.0452 7656        FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:33:19.0553 7656        FontCache3.0.0.0 - ok
14:33:19.0582 7656        Fs_Rec          (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
14:33:19.0660 7656        Fs_Rec - ok
14:33:19.0687 7656        gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
14:33:19.0716 7656        gagp30kx - ok
14:33:19.0787 7656        GEARAspiWDM    (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
14:33:19.0810 7656        GEARAspiWDM - ok
14:33:19.0886 7656        gpsvc          (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
14:33:19.0977 7656        gpsvc - ok
14:33:20.0050 7656        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:33:20.0129 7656        HDAudBus - ok
14:33:20.0186 7656        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
14:33:20.0253 7656        HidBth - ok
14:33:20.0289 7656        HidIr          (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
14:33:20.0371 7656        HidIr - ok
14:33:20.0404 7656        hidserv        (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
14:33:20.0466 7656        hidserv - ok
14:33:20.0506 7656        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
14:33:20.0538 7656        HidUsb - ok
14:33:20.0564 7656        hkmsvc          (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
14:33:20.0634 7656        hkmsvc - ok
14:33:20.0678 7656        HpCISSs        (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
14:33:20.0706 7656        HpCISSs - ok
14:33:20.0817 7656        hpqcxs08        (e4e285a3766b4a57401feeaf66cb07b5) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:33:20.0850 7656        hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
14:33:20.0850 7656        hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
14:33:20.0888 7656        hpqddsvc        (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
14:33:20.0900 7656        hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
14:33:20.0900 7656        hpqddsvc - detected UnsignedFile.Multi.Generic (1)
14:33:20.0941 7656        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
14:33:21.0075 7656        HTTP - ok
14:33:21.0120 7656        i2omp          (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
14:33:21.0152 7656        i2omp - ok
14:33:21.0230 7656        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
14:33:21.0292 7656        i8042prt - ok
14:33:21.0322 7656        iaStorV        (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
14:33:21.0370 7656        iaStorV - ok
14:33:21.0509 7656        IDriverT        (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:33:21.0551 7656        IDriverT ( UnsignedFile.Multi.Generic ) - warning
14:33:21.0551 7656        IDriverT - detected UnsignedFile.Multi.Generic (1)
14:33:21.0700 7656        idsvc          (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:33:21.0889 7656        idsvc - ok
14:33:22.0010 7656        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
14:33:22.0038 7656        iirsp - ok
14:33:22.0139 7656        IKEEXT          (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
14:33:22.0253 7656        IKEEXT - ok
14:33:22.0361 7656        IntcAzAudAddService (a47b2875680ad67b35c6150bd0203056) C:\Windows\system32\drivers\RTKVHDA.sys
14:33:22.0683 7656        IntcAzAudAddService - ok
14:33:22.0811 7656        intelide        (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
14:33:22.0840 7656        intelide - ok
14:33:22.0910 7656        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
14:33:22.0951 7656        intelppm - ok
14:33:22.0987 7656        IPBusEnum      (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
14:33:23.0039 7656        IPBusEnum - ok
14:33:23.0075 7656        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:33:23.0126 7656        IpFilterDriver - ok
14:33:23.0176 7656        iphlpsvc        (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
14:33:23.0266 7656        iphlpsvc - ok
14:33:23.0271 7656        IpInIp - ok
14:33:23.0304 7656        IPMIDRV        (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
14:33:23.0374 7656        IPMIDRV - ok
14:33:23.0408 7656        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
14:33:23.0485 7656        IPNAT - ok
14:33:23.0582 7656        iPod Service    (33642c17c232aa272c68e446a2619899) C:\Program Files\iPod\bin\iPodService.exe
14:33:23.0717 7656        iPod Service - ok
14:33:23.0773 7656        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
14:33:23.0834 7656        IRENUM - ok
14:33:23.0870 7656        isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
14:33:23.0896 7656        isapnp - ok
14:33:23.0948 7656        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
14:33:23.0978 7656        iScsiPrt - ok
14:33:23.0992 7656        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
14:33:24.0021 7656        iteatapi - ok
14:33:24.0061 7656        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
14:33:24.0090 7656        iteraid - ok
14:33:24.0185 7656        jswpsapi        (cf9ba304b8047b9582d72d9bfef42eae) C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe
14:33:24.0314 7656        jswpsapi - ok
14:33:24.0381 7656        jswpslwf        (55c9b4252b751226b838eed2bc50bb64) C:\Windows\system32\DRIVERS\jswpslwf.sys
14:33:24.0459 7656        jswpslwf - ok
14:33:24.0516 7656        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
14:33:24.0593 7656        kbdclass - ok
14:33:24.0663 7656        kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
14:33:24.0701 7656        kbdhid - ok
14:33:24.0731 7656        KeyIso          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
14:33:24.0799 7656        KeyIso - ok
14:33:24.0852 7656        KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
14:33:24.0938 7656        KSecDD - ok
14:33:25.0011 7656        KtmRm          (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
14:33:25.0097 7656        KtmRm - ok
14:33:25.0166 7656        LanmanServer    (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
14:33:25.0261 7656        LanmanServer - ok
14:33:25.0327 7656        LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
14:33:25.0433 7656        LanmanWorkstation - ok
14:33:25.0464 7656        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
14:33:25.0524 7656        lltdio - ok
14:33:25.0575 7656        lltdsvc        (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
14:33:25.0654 7656        lltdsvc - ok
14:33:25.0685 7656        lmhosts        (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
14:33:25.0764 7656        lmhosts - ok
14:33:25.0804 7656        LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
14:33:25.0824 7656        LSI_FC - ok
14:33:25.0848 7656        LSI_SAS        (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
14:33:25.0868 7656        LSI_SAS - ok
14:33:25.0912 7656        LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
14:33:25.0943 7656        LSI_SCSI - ok
14:33:25.0966 7656        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
14:33:26.0029 7656        luafv - ok
14:33:26.0057 7656        Mcx2Svc        (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
14:33:26.0110 7656        Mcx2Svc - ok
14:33:26.0179 7656        megasas        (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
14:33:26.0208 7656        megasas - ok
14:33:26.0310 7656        Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files\Microsoft Office 2007\Office12\GrooveAuditService.exe
14:33:26.0332 7656        Microsoft Office Groove Audit Service - ok
14:33:26.0355 7656        MMCSS          (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
14:33:26.0422 7656        MMCSS - ok
14:33:26.0463 7656        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
14:33:26.0528 7656        Modem - ok
14:33:26.0572 7656        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
14:33:26.0599 7656        monitor - ok
14:33:26.0626 7656        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
14:33:26.0646 7656        mouclass - ok
14:33:26.0677 7656        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
14:33:26.0708 7656        mouhid - ok
14:33:26.0731 7656        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
14:33:26.0769 7656        MountMgr - ok
14:33:26.0816 7656        MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:33:26.0852 7656        MozillaMaintenance - ok
14:33:26.0879 7656        mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
14:33:26.0924 7656        mpio - ok
14:33:26.0950 7656        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
14:33:27.0006 7656        mpsdrv - ok
14:33:27.0055 7656        MpsSvc          (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
14:33:27.0152 7656        MpsSvc - ok
14:33:27.0191 7656        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
14:33:27.0226 7656        Mraid35x - ok
14:33:27.0267 7656        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
14:33:27.0319 7656        MRxDAV - ok
14:33:27.0353 7656        mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:33:27.0405 7656        mrxsmb - ok
14:33:27.0441 7656        mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:33:27.0515 7656        mrxsmb10 - ok
14:33:27.0552 7656        mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:33:27.0607 7656        mrxsmb20 - ok
14:33:27.0633 7656        msahci          (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
14:33:27.0667 7656        msahci - ok
14:33:27.0698 7656        msdsm          (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
14:33:27.0728 7656        msdsm - ok
14:33:27.0758 7656        MSDTC          (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
14:33:27.0830 7656        MSDTC - ok
14:33:27.0905 7656        MSDV            (343291a4dfd7c923c3f71f550830ec1c) C:\Windows\system32\DRIVERS\msdv.sys
14:33:27.0940 7656        MSDV - ok
14:33:27.0969 7656        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
14:33:28.0035 7656        Msfs - ok
14:33:28.0082 7656        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
14:33:28.0118 7656        msisadrv - ok
14:33:28.0162 7656        MSiSCSI        (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
14:33:28.0242 7656        MSiSCSI - ok
14:33:28.0249 7656        MSIServer - ok
14:33:28.0310 7656        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
14:33:28.0356 7656        MSKSSRV - ok
14:33:28.0380 7656        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
14:33:28.0435 7656        MSPCLOCK - ok
14:33:28.0465 7656        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
14:33:28.0532 7656        MSPQM - ok
14:33:28.0569 7656        MsRPC          (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
14:33:28.0620 7656        MsRPC - ok
14:33:28.0652 7656        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
14:33:28.0668 7656        mssmbios - ok
14:33:28.0694 7656        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
14:33:28.0756 7656        MSTEE - ok
14:33:28.0802 7656        Mup            (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
14:33:28.0836 7656        Mup - ok
14:33:28.0891 7656        napagent        (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
14:33:28.0951 7656        napagent - ok
14:33:28.0993 7656        NativeWifiP    (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
14:33:29.0057 7656        NativeWifiP - ok
14:33:29.0125 7656        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
14:33:29.0165 7656        NDIS - ok
14:33:29.0199 7656        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
14:33:29.0256 7656        NdisTapi - ok
14:33:29.0291 7656        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
14:33:29.0327 7656        Ndisuio - ok
14:33:29.0376 7656        NdisWan        (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:33:29.0428 7656        NdisWan - ok
14:33:29.0461 7656        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
14:33:29.0523 7656        NDProxy - ok
14:33:29.0582 7656        Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll
14:33:29.0613 7656        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:33:29.0613 7656        Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:33:29.0673 7656        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
14:33:29.0824 7656        NetBIOS - ok
14:33:29.0883 7656        netbt          (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
14:33:29.0976 7656        netbt - ok
14:33:30.0004 7656        Netlogon        (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
14:33:30.0020 7656        Netlogon - ok
14:33:30.0090 7656        Netman          (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
14:33:30.0194 7656        Netman - ok
14:33:30.0243 7656        netprofm        (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
14:33:30.0302 7656        netprofm - ok
14:33:30.0394 7656        NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:33:30.0424 7656        NetTcpPortSharing - ok
14:33:30.0464 7656        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
14:33:30.0485 7656        nfrd960 - ok
14:33:30.0527 7656        NlaSvc          (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
14:33:30.0584 7656        NlaSvc - ok
14:33:30.0620 7656        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
14:33:30.0701 7656        Npfs - ok
14:33:30.0743 7656        nsi            (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
14:33:30.0798 7656        nsi - ok
14:33:30.0826 7656        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
14:33:30.0861 7656        nsiproxy - ok
14:33:30.0952 7656        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
14:33:31.0130 7656        Ntfs - ok
14:33:31.0168 7656        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
14:33:31.0259 7656        ntrigdigi - ok
14:33:31.0292 7656        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
14:33:31.0350 7656        Null - ok
14:33:31.0389 7656        nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
14:33:31.0416 7656        nvraid - ok
14:33:31.0435 7656        nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
14:33:31.0469 7656        nvstor - ok
14:33:31.0493 7656        nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
14:33:31.0520 7656        nv_agp - ok
14:33:31.0527 7656        NwlnkFlt - ok
14:33:31.0537 7656        NwlnkFwd - ok
14:33:31.0627 7656        odserv          (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:33:31.0701 7656        odserv - ok
14:33:31.0754 7656        ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
14:33:31.0796 7656        ohci1394 - ok
14:33:31.0836 7656        omniserv        (b26c72b847054fd053d060818ab3278f) C:\Program Files\Softex\OmniPass\OmniServ.exe
14:33:31.0871 7656        omniserv ( UnsignedFile.Multi.Generic ) - warning
14:33:31.0871 7656        omniserv - detected UnsignedFile.Multi.Generic (1)
14:33:31.0933 7656        ose            (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:33:31.0972 7656        ose - ok
14:33:32.0047 7656        ovt519          (4cdadec3dc1300ee1d313ea5494e6472) C:\Windows\system32\Drivers\ov519vid.sys
14:33:32.0109 7656        ovt519 ( UnsignedFile.Multi.Generic ) - warning
14:33:32.0109 7656        ovt519 - detected UnsignedFile.Multi.Generic (1)
14:33:32.0200 7656        p2pimsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
14:33:32.0378 7656        p2pimsvc - ok
14:33:32.0393 7656        p2psvc          (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
14:33:32.0470 7656        p2psvc - ok
14:33:32.0496 7656        Parport        (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
14:33:32.0574 7656        Parport - ok
14:33:32.0598 7656        partmgr        (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
14:33:32.0633 7656        partmgr - ok
14:33:32.0653 7656        Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
14:33:32.0740 7656        Parvdm - ok
14:33:32.0809 7656        PcaSvc          (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
14:33:32.0894 7656        PcaSvc - ok
14:33:32.0942 7656        pci            (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
14:33:32.0984 7656        pci - ok
14:33:33.0007 7656        pciide          (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
14:33:33.0051 7656        pciide - ok
14:33:33.0080 7656        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
14:33:33.0137 7656        pcmcia - ok
14:33:33.0222 7656        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
14:33:33.0426 7656        PEAUTH - ok
14:33:33.0543 7656        pla            (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
14:33:33.0765 7656        pla - ok
14:33:33.0894 7656        PlugPlay        (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
14:33:33.0985 7656        PlugPlay - ok
14:33:34.0037 7656        Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll
14:33:34.0071 7656        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:33:34.0071 7656        Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:33:34.0136 7656        PNRPAutoReg    (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
14:33:34.0236 7656        PNRPAutoReg - ok
14:33:34.0251 7656        PNRPsvc        (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
14:33:34.0318 7656        PNRPsvc - ok
14:33:34.0377 7656        PolicyAgent    (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
14:33:34.0498 7656        PolicyAgent - ok
14:33:34.0574 7656        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
14:33:34.0626 7656        PptpMiniport - ok
14:33:34.0661 7656        Processor      (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
14:33:34.0735 7656        Processor - ok
14:33:34.0779 7656        ProfSvc        (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
14:33:34.0833 7656        ProfSvc - ok
14:33:34.0901 7656        ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
14:33:34.0944 7656        ProtectedStorage - ok
14:33:35.0009 7656        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
14:33:35.0057 7656        PSched - ok
14:33:35.0088 7656        PxHelp20        (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
14:33:35.0136 7656        PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
14:33:35.0136 7656        PxHelp20 - detected UnsignedFile.Multi.Generic (1)
14:33:35.0224 7656        ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
14:33:35.0403 7656        ql2300 - ok
14:33:35.0429 7656        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
14:33:35.0457 7656        ql40xx - ok
14:33:35.0517 7656        QWAVE          (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
14:33:35.0596 7656        QWAVE - ok
14:33:35.0622 7656        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
14:33:35.0658 7656        QWAVEdrv - ok
14:33:35.0815 7656        R300            (05853dc3d0549b6a0f2111840ba2ca26) C:\Windows\system32\DRIVERS\atikmdag.sys
14:33:36.0004 7656        R300 - ok
14:33:36.0134 7656        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
14:33:36.0187 7656        RasAcd - ok
14:33:36.0213 7656        RasAuto        (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
14:33:36.0290 7656        RasAuto - ok
14:33:36.0328 7656        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:33:36.0397 7656        Rasl2tp - ok
14:33:36.0443 7656        RasMan          (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
14:33:36.0523 7656        RasMan - ok
14:33:36.0571 7656        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
14:33:36.0628 7656        RasPppoe - ok
14:33:36.0667 7656        RasSstp        (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
14:33:36.0704 7656        RasSstp - ok
14:33:36.0752 7656        rdbss          (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
14:33:36.0832 7656        rdbss - ok
14:33:36.0864 7656        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:33:36.0912 7656        RDPCDD - ok
14:33:36.0970 7656        rdpdr          (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
14:33:37.0066 7656        rdpdr - ok
14:33:37.0098 7656        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
14:33:37.0152 7656        RDPENCDD - ok
14:33:37.0194 7656        RDPWD          (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
14:33:37.0242 7656        RDPWD - ok
14:33:37.0302 7656        RemoteAccess    (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
14:33:37.0372 7656        RemoteAccess - ok
14:33:37.0408 7656        RemoteRegistry  (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
14:33:37.0477 7656        RemoteRegistry - ok
14:33:37.0599 7656        RoxMediaDB9    (9c19e4419a6acf8fff53f1dd1c305e9e) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
14:33:37.0685 7656        RoxMediaDB9 - ok
14:33:37.0727 7656        RoxWatch9      (9d95da35ec22511a1ceb38a8c3a0bc7e) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
14:33:37.0785 7656        RoxWatch9 - ok
14:33:37.0814 7656        RpcLocator      (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
14:33:37.0884 7656        RpcLocator - ok
14:33:37.0942 7656        RpcSs          (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
14:33:37.0982 7656        RpcSs - ok
14:33:38.0041 7656        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
14:33:38.0092 7656        rspndr - ok
14:33:38.0116 7656        SamSs          (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
14:33:38.0134 7656        SamSs - ok
14:33:38.0157 7656        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
14:33:38.0193 7656        sbp2port - ok
14:33:38.0255 7656        SCardSvr        (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
14:33:38.0299 7656        SCardSvr - ok
14:33:38.0352 7656        Schedule        (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
14:33:38.0455 7656        Schedule - ok
14:33:38.0477 7656        SCMNdisP        (3b68015683c27cb00c7a6b60a37cbcfd) C:\Windows\system32\DRIVERS\scmndisp.sys
14:33:38.0497 7656        SCMNdisP - ok
14:33:38.0554 7656        SCPolicySvc    (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
14:33:38.0580 7656        SCPolicySvc - ok
14:33:38.0609 7656        SDRSVC          (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
14:33:38.0775 7656        SDRSVC - ok
14:33:38.0801 7656        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:33:38.0888 7656        secdrv - ok
14:33:38.0930 7656        seclogon        (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
14:33:38.0988 7656        seclogon - ok
14:33:39.0019 7656        SENS            (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
14:33:39.0062 7656        SENS - ok
14:33:39.0084 7656        Serenum        (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
14:33:39.0154 7656        Serenum - ok
14:33:39.0181 7656        Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
14:33:39.0266 7656        Serial - ok
14:33:39.0315 7656        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
14:33:39.0350 7656        sermouse - ok
14:33:39.0407 7656        SessionEnv      (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
14:33:39.0483 7656        SessionEnv - ok
14:33:39.0517 7656        sffdisk        (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
14:33:39.0596 7656        sffdisk - ok
14:33:39.0626 7656        sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
14:33:39.0711 7656        sffp_mmc - ok
14:33:39.0732 7656        sffp_sd        (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
14:33:39.0812 7656        sffp_sd - ok
14:33:39.0847 7656        sfloppy        (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
14:33:39.0904 7656        sfloppy - ok
14:33:39.0930 7656        SharedAccess    (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
14:33:40.0113 7656        SharedAccess - ok
14:33:40.0152 7656        ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
14:33:40.0269 7656        ShellHWDetection - ok
14:33:40.0305 7656        sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
14:33:40.0357 7656        sisagp - ok
14:33:40.0409 7656        SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
14:33:40.0437 7656        SiSRaid2 - ok
14:33:40.0453 7656        SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
14:33:40.0477 7656        SiSRaid4 - ok
14:33:40.0656 7656        slsvc          (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
14:33:41.0233 7656        slsvc - ok
14:33:41.0365 7656        SLUINotify      (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
14:33:41.0426 7656        SLUINotify - ok
14:33:41.0495 7656        Smb            (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
14:33:41.0544 7656        Smb - ok
14:33:41.0591 7656        SNMPTRAP        (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
14:33:41.0624 7656        SNMPTRAP - ok
14:33:41.0674 7656        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
14:33:41.0704 7656        spldr - ok
14:33:41.0730 7656        Spooler        (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
14:33:41.0801 7656        Spooler - ok
14:33:41.0901 7656        sptd            (0c1dad75274cb6e31f053ce3e08bf9c3) C:\Windows\System32\Drivers\sptd.sys
14:33:42.0007 7656        sptd - ok
14:33:42.0049 7656        srv            (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
14:33:42.0158 7656        srv - ok
14:33:42.0193 7656        srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
14:33:42.0263 7656        srv2 - ok
14:33:42.0282 7656        srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
14:33:42.0323 7656        srvnet - ok
14:33:42.0352 7656        SSDPSRV        (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
14:33:42.0398 7656        SSDPSRV - ok
14:33:42.0437 7656        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
14:33:42.0482 7656        ssmdrv - ok
14:33:42.0548 7656        SstpSvc        (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
14:33:42.0631 7656        SstpSvc - ok
14:33:42.0678 7656        StillCam        (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
14:33:42.0744 7656        StillCam - ok
14:33:42.0808 7656        stisvc          (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
14:33:42.0878 7656        stisvc - ok
14:33:42.0943 7656        stllssvr        (51778fd315c9882f1cbd932743e62a72) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
14:33:43.0001 7656        stllssvr ( UnsignedFile.Multi.Generic ) - warning
14:33:43.0001 7656        stllssvr - detected UnsignedFile.Multi.Generic (1)
14:33:43.0038 7656        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
14:33:43.0059 7656        swenum - ok
14:33:43.0129 7656        swprv          (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
14:33:43.0198 7656        swprv - ok
14:33:43.0237 7656        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
14:33:43.0259 7656        Symc8xx - ok
14:33:43.0280 7656        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
14:33:43.0310 7656        Sym_hi - ok
14:33:43.0331 7656        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
14:33:43.0362 7656        Sym_u3 - ok
14:33:43.0426 7656        SysMain        (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
14:33:43.0551 7656        SysMain - ok
14:33:43.0588 7656        TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
14:33:43.0653 7656        TabletInputService - ok
14:33:43.0707 7656        TapiSrv        (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
14:33:43.0791 7656        TapiSrv - ok
14:33:43.0829 7656        TBS            (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
14:33:43.0862 7656        TBS - ok
14:33:43.0933 7656        Tcpip          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
14:33:44.0031 7656        Tcpip - ok
14:33:44.0050 7656        Tcpip6          (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
14:33:44.0094 7656        Tcpip6 - ok
14:33:44.0137 7656        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
14:33:44.0205 7656        tcpipreg - ok
14:33:44.0224 7656        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
14:33:44.0287 7656        TDPIPE - ok
14:33:44.0311 7656        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
14:33:44.0386 7656        TDTCP - ok
14:33:44.0423 7656        tdx            (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
14:33:44.0468 7656        tdx - ok
14:33:44.0505 7656        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
14:33:44.0545 7656        TermDD - ok
14:33:44.0608 7656        TermService    (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
14:33:44.0717 7656        TermService - ok
14:33:44.0765 7656        Themes          (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
14:33:44.0800 7656        Themes - ok
14:33:44.0829 7656        THREADORDER    (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
14:33:44.0862 7656        THREADORDER - ok
14:33:44.0895 7656        TrkWks          (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
14:33:44.0967 7656        TrkWks - ok
14:33:45.0041 7656        TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
14:33:45.0088 7656        TrustedInstaller - ok
14:33:45.0187 7656        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:33:45.0356 7656        tssecsrv - ok
14:33:45.0419 7656        tunmp          (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
14:33:45.0472 7656        tunmp - ok
14:33:45.0497 7656        tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
14:33:45.0564 7656        tunnel - ok
14:33:45.0624 7656        uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
14:33:45.0656 7656        uagp35 - ok
14:33:45.0705 7656        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
14:33:45.0763 7656        udfs - ok
14:33:45.0802 7656        UI0Detect      (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
14:33:45.0876 7656        UI0Detect - ok
14:33:45.0913 7656        uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
14:33:45.0946 7656        uliagpkx - ok
14:33:45.0977 7656        uliahci        (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
14:33:46.0026 7656        uliahci - ok
14:33:46.0050 7656        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
14:33:46.0088 7656        UlSata - ok
14:33:46.0117 7656        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
14:33:46.0151 7656        ulsata2 - ok
14:33:46.0180 7656        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
14:33:46.0217 7656        umbus - ok
14:33:46.0257 7656        upnphost        (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
14:33:46.0326 7656        upnphost - ok
14:33:46.0377 7656        USBAAPL        (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
14:33:46.0424 7656        USBAAPL - ok
14:33:46.0470 7656        usbaudio        (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
14:33:46.0541 7656        usbaudio - ok
14:33:46.0598 7656        usbccgp        (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
14:33:46.0671 7656        usbccgp - ok
14:33:46.0703 7656        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
14:33:46.0785 7656        usbcir - ok
14:33:46.0827 7656        usbehci        (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
14:33:46.0876 7656        usbehci - ok
14:33:46.0922 7656        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
14:33:46.0993 7656        usbhub - ok
14:33:47.0033 7656        usbohci        (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
14:33:47.0100 7656        usbohci - ok
14:33:47.0130 7656        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
14:33:47.0166 7656        usbprint - ok
14:33:47.0190 7656        usbscan        (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
14:33:47.0233 7656        usbscan - ok
14:33:47.0286 7656        USBSTOR        (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:33:47.0355 7656        USBSTOR - ok
14:33:47.0383 7656        usbuhci        (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
14:33:47.0442 7656        usbuhci - ok
14:33:47.0478 7656        UxSms          (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
14:33:47.0522 7656        UxSms - ok
14:33:47.0589 7656        vds            (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
14:33:47.0674 7656        vds - ok
14:33:47.0748 7656        vga            (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
14:33:47.0831 7656        vga - ok
14:33:47.0867 7656        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
14:33:47.0905 7656        VgaSave - ok
14:33:47.0935 7656        viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
14:33:47.0965 7656        viaagp - ok
14:33:47.0992 7656        ViaC7          (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
14:33:48.0079 7656        ViaC7 - ok
14:33:48.0122 7656        viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
14:33:48.0142 7656        viaide - ok
14:33:48.0156 7656        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
14:33:48.0193 7656        volmgr - ok
14:33:48.0251 7656        volmgrx        (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
14:33:48.0317 7656        volmgrx - ok
14:33:48.0384 7656        volsnap        (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
14:33:48.0431 7656        volsnap - ok
14:33:48.0458 7656        vsmraid        (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
14:33:48.0499 7656        vsmraid - ok
14:33:48.0586 7656        VSS            (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
14:33:48.0797 7656        VSS - ok
14:33:48.0856 7656        W32Time        (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
14:33:48.0927 7656        W32Time - ok
14:33:48.0989 7656        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
14:33:49.0074 7656        WacomPen - ok
14:33:49.0109 7656        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:33:49.0150 7656        Wanarp - ok
14:33:49.0154 7656        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
14:33:49.0179 7656        Wanarpv6 - ok
14:33:49.0214 7656        wanatw          (0a716c08cb13c3a8f4f51e882dbf7416) C:\Windows\system32\DRIVERS\wanatw4.sys
14:33:49.0260 7656        wanatw - ok
14:33:49.0320 7656        wcncsvc        (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
14:33:49.0383 7656        wcncsvc - ok
14:33:49.0418 7656        WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
14:33:49.0482 7656        WcsPlugInService - ok
14:33:49.0536 7656        Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
14:33:49.0566 7656        Wd - ok
14:33:49.0607 7656        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
14:33:49.0687 7656        Wdf01000 - ok
14:33:49.0723 7656        WdiServiceHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
14:33:49.0781 7656        WdiServiceHost - ok
14:33:49.0788 7656        WdiSystemHost  (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
14:33:49.0822 7656        WdiSystemHost - ok
14:33:49.0869 7656        WebClient      (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
14:33:49.0928 7656        WebClient - ok
14:33:49.0954 7656        Wecsvc          (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
14:33:50.0081 7656        Wecsvc - ok
14:33:50.0112 7656        wercplsupport  (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
14:33:50.0162 7656        wercplsupport - ok
14:33:50.0206 7656        WerSvc          (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
14:33:50.0295 7656        WerSvc - ok
14:33:50.0532 7656        WinDefend      (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
14:33:50.0587 7656        WinDefend - ok
14:33:50.0598 7656        WinHttpAutoProxySvc - ok
14:33:50.0698 7656        Winmgmt        (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
14:33:50.0741 7656        Winmgmt - ok
14:33:50.0817 7656        WinRM          (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
14:33:50.0983 7656        WinRM - ok
14:33:51.0051 7656        Wlansvc        (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
14:33:51.0186 7656        Wlansvc - ok
14:33:51.0263 7656        WmiAcpi        (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
14:33:51.0347 7656        WmiAcpi - ok
14:33:51.0436 7656        wmiApSrv        (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
14:33:51.0491 7656        wmiApSrv - ok
14:33:51.0620 7656        WMPNetworkSvc  (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
14:33:51.0763 7656        WMPNetworkSvc - ok
14:33:51.0813 7656        WPCSvc          (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
14:33:51.0932 7656        WPCSvc - ok
14:33:51.0959 7656        WPDBusEnum      (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
14:33:52.0013 7656        WPDBusEnum - ok
14:33:52.0095 7656        WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
14:33:52.0136 7656        WpdUsb - ok
14:33:52.0267 7656        WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:33:52.0381 7656        WPFFontCache_v0400 - ok
14:33:52.0423 7656        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
14:33:52.0458 7656        ws2ifsl - ok
14:33:52.0509 7656        wscsvc          (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
14:33:52.0548 7656        wscsvc - ok
14:33:52.0555 7656        WSearch - ok
14:33:52.0644 7656        WSWNA1100      (35a20217c4d06d1d36a3addfd8ce58c2) C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
14:33:52.0693 7656        WSWNA1100 ( UnsignedFile.Multi.Generic ) - warning
14:33:52.0693 7656        WSWNA1100 - detected UnsignedFile.Multi.Generic (1)
14:33:52.0796 7656        wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
14:33:53.0046 7656        wuauserv - ok
14:33:53.0211 7656        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:33:53.0262 7656        WUDFRd - ok
14:33:53.0300 7656        wudfsvc        (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
14:33:53.0392 7656        wudfsvc - ok
14:33:53.0433 7656        MBR (0x1B8)    (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
14:33:53.0630 7656        \Device\Harddisk0\DR0 - ok
14:33:53.0635 7656        Boot (0x1200)  (c8408a63f50033328f0c0b27932aed48) \Device\Harddisk0\DR0\Partition0
14:33:53.0639 7656        \Device\Harddisk0\DR0\Partition0 - ok
14:33:53.0640 7656        ============================================================
14:33:53.0640 7656        Scan finished
14:33:53.0640 7656        ============================================================
14:33:53.0661 7888        Detected object count: 11
14:33:53.0661 7888        Actual detected object count: 11
14:35:22.0262 7888        DBService ( UnsignedFile.Multi.Generic ) - skipped by user
14:35:22.0262 7888        DBService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:35:22.0268 7888        hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
14:35:22.0268 7888        hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:35:22.0268 7888        hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:35:22.0268 7888        hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:35:22.0271 7888        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
14:35:22.0272 7888        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:35:22.0275 7888        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:35:22.0277 7888        Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:35:22.0282 7888        omniserv ( UnsignedFile.Multi.Generic ) - skipped by user
14:35:22.0282 7888        omniserv ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:35:22.0285 7888        ovt519 ( UnsignedFile.Multi.Generic ) - skipped by user
14:35:22.0286 7888        ovt519 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:35:22.0291 7888        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:35:22.0291 7888        Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:35:22.0294 7888        PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
14:35:22.0295 7888        PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:35:22.0298 7888        stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user
14:35:22.0301 7888        stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:35:22.0303 7888        WSWNA1100 ( UnsignedFile.Multi.Generic ) - skipped by user
14:35:22.0303 7888        WSWNA1100 ( UnsignedFile.Multi.Generic ) - User select action: Skip
der report.
11 threats gefunden.

markusg 27.07.2012 18:56
sind alle io
lade den CCleaner standard:
CCleaner Download - CCleaner 3.21.1767
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

pe__ka 28.07.2012 16:16
hier die liste:

Code:
Adobe Flash Player 10 ActiveX        Adobe Systems Incorporated        20.08.2011                10.3.183.5                benötigt
Adobe Flash Player 11 Plugin        Adobe Systems Incorporated        03.10.2011                11.0.1.152                        benöt.
Adobe Reader 9.4.6 - Deutsch        Adobe Systems Incorporated        20.09.2011        169,2MB        9.4.6                        benöt.
ALUpdate        ESTsoft Corp.        09.01.2008        2,05MB                                                benöt
ALZip        ESTsoft Corp.        09.01.2008        11,8MB        7.0 beta1                                                benöt
Apple Application Support        Apple Inc.        01.02.2012        61,2MB        2.1.6                                unbek
Apple Mobile Device Support        Apple Inc.        26.10.2011        24,1MB        4.0.0.96                                unbek
Apple Software Update        Apple Inc.        26.10.2011        2,38MB        2.1.3.127                                benöt
ATI Catalyst Install Manager        ATI Technologies, Inc.        05.04.2010        13,7MB        3.0.708.0                        benöt
Avira Free Antivirus        Avira        08.05.2012        184,9MB        12.0.0.1125                                        benöt
Avira SearchFree Toolbar plus Web Protection        Ask.com        30.04.2012        4,25MB        1.14.1.0                        unnöt
Avira SearchFree Toolbar plus Web Protection Updater        Ask.com        29.04.2012        1,36MB        1.2.0.20064        unnöt
Bonjour        Apple Inc.        27.10.2011        0,92MB        3.0.0.10                                                unnöt
CCleaner        Piriform        02.05.2012        2,73MB        3.18                                                        benöt
Creator 9                12.02.2007                                                                        benöt
D-Link VGA Webcam                16.01.2008                                                        unnöt
DATA BECKER Stream Catcher 2 FREE                30.10.2011        36,0MB                                        unnöt
DeepBurner v1.9.0.228                06.02.2012        7,68MB                                                unnöt
DivX Converter        DivX, Inc.        25.04.2010        52,7MB        7.1.0                                                unbek
DivX Plus DirectShow Filters        DivX, Inc.        25.04.2010        1,22MB                                                unbek
DivX-Setup        DivX, Inc.        25.04.2010        1,77MB        1.0.0.450                                        unbek
Free DVD Video Burner version 2.4.10        DVDVideoSoft Limited.        18.12.2010        5,07MB                        unnöt
Free Studio version 5.2.1        DVDVideoSoft Ltd.        19.11.2011        41,4MB                                        unnöt
Free Video Converter V 2.3        Koyote Soft        07.11.2009        13,1MB        2.3.0.0                                unnöt
Free Video to iPhone Converter version 5.0.4.1228        DVDVideoSoft Ltd.        11.02.2012        14,0MB                        unnöt
Free Video to Mp3 Converter version 3.1        DVD Video Soft Limited.        22.08.2008        2,50MB                        unnöt
Free YouTube Download 2.9        DVDVideoSoft Limited.        28.09.2010        2,30MB                                unnöt
Free YouTube to DVD Converter version 2.7.21        DVDVideoSoft Limited.        18.12.2010        2,98MB                unnöt
FUSSBALL MANAGER 06                22.02.2007        1.807MB                                                unnöt
Guitar Pro 5.0        Arobas Music        17.12.2007        363MB                                                bekannt
HijackThis 2.0.2        TrendMicro        14.01.2010        0,39MB        2.0.2                                        bekannt
HotPotatoes v 6.3.0.4        HalfBaked        05.10.2010        26,2MB                                                unnöt
HP Customer Participation Program 8.0        HP        15.04.2007        192,2MB        8.0                                unbekannt
HP Imaging Device Functions 8.0        HP        15.04.2007        1,54MB        8.0                                unbekannt
HP OCR Software 8.0        HP        15.04.2007        1,53MB        8.0                                        unbekannt
HP Photosmart Essential        HP        15.04.2007        10,2MB        1.12.0.46                                        unbekannt
HP Photosmart.All-In-One Driver Software 8.0 .A        HP        15.04.2007        30,7MB        8.0                        unbekannt
HP Solution Center 8.0        HP        15.04.2007        1,53MB        8.0                                        unbekannt
HP Update        Hewlett-Packard        25.10.2008        3,71MB        4.000.012.001                                unbekannt
ICQ7.2        ICQ        30.10.2010        45,1MB        7.2                                                        unnötig
Infocentre Rev. 2.0                12.02.2007        59,4MB                                                        unbekannt
iTunes        Apple Inc.        27.10.2011        168,7MB        10.5.0.142                                                bekannt
Java(TM) 6 Update 29        Sun Microsystems, Inc.        12.01.2009        94,4MB        6.0.290                        bekannt
Keyboard Hotkey V1.03                12.02.2007                                                        unbekannt
Last.fm 1.5.4.27091        Last.fm        13.12.2010        18,3MB                                                        bekannt
MAGIX Online Druck Service        Silverwire Software GmbH        28.04.2008        6,36MB                                        unbekannt
MAGIX Video deLuxe 2005 PLUS        MAGIX AG        28.04.2008        25.521MB        4.5.0.76                                unbekannt
Malwarebytes Anti-Malware Version 1.61.0.1400        Malwarebytes Corporation        01.05.2012        4,09MB        1.61.0.1400        bekannt
Microsoft .NET Framework 1.1                07.02.2012                                                                unbekannt
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU        Microsoft Corporation        09.08.2009        37,1MB                unbekannt
Microsoft .NET Framework 3.5 SP1        Microsoft Corporation        15.06.2009        27,8MB                                unbekannt
Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        24.06.2010        120,3MB        4.0.30319                unbekannt
Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        24.06.2010        24,5MB        4.0.30319                unbekannt
Microsoft Encarta 99 Enzyklopädie        Microsoft Corporation        25.02.2009        13,3MB        99D                        unnötig
Microsoft Office Enterprise 2007        Microsoft Corporation        12.11.2010        615MB        12.0.6425.1000                unbekannt
Microsoft Office File Validation Add-In        Microsoft Corporation        19.09.2011        7,95MB        14.0.5130.5003                unbekannt
Microsoft Office Live Add-in 1.5        Microsoft Corporation        02.05.2012        0,49MB        2.0.4024.1                        unbekannt
Microsoft Office XP Professional mit FrontPage        Microsoft Corporation        01.07.2009        235MB        10.0.2701.0        bekannt
Microsoft Silverlight        Microsoft Corporation        18.05.2012        159,4MB        4.1.10329.0                                unbekannt
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        12.11.2010        0,25MB        8.0.50727.4053        unbekannt
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        16.06.2011        0,29MB        8.0.61001                                unbekannt
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        13.11.2010        0,19MB        9.0.30729.4148        unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022        Microsoft Corporation        04.11.2009        1,41MB        9.0.21022                        unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        10.06.2009        0,58MB        9.0.30729                        unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        16.06.2011        0,58MB        9.0.30729.6161                unbekannt
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219        Microsoft Corporation        01.05.2012        16,5MB        10.0.40219                        unbekannt
Microsoft WSE 3.0 Runtime        Microsoft Corp.        01.07.2009        0,92MB        3.0.5305.0                                                        unbekannt
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme        Microsoft Corporation        17.02.2010        0,13MB        12.0.4518.1014  unnötig
Mozilla Firefox 14.0.1 (x86 de)        Mozilla        17.07.2012        41,9MB        14.0.1                                                bekannt
Mozilla Maintenance Service        Mozilla        17.07.2012        0,21MB        14.0.1                                                bekannt
MSXML 4.0 SP2 (KB927978)        Microsoft Corporation        03.04.2007        1,24MB        4.20.9841.0                        unbekannt
MSXML 4.0 SP2 (KB936181)        Microsoft Corporation        14.08.2007        1,27MB        4.20.9848.0                        unbekannt
MSXML 4.0 SP2 (KB941833)        Microsoft Corporation        10.10.2007        1,27MB        4.20.9849.0                        unbekannt
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        13.11.2008        1,28MB        4.20.9870.0                        unbekannt
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        03.12.2009        1,34MB        4.20.9876.0                        unbekannt
NETGEAR WNA1100 N150 Wireless USB Adapter        NETGEAR        11.04.2012        12,4MB        1.0.0.133                        bekannt
NIS2007                12.02.2007                                                                                unbekannt
Omnipass 5                12.02.2007        23,5MB                                                                unbekannt
OpenOffice.org 3.0        OpenOffice.org        28.03.2009        333MB        3.0.9379                                                bekannt
Packard Bell Updator                12.02.2007        68,4MB                                                        unbekannt
Paint.NET v3.36        dotPDN LLC        22.02.2009        3,97MB        3.36.0                                                bekannt
Protect Disc License Helper 1.0.118        Protect Disc        30.10.2011        0,84MB        1.0.118                                unbekannt
ProtectDisc Driver, Version 11        ProtectDisc Software GmbH        30.10.2011        96,00KB        11.0.0.11                                unbekannt
QuickTime        Apple Inc.        06.01.2011        73,7MB        7.69.80.9                                                bekannt
Realtek HD Audio V6.0.1.5322                12.02.2007                                                                bekannt
RTC Client API v1.2        Microsoft        15.01.2007        0,11MB        1.2.0000                                                        unbekannt
Safari        Apple Inc.        02.02.2012        43,3MB        5.34.52.7                                                        unnötig
SetUp My PC                12.02.2007                                                                        unbekannt
Shop for HP Supplies        HP        22.04.2008        195,4MB        10.0                                                unbekannt
Sicherer Spieltreiber                10.08.2008        1,28MB                                                                unbekannt
Skype 2.5.2.151                12.02.2007        20,7MB                                                                bekannt
Skype web features        Skype Technologies S.A.        22.07.2009        4,96MB        1.0.3810                                        bekannt
Skype™ 4.1        Skype Technologies S.A.        22.07.2009        31,1MB        4.1.141                                        bekannt
Spelling Dictionaries Support For Adobe Reader 9        Adobe Systems Incorporated        28.11.2008        30,3MB        9.0.0                unbekannt
Switch Sound File Converter        NCH Software        15.08.2011        2,78MB                                                unbekannt
TurnierPlaner Version 4.0        CilexSoft        28.03.2011        17,4MB        4.0                                                bekannt
Uninstall 1.0.0.1                28.09.2010        16,3MB                                                                unbekannt
VIA Rhine Family Fast Ethernet Adapter                07.02.2012                                                        bekannt
Video ATI v8.31                12.02.2007                                                                        unbekannt
VideoLAN VLC media player 0.8.5        VideoLAN Team        13.02.2007        34,4MB        0.8.5                                bekannt
Vista Codec Package        Shark007        14.07.2010        57,7MB        5.7.8                                                        bekannt
WavePad Sound Editor        NCH Software        15.08.2011        6,07MB                                                unbekannt
Winamp        Nullsoft, Inc        19.01.2010        19,5MB        5.572                                                        bekannt
Winamp Erkennungs-Plug-in        Nullsoft, Inc        19.01.2010        0,13MB        1.0.0.1                                        unbekannt
Windows Media Player Firefox Plugin        Microsoft Corp        13.04.2009        0,29MB        1.0.0.8                                unbekannt
WinRAR                26.11.2007        3,40MB                                                                        bekannt
Works 8.5 DE                12.02.2007                                                                        bekannt
Yontoo Layers Runtime 1.10.01        Yontoo LLC        30.10.2011        0,19MB        1.10.01                                        unbekannt

markusg 30.07.2012 21:03
deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden
adobe reader:
http://filepony.de/download-adobe_reader/
haken bei mcafee security scan raus nehmen

bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok



deinstaliere:
Avira SearchFree : beide
D-Link
DATA BECKER
DeepBurner
DivX : alle
free: alle die damit beginnen
FUSSBALL MANAGER
HijackThis
HotPotatoes
ICQ7.2
MAGIX : beide
Microsoft Silverlight
NIS2007
Omnipass
Safari
Shop
Skype 2.5.2.151
du hast welche mit bekannt gekennzeichnet, ich wollte aber wissen ob sie nötig oder unnötig sind
wenn unnötige dabei sind, weg damit
wenn itunes unnötig ist, deinstaliere alles von apple
öffne ccleaner, analysieren, starten.
öffne otl, cleanup, pc startet neu, testen wie er läuft.

pe__ka 03.08.2012 15:04
hallo,

bin gerade umgezogen, aber dabei der anweisung zu folgen. bitte noch um etwas geduld. danke!!!

markusg 03.08.2012 17:30
ok, sag einfach wenn du so weit bist

pe__ka 05.08.2012 15:36
Zitat:
öffne otl, cleanup, pc startet neu, testen wie er läuft.
ich bin nun an dieser stelle. wenn ich otl öffne, welchen scan soll ich dann machen?
was meinst du mit cleanup?

grüße


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:25 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131