Spywarefri Forum | Mistænker en keylogger på min computer

1 af 2

Mistænker en keylogger på min computer

[ Ignorer ] MapleBoy
16.04.2012 22:23:46 Antal indlæg: 13	Hej. Jeg har for nyligt fået ny computer, haft den i ca. en uge og allerede nu har jeg problemer med en der hacker mig i WoW. Min gamle computer havde ingen problemer med keylogger, dog havde jeg en ekstern som kan have flyttet noget med over, men som sagt ingen tegn på keylogger før. Jeg har taget en prøve af HiJackThis for at vise hvad der foregår i systemet. Der er sikkert brug for mere info, men ved ikke lige hvad. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:20:48, on 16-04-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16443) Boot mode: Normal Running processes: C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Creative\Sound Blaster Recon3D\Sound Blaster Recon3D Control Panel\SBRecon.exe C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Users\Andreas\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe O4 - HKLM\..\Run: [FLxHCIm64] “C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe” O4 - HKLM\..\Run: [ISUSScheduler] “C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe” -start O4 - HKLM\..\Run: [avast] “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui O4 - HKLM\..\Run: [Sound Blaster Recon3D Control Panel] “C:\Program Files (x86)\Creative\Sound Blaster Recon3D\Sound Blaster Recon3D Control Panel\SBRecon.exe” /r O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe” O4 - HKLM\..\RunOnce: [GBTUpd] C:\Program Files (x86)\GIGABYTE\UpdManager\PreRun.exe O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKCU\..\Run: [Skype] “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’) O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’) O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’) O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’) O4 - HKUS\S-1-5-21-2273758202-2905085073-3037150910-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘UpdatusUser’) O4 - HKUS\S-1-5-21-2273758202-2905085073-3037150910-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User ‘UpdatusUser’) O4 - Startup: CurseClientStartup.ccip O4 - Startup: Dropbox.lnk = Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Creative Media Toolbox 6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) — End of file - 11113 bytes
[ Ignorer ] [ # 1 ] f-arn TeamSpywarefri
17.04.2012 19:38:48 Administrator Team Spywarefri Antal indlæg: 7044	Hej, og velkommmen til Du har vist også spurgt her Hent og kør DDS. Den laver to logs,(DDS.txt og Attach.txt) gem dem på skrivebordet og kopier indholdet af begge herind. OBS - DDS skal gemmes på computeren og ikke køres fra nettet. Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator. Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 2 ] MapleBoy
18.04.2012 08:01:49 Antal indlæg: 13	Det er rigtigt, jeg har også spurgt efterfølgende på eksperten.dk. man kan vel sige jeg er lidt bange for den keylogger og prøver de muligheder for hjælp der nu engang er her på nettet. . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16443 BrowserJavaVersion: 1.6.0_31 Run by Andreas at 7:56:17 on 2012-04-18 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.45.1033.18.16336.13610 [GMT 2:00] . AV: avast! Antivirus Enabled/Updated {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus Enabled/Updated {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\Dwm.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\IProsetMonitor.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe C:\Windows\System32\snmp.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\System32\rundll32.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Creative\Sound Blaster Recon3D\Sound Blaster Recon3D Control Panel\SBRecon.exe C:\Users\Andreas\AppData\Local\Apps\2.0\0X35T4T8.KA7\485L5JOJ.HQT\curs..tion_eee711038731a406_0004.0000_2bd39706d04e72c8\CurseClient.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Windows\system32\sppsvc.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe \\?\C:\Windows\system32\wbem\WMIADAP.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup uRun: [Skype] “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe mRun: [FLxHCIm64] “C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe” mRun: [ISUSScheduler] “C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe” -start mRun: [avast] “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui mRun: [Sound Blaster Recon3D Control Panel] “C:\Program Files (x86)\Creative\Sound Blaster Recon3D\Sound Blaster Recon3D Control Panel\SBRecon.exe” /r mRun: [UpdReg] C:\Windows\UpdReg.EXE mRun: [SunJavaUpdateSched] “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe” mRun: [Dolby Home Theater v4] “C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe” -autostart mRunOnce: [GBTUpd] C:\Program Files (x86)\GIGABYTE\UpdManager\PreRun.exe StartupFolder: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip StartupFolder: C:\Users\Andreas\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\Andreas\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab TCP: DhcpNameServer = 212.10.10.5 212.10.239.244 212.10.10.4 TCP: Interfaces\{506D30DB-7FF5-4E27-B15E-31A8510E8276} : DhcpNameServer = 212.10.10.5 212.10.239.244 212.10.10.4 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe mRun-x64: [FLxHCIm64] “C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe” mRun-x64: [ISUSScheduler] “C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe” -start mRun-x64: [avast] “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui mRun-x64: [Sound Blaster Recon3D Control Panel] “C:\Program Files (x86)\Creative\Sound Blaster Recon3D\Sound Blaster Recon3D Control Panel\SBRecon.exe” /r mRun-x64: [UpdReg] C:\Windows\UpdReg.EXE mRun-x64: [SunJavaUpdateSched] “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe” mRun-x64: [Dolby Home Theater v4] “C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe” -autostart mRunOnce-x64: [GBTUpd] C:\Program Files (x86)\GIGABYTE\UpdManager\PreRun.exe . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\zko978wx.default\ FF - prefs.js: browser.search.selectedEngine - Bing FF - prefs.js: browser.startup.homepage - http://www.google.dk FF - component: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}\components\libstutils.dll FF - component: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66}\lib\WINNT_x86-msvc\1.9.1\yoono.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll . ============= SERVICES / DRIVERS =============== . R0 iaStorA;iaStorA;C:\Windows\system32\DRIVERS\iaStorA.sys—> C:\Windows\system32\DRIVERS\iaStorA.sys [?] R0 iaStorF;iaStorF;C:\Windows\system32\DRIVERS\iaStorF.sys—> C:\Windows\system32\DRIVERS\iaStorF.sys [?] R0 mvs91xx;mvs91xx;C:\Windows\system32\DRIVERS\mvs91xx.sys—> C:\Windows\system32\DRIVERS\mvs91xx.sys [?] R1 AppleCharger;AppleCharger;C:\Windows\system32\DRIVERS\AppleCharger.sys—> C:\Windows\system32\DRIVERS\AppleCharger.sys [?] R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys—> C:\Windows\system32\drivers\aswSnx.sys [?] R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys—> C:\Windows\system32\drivers\aswSP.sys [?] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R1 VirtDiskBus;3TB+ Unlock;C:\Windows\system32\DRIVERS\VirtDiskBus64.sys—> C:\Windows\system32\DRIVERS\VirtDiskBus64.sys [?] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-12 140672] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys—> C:\Windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys—> C:\Windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-4-4 44768] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe [2012-4-4 7168] R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\system32\IProsetMonitor.exe—> C:\Windows\system32\IProsetMonitor.exe [?] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-4-4 2255464] R2 Smart TimeLock;Smart TimeLock Service;C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe [2012-4-4 114688] R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-4-6 2666880] R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys—> C:\Windows\system32\DRIVERS\e1c62x64.sys [?] R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\system32\DRIVERS\FLxHCIc.sys—> C:\Windows\system32\DRIVERS\FLxHCIc.sys [?] R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\system32\DRIVERS\FLxHCIh.sys—> C:\Windows\system32\DRIVERS\FLxHCIh.sys [?] R3 ksaud;Creative USB Audio Driver;C:\Windows\system32\drivers\ksaud.sys—> C:\Windows\system32\drivers\ksaud.sys [?] R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys—> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys—> C:\Windows\system32\drivers\nvhda64v.sys [?] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-12 253088] S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe—> system32\AppleChargerSrv.exe [?] S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-4-6 79360] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-4-6 79360] S3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2012-4-6 79360] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys—> C:\Windows\system32\DRIVERS\ssudbus.sys [?] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-4-12 1431888] S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2012-4-4 30528] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys—> C:\Windows\system32\DRIVERS\ssudmdm.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys—> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe—> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . . ==================== Find3M ==================== . 2012-04-18 05:52:13 25640 ——a-w- C:\Windows\gdrv.sys 2012-04-16 15:00:07 175616 ——a-w- C:\Windows\System32\msclmd.dll 2012-04-16 15:00:07 152576 ——a-w- C:\Windows\SysWow64\msclmd.dll 2012-04-13 18:40:23 70304 ——a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-04-13 18:40:23 418464 ——a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-04-13 18:40:06 8766112 ——a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2012-04-06 17:27:06 472808 ——a-w- C:\Windows\SysWow64\deployJava1.dll 2012-04-05 22:07:17 466520 ——a-w- C:\Windows\System32\wrap_oal.dll 2012-04-05 22:07:17 445016 ——a-w- C:\Windows\SysWow64\wrap_oal.dll 2012-04-05 22:07:17 123480 ——a-w- C:\Windows\System32\OpenAL32.dll 2012-04-05 22:07:17 109144 ——a-w- C:\Windows\SysWow64\OpenAL32.dll 2012-04-04 21:08:53 30528 ——a-w- C:\Windows\GVTDrv64.sys 2012-04-04 13:56:40 24904 ——a-w- C:\Windows\System32\drivers\mbam.sys 2012-03-06 23:15:19 41184 ——a-w- C:\Windows\avastSS.scr 2012-03-06 23:04:06 819032 ——a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-03-06 23:02:20 53080 ——a-w- C:\Windows\System32\drivers\aswRdr2.sys 2012-03-06 23:01:52 69976 ——a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-03-06 06:53:37 5559152 ——a-w- C:\Windows\System32\ntoskrnl.exe 2012-03-06 05:59:47 3968368 ——a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-03-06 05:59:41 3913072 ——a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-03-01 06:46:16 23408 ——a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-03-01 06:38:27 220672 ——a-w- C:\Windows\System32\wintrust.dll 2012-03-01 06:33:50 81408 ——a-w- C:\Windows\System32\imagehlp.dll 2012-03-01 06:28:47 5120 ——a-w- C:\Windows\System32\wmi.dll 2012-03-01 05:37:41 172544 ——a-w- C:\Windows\SysWow64\wintrust.dll 2012-03-01 05:33:23 159232 ——a-w- C:\Windows\SysWow64\imagehlp.dll 2012-03-01 05:29:16 5120 ——a-w- C:\Windows\SysWow64\wmi.dll 2012-02-24 09:14:42 99384 ——a-w- C:\Windows\System32\drivers\ssudbus.sys 2012-02-24 09:14:42 203320 ——a-w- C:\Windows\System32\drivers\ssudmdm.sys 2012-02-23 07:18:36 279656 ———w- C:\Windows\System32\MpSigStub.exe 2012-02-17 06:38:26 1031680 ——a-w- C:\Windows\System32\rdpcore.dll 2012-02-17 05:34:22 826880 ——a-w- C:\Windows\SysWow64\rdpcore.dll 2012-02-17 04:58:24 210944 ——a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-02-17 04:57:32 23552 ——a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-02-10 06:36:07 1544192 ——a-w- C:\Windows\System32\DWrite.dll 2012-02-10 05:38:43 1077248 ——a-w- C:\Windows\SysWow64\DWrite.dll 2012-02-03 04:34:34 3145728 ——a-w- C:\Windows\System32\win32k.sys 2012-01-25 06:38:39 77312 ——a-w- C:\Windows\System32\rdpwsx.dll 2012-01-25 06:38:38 149504 ——a-w- C:\Windows\System32\rdpcorekmts.dll 2012-01-25 06:33:30 9216 ——a-w- C:\Windows\System32\rdrmemptylst.exe . ============= FINISH: 7:58:59,81 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 04-04-2012 22:22:02 System Uptime: 18-04-2012 07:51:12 (0 hours ago) . Motherboard: Gigabyte Technology Co., Ltd. \| \| X79-UD3 Processor: Intel(R) Core(TM) i7-3820 CPU @ 3.60GHz \| SOCKET 0 \| 3801/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 466 GiB total, 355,921 GiB free. D: is CDROM (CDFS) E: is FIXED (NTFS) - 466 GiB total, 372,155 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP45: 16-04-2012 16:52:54 - Windows 7 Service Pack 1 RP46: 16-04-2012 18:07:07 - Windows Update RP47: 17-04-2012 11:38:24 - Windows Update . ==== Installed Programs ====================== . @BIOS 3DPower B11.1115.1 3TB+Unlock B11.0919.1 Adobe Reader X (10.1.0) - Dansk Autodesk Material Library 2012 Autodesk Material Library Base Resolution Image Library 2012 Autodesk Material Library Low Resolution Image Library 2012 Autodesk Material Library Medium Resolution Image Library 2012 avast! Free Antivirus Cloud OC Counter-Strike: Source Creative Media Toolbox 6 Creative Media Toolbox 6 (Shared Components) Creative System Information Creative WaveStudio 7 Curse Client D3DX10 DMIView B11.0916.1 Dolby Home Theater v4 Dropbox Easy Tune 6 B11.1110.1 ESET Online Scanner v3 Face_Wizard B11.1006.01 FARO LS 1.1.406.58 Forsaken World GOM Player Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) Hotfix for Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (KB944899) Intel(R) Management Engine Components Intel(R) Rapid Storage Technology enterprise Java Auto Updater Java(TM) 6 Update 31 Junk Mail filter update Malwarebytes Anti-Malware version 1.61.0.1400 marvell 91xx driver Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729 Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729 Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729 Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729 Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) Microsoft Visual Studio Tools for Applications 2.0 - ENU Microsoft Visual Studio Tools for Applications 2.0 Runtime Mozilla Firefox 11.0 (x86 en-US) MSVCRT MSVCRT_amd64 MyFreeCodec NVIDIA 3D Vision Controller Driver NVIDIA PhysX ON_OFF Charge B11.1102.1 OpenOffice.org 3.3 Q-Share Ver.1.2 Realtek High Definition Audio Driver Samsung Kies Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Skype™ 5.8 Smart 6 B11.1026.1 Sound Blaster Recon3D Sound Blaster Recon3D Extras Steam TeamViewer 7 TouchBIOS B11.1112.1 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update Manager B11.1027.1 Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 Visual Studio 2008 x64 Redistributables Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinZip 15.0 World of Warcraft World of Warcraft Beta . ==== Event Viewer Messages From Past Week ======== . 18-04-2012 07:52:00, Error: SNMP [1500] - The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. 18-04-2012 07:51:40, Error: NetBT [4321] - The name “ANDREAS-PC :0” could not be registered on the interface with IP address 192.168.87.101. The computer with the IP address 192.168.87.103 did not allow the name to be claimed by this computer. 17-04-2012 12:41:14, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 17-04-2012 12:41:14, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. 16-04-2012 18:16:15, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{506D30DB-7FF5-4E27-B15E-31A8510E8276} because another computer on the network has the same name. The server could not start. 16-04-2012 18:16:15, Error: NetBT [4321] - The name “ANDREAS-PC :20” could not be registered on the interface with IP address 192.168.87.101. The computer with the IP address 192.168.87.103 did not allow the name to be claimed by this computer. 16-04-2012 18:08:34, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems. 16-04-2012 18:02:23, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB976422). 16-04-2012 18:00:10, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63AA156-D534-4BAC-9BF1-55359CF5EC30} and APPID {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} to the user Andreas-PC\UpdatusUser SID (S-1-5-21-2273758202-2905085073-3037150910-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 16-04-2012 17:46:54, Error: Service Control Manager [7023] - The Windows Modules Installer service terminated with the following error: The requested operation was made in the context of a transaction that is no longer active. 16-04-2012 17:45:21, Error: Service Control Manager [7043] - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control. 16-04-2012 17:15:41, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB2505438). 16-04-2012 16:51:46, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 13-04-2012 17:40:13, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The pipe has been ended. 12-04-2012 10:36:20, Error: Service Control Manager [7023] - 12-04-2012 10:33:13, Error: Service Control Manager [7038] - The avast! Antivirus service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 12-04-2012 10:33:13, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: %%-2147467243 12-04-2012 10:33:13, Error: Service Control Manager [7000] - The avast! Antivirus service failed to start due to the following error: The service did not start due to a logon failure. 12-04-2012 10:33:11, Error: Service Control Manager [7000] - The TeamViewer 7 service failed to start due to the following error: The pipe has been ended. 12-04-2012 10:33:10, Error: Service Control Manager [7034] - The Splashtop Connect IE Software Updater Service service terminated unexpectedly. It has done this 1 time(s). 12-04-2012 10:33:10, Error: Service Control Manager [7034] - The Splashtop Connect Firefox Software Updater Service service terminated unexpectedly. It has done this 1 time(s). 12-04-2012 10:33:09, Error: Service Control Manager [7031] - The TeamViewer 7 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service. 12-04-2012 10:33:08, Error: Service Control Manager [7034] - The Splashtop Connect Service service terminated unexpectedly. It has done this 1 time(s). 12-04-2012 10:33:08, Error: Service Control Manager [7031] - The Smart TimeLock Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. 12-04-2012 10:33:08, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 12-04-2012 10:33:08, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Smart TimeLock Service service to connect. 12-04-2012 10:33:08, Error: Service Control Manager [7000] - The Smart TimeLock Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 12-04-2012 10:33:06, Error: Service Control Manager [7034] - The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly. It has done this 1 time(s). 12-04-2012 10:32:58, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 12-04-2012 10:30:22, Error: Service Control Manager [7023] - The Security Center service terminated with the following error: The process cannot access the file because it is being used by another process. 12-04-2012 10:30:22, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The process cannot access the file because it is being used by another process. 12-04-2012 10:28:58, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 12-04-2012 10:28:57, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the NVIDIA Update Service Daemon service to connect. 12-04-2012 10:28:53, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel(R) Rapid Storage Technology service to connect. 12-04-2012 10:28:53, Error: Service Control Manager [7000] - The Intel(R) Rapid Storage Technology service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File ===========================
[ Ignorer ] [ # 3 ] f-arn TeamSpywarefri
18.04.2012 16:09:58 Administrator Team Spywarefri Antal indlæg: 7044	Har du selv installeret TeamViewer Jeg har for nyligt fået ny computer, haft den i ca. en uge Der er ikke tegn på en keylogger, men jeg synes der er mange fejlmeldinger, hvis PCen er så ny. ——— Download Tdsskiller.zip på dit skrivebord og pak den ud i en mappe. Kør TDSSKiller.exe -> Klik på “Start Scan” Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator. Hvis en inficeret fil bliver fundet, vil ”Default action” være Cure, klik på Continue Hvis en mistænkelig fil opdages, vil ”Default action” være Skip, klik på Continue Hvis den ikke spørger om ”Reboot” (genstart) så klik på ”Report”, kopier den tekst herind i tråden. Genstart hvis den kræver det. Hvis den genstarter kan du finde logfilen her : C:\TDSSKiller.[Version]_[Dato]_[Tidspunkt]_log.txt. Kopier den tekst herind I denne tråd. ——— Hent og gem aswMBR på dit Skrivebord. Start aswMBR og klik på “Scan” Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator. Hvis den spørger efter “Avast virus definitioner” klikker du “Yes” Når den er færdig med at scanne, klikker du på “SAVE LOG” og sender loggen herind. ——— PS Vil du godt gøre det, i den rækkefølge jeg anfører Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 4 ] MapleBoy
18.04.2012 20:38:39 Antal indlæg: 13	Computer er købt hos http://www.mm-vision.dk. for at være helt præcis fik jeg den, 05-04-12, installerede min Windows 7 samt drivers der fulgte med til computeren. Jeg fik dog ikke med det samme opdateret computer helt vedr. windows 7 sp1, men fik med det samme avast free på. Min kæreste har fået autodesk på da hun læser til bygningskonstruktør og så er der blevet installeret lidt andet også. hvad fejlmeldingerne skulle være, ved jeg ikke, men jeg er også overrasket over at den starter meget langsomt op. Skærmen går i sort når windows er startet og der går lidt tid efter baggrunden er kommet op før man ser ikonerne på skrivebordet. men det er jo ikke lige det jeg har spurgt til råds om, så det ved jeg ikke om det noget vi kan tage op her. Hopper lige på stationæren og kører de programmer og lægger dem herind.
[ Ignorer ] [ # 5 ] MapleBoy
18.04.2012 20:42:52 Antal indlæg: 13	20:41:23.0707 1728 TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20 20:41:23.0863 1728 ============================================================ 20:41:23.0863 1728 Current date / time: 2012/04/18 20:41:23.0863 20:41:23.0863 1728 SystemInfo: 20:41:23.0863 1728 20:41:23.0863 1728 OS Version: 6.1.7601 ServicePack: 1.0 20:41:23.0863 1728 Product type: Workstation 20:41:23.0863 1728 ComputerName: ANDREAS-PC 20:41:23.0863 1728 UserName: Andreas 20:41:23.0863 1728 Windows directory: C:\Windows 20:41:23.0863 1728 System windows directory: C:\Windows 20:41:23.0863 1728 Running under WOW64 20:41:23.0863 1728 Processor architecture: Intel x64 20:41:23.0863 1728 Number of processors: 8 20:41:23.0863 1728 Page size: 0x1000 20:41:23.0863 1728 Boot type: Normal boot 20:41:23.0863 1728 ============================================================ 20:41:24.0893 1728 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘K0’, Flags 0x00000040 20:41:24.0909 1728 Drive \Device\Harddisk1\DR1 - Size: 0x3D400000 (0.96 Gb), SectorSize: 0x200, Cylinders: 0x7C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘W’ 20:41:24.0909 1728 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘W’ 20:41:24.0924 1728 \Device\Harddisk0\DR0: 20:41:24.0924 1728 MBR partitions: 20:41:24.0924 1728 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 20:41:24.0924 1728 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000 20:41:24.0924 1728 \Device\Harddisk1\DR1: 20:41:24.0924 1728 MBR partitions: 20:41:24.0924 1728 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x6, StartLBA 0x1D0, BlocksNum 0x1E9E30 20:41:24.0924 1728 \Device\Harddisk2\DR2: 20:41:24.0924 1728 MBR partitions: 20:41:24.0924 1728 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C41 20:41:24.0955 1728 C: <-> \Device\Harddisk0\DR0\Partition1 20:41:24.0971 1728 E: <-> \Device\Harddisk2\DR2\Partition0 20:41:24.0971 1728 Initialize success 20:41:24.0971 1728 ============================================================ 20:41:35.0267 2136 ============================================================ 20:41:35.0267 2136 Scan started 20:41:35.0267 2136 Mode: Manual; 20:41:35.0267 2136 ============================================================ 20:41:36.0265 2136 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE 20:41:36.0281 2136 !SASCORE - ok 20:41:36.0421 2136 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 20:41:36.0421 2136 1394ohci - ok 20:41:36.0499 2136 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 20:41:36.0499 2136 ACPI - ok 20:41:36.0531 2136 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 20:41:36.0531 2136 AcpiPmi - ok 20:41:36.0655 2136 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 20:41:36.0655 2136 AdobeARMservice - ok 20:41:36.0780 2136 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 20:41:36.0780 2136 AdobeFlashPlayerUpdateSvc - ok 20:41:36.0858 2136 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 20:41:36.0874 2136 adp94xx - ok 20:41:36.0905 2136 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 20:41:36.0905 2136 adpahci - ok 20:41:36.0921 2136 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 20:41:36.0936 2136 adpu320 - ok 20:41:36.0952 2136 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 20:41:36.0952 2136 AeLookupSvc - ok 20:41:37.0014 2136 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 20:41:37.0030 2136 AFD - ok 20:41:37.0092 2136 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 20:41:37.0092 2136 agp440 - ok 20:41:37.0139 2136 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 20:41:37.0139 2136 ALG - ok 20:41:37.0170 2136 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 20:41:37.0170 2136 aliide - ok 20:41:37.0186 2136 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 20:41:37.0186 2136 amdide - ok 20:41:37.0217 2136 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 20:41:37.0217 2136 AmdK8 - ok 20:41:37.0233 2136 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 20:41:37.0248 2136 AmdPPM - ok 20:41:37.0295 2136 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 20:41:37.0295 2136 amdsata - ok 20:41:37.0326 2136 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 20:41:37.0326 2136 amdsbs - ok 20:41:37.0373 2136 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 20:41:37.0373 2136 amdxata - ok 20:41:37.0467 2136 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 20:41:37.0467 2136 AppID - ok 20:41:37.0514 2136 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 20:41:37.0514 2136 AppIDSvc - ok 20:41:37.0560 2136 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 20:41:37.0560 2136 Appinfo - ok 20:41:37.0592 2136 AppleCharger (ba957e7acd2b44fa3b01faa64f6a9060) C:\Windows\system32\DRIVERS\AppleCharger.sys 20:41:37.0592 2136 AppleCharger - ok 20:41:37.0607 2136 AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe 20:41:37.0607 2136 AppleChargerSrv - ok 20:41:37.0654 2136 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 20:41:37.0654 2136 arc - ok 20:41:37.0670 2136 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 20:41:37.0670 2136 arcsas - ok 20:41:37.0950 2136 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 20:41:37.0950 2136 aspnet_state - ok 20:41:38.0153 2136 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys 20:41:38.0153 2136 aswFsBlk - ok 20:41:38.0184 2136 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys 20:41:38.0200 2136 aswMonFlt - ok 20:41:38.0231 2136 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys 20:41:38.0231 2136 aswRdr - ok 20:41:38.0278 2136 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys 20:41:38.0278 2136 aswSnx - ok 20:41:38.0325 2136 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys 20:41:38.0325 2136 aswSP - ok 20:41:38.0340 2136 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys 20:41:38.0340 2136 aswTdi - ok 20:41:38.0372 2136 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 20:41:38.0387 2136 AsyncMac - ok 20:41:38.0450 2136 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 20:41:38.0450 2136 atapi - ok 20:41:38.0512 2136 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 20:41:38.0512 2136 AudioEndpointBuilder - ok 20:41:38.0528 2136 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 20:41:38.0528 2136 AudioSrv - ok 20:41:38.0590 2136 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe 20:41:38.0590 2136 avast! Antivirus - ok 20:41:38.0637 2136 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 20:41:38.0652 2136 AxInstSV - ok 20:41:38.0699 2136 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 20:41:38.0699 2136 b06bdrv - ok 20:41:38.0730 2136 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 20:41:38.0746 2136 b57nd60a - ok 20:41:38.0808 2136 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 20:41:38.0808 2136 BDESVC - ok 20:41:38.0824 2136 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 20:41:38.0824 2136 Beep - ok 20:41:38.0902 2136 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 20:41:38.0918 2136 BFE - ok 20:41:38.0964 2136 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 20:41:38.0980 2136 BITS - ok 20:41:39.0011 2136 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 20:41:39.0027 2136 blbdrive - ok 20:41:39.0074 2136 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 20:41:39.0074 2136 bowser - ok 20:41:39.0105 2136 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 20:41:39.0120 2136 BrFiltLo - ok 20:41:39.0120 2136 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 20:41:39.0120 2136 BrFiltUp - ok 20:41:39.0167 2136 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 20:41:39.0183 2136 Browser - ok 20:41:39.0198 2136 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 20:41:39.0214 2136 Brserid - ok 20:41:39.0214 2136 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 20:41:39.0214 2136 BrSerWdm - ok 20:41:39.0230 2136 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 20:41:39.0230 2136 BrUsbMdm - ok 20:41:39.0230 2136 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 20:41:39.0230 2136 BrUsbSer - ok 20:41:39.0245 2136 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 20:41:39.0245 2136 BTHMODEM - ok 20:41:39.0276 2136 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 20:41:39.0276 2136 bthserv - ok 20:41:39.0308 2136 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 20:41:39.0308 2136 cdfs - ok 20:41:39.0370 2136 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 20:41:39.0386 2136 cdrom - ok 20:41:39.0448 2136 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 20:41:39.0464 2136 CertPropSvc - ok 20:41:39.0479 2136 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 20:41:39.0479 2136 circlass - ok 20:41:39.0510 2136 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 20:41:39.0510 2136 CLFS - ok 20:41:39.0588 2136 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:41:39.0604 2136 clr_optimization_v2.0.50727_32 - ok 20:41:39.0620 2136 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 20:41:39.0620 2136 clr_optimization_v2.0.50727_64 - ok 20:41:39.0791 2136 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:41:39.0822 2136 clr_optimization_v4.0.30319_32 - ok 20:41:40.0088 2136 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 20:41:40.0103 2136 clr_optimization_v4.0.30319_64 - ok 20:41:40.0212 2136 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 20:41:40.0212 2136 CmBatt - ok 20:41:40.0259 2136 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 20:41:40.0259 2136 cmdide - ok 20:41:40.0322 2136 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 20:41:40.0322 2136 CNG - ok 20:41:40.0384 2136 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 20:41:40.0384 2136 Compbatt - ok 20:41:40.0400 2136 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 20:41:40.0400 2136 CompositeBus - ok 20:41:40.0415 2136 COMSysApp - ok 20:41:40.0431 2136 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 20:41:40.0431 2136 crcdisk - ok 20:41:40.0556 2136 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe 20:41:40.0556 2136 Creative ALchemy AL6 Licensing Service - ok 20:41:40.0587 2136 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe 20:41:40.0587 2136 Creative Audio Engine Licensing Service - ok 20:41:40.0618 2136 Creative Media Toolbox 6 Licensing Service (d03466c36ef0e5c7694ff38b45271d9d) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe 20:41:40.0618 2136 Creative Media Toolbox 6 Licensing Service - ok 20:41:40.0743 2136 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 20:41:40.0743 2136 CryptSvc - ok 20:41:40.0852 2136 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 20:41:40.0868 2136 DcomLaunch - ok 20:41:40.0899 2136 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 20:41:40.0914 2136 defragsvc - ok 20:41:40.0977 2136 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 20:41:40.0977 2136 DfsC - ok 20:41:41.0039 2136 dg_ssudbus (113212d25d0c9bb8901a9833774da97f) C:\Windows\system32\DRIVERS\ssudbus.sys 20:41:41.0039 2136 dg_ssudbus - ok 20:41:41.0102 2136 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 20:41:41.0102 2136 Dhcp - ok 20:41:41.0133 2136 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 20:41:41.0133 2136 discache - ok 20:41:41.0164 2136 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 20:41:41.0164 2136 Disk - ok 20:41:41.0273 2136 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 20:41:41.0273 2136 Dnscache - ok 20:41:41.0351 2136 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 20:41:41.0351 2136 dot3svc - ok 20:41:41.0398 2136 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 20:41:41.0414 2136 DPS - ok 20:41:41.0460 2136 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 20:41:41.0460 2136 drmkaud - ok 20:41:41.0570 2136 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 20:41:41.0570 2136 DXGKrnl - ok 20:41:41.0616 2136 e1cexpress (eafcb4551836ff44ee775ceddfa7a77e) C:\Windows\system32\DRIVERS\e1c62x64.sys 20:41:41.0616 2136 e1cexpress - ok 20:41:41.0694 2136 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 20:41:41.0710 2136 EapHost - ok 20:41:41.0835 2136 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 20:41:41.0897 2136 ebdrv - ok 20:41:41.0944 2136 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 20:41:41.0960 2136 EFS - ok 20:41:42.0053 2136 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 20:41:42.0069 2136 ehRecvr - ok 20:41:42.0084 2136 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 20:41:42.0100 2136 ehSched - ok 20:41:42.0162 2136 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 20:41:42.0162 2136 elxstor - ok 20:41:42.0225 2136 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 20:41:42.0225 2136 ErrDev - ok 20:41:42.0318 2136 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 20:41:42.0334 2136 EventSystem - ok 20:41:42.0365 2136 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 20:41:42.0365 2136 exfat - ok 20:41:42.0381 2136 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 20:41:42.0396 2136 fastfat - ok 20:41:42.0474 2136 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 20:41:42.0474 2136 Fax - ok 20:41:42.0506 2136 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 20:41:42.0506 2136 fdc - ok 20:41:42.0537 2136 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 20:41:42.0537 2136 fdPHost - ok 20:41:42.0552 2136 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 20:41:42.0552 2136 FDResPub - ok 20:41:42.0599 2136 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 20:41:42.0599 2136 FileInfo - ok 20:41:42.0615 2136 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 20:41:42.0615 2136 Filetrace - ok 20:41:42.0708 2136 FLEXnet Licensing Service 64 (5cee6cd43ae5844c49300ea0b1e557ee) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe 20:41:42.0740 2136 FLEXnet Licensing Service 64 - ok 20:41:42.0755 2136 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 20:41:42.0755 2136 flpydisk - ok 20:41:42.0802 2136 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 20:41:42.0802 2136 FltMgr - ok 20:41:42.0849 2136 FLxHCIc (170338bc55b02486212b71d2a68c4291) C:\Windows\system32\DRIVERS\FLxHCIc.sys 20:41:42.0849 2136 FLxHCIc - ok 20:41:42.0880 2136 FLxHCIh (3b793f95a12898eee764ee5254e416c4) C:\Windows\system32\DRIVERS\FLxHCIh.sys 20:41:42.0880 2136 FLxHCIh - ok 20:41:42.0942 2136 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 20:41:42.0958 2136 FontCache - ok 20:41:43.0098 2136 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 20:41:43.0098 2136 FontCache3.0.0.0 - ok 20:41:43.0145 2136 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 20:41:43.0145 2136 FsDepends - ok 20:41:43.0223 2136 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 20:41:43.0223 2136 Fs_Rec - ok 20:41:43.0317 2136 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 20:41:43.0317 2136 fvevol - ok 20:41:43.0364 2136 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 20:41:43.0364 2136 gagp30kx - ok 20:41:43.0395 2136 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys 20:41:43.0395 2136 gdrv - ok 20:41:43.0457 2136 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 20:41:43.0488 2136 gpsvc - ok 20:41:43.0551 2136 GVTDrv64 (8126331fbd4ed29eb3b356f9c905064d) C:\Windows\GVTDrv64.sys 20:41:43.0551 2136 GVTDrv64 - ok 20:41:43.0629 2136 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 20:41:43.0629 2136 hcw85cir - ok 20:41:43.0722 2136 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 20:41:43.0722 2136 HdAudAddService - ok 20:41:43.0800 2136 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 20:41:43.0800 2136 HDAudBus - ok 20:41:43.0832 2136 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 20:41:43.0832 2136 HidBatt - ok 20:41:43.0847 2136 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 20:41:43.0847 2136 HidBth - ok 20:41:43.0863 2136 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 20:41:43.0863 2136 HidIr - ok 20:41:43.0894 2136 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 20:41:43.0894 2136 hidserv - ok 20:41:43.0956 2136 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 20:41:43.0956 2136 HidUsb - ok 20:41:44.0019 2136 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 20:41:44.0019 2136 hkmsvc - ok 20:41:44.0081 2136 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 20:41:44.0097 2136 HomeGroupListener - ok 20:41:44.0128 2136 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 20:41:44.0144 2136 HomeGroupProvider - ok 20:41:44.0253 2136 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 20:41:44.0253 2136 HpSAMD - ok 20:41:44.0362 2136 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 20:41:44.0378 2136 HTTP - ok 20:41:44.0487 2136 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 20:41:44.0487 2136 hwpolicy - ok 20:41:44.0549 2136 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 20:41:44.0549 2136 i8042prt - ok 20:41:44.0596 2136 iaStorA (db81edc524a0f07fc2bd0b7415676528) C:\Windows\system32\DRIVERS\iaStorA.sys 20:41:44.0596 2136 iaStorA - ok 20:41:44.0658 2136 IAStorDataMgrSvc (0fa3d592e9d4e342cef7adea98251832) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe 20:41:44.0658 2136 IAStorDataMgrSvc - ok 20:41:44.0674 2136 iaStorF (4621fae7d3c969a1e84a2790d88fccde) C:\Windows\system32\DRIVERS\iaStorF.sys 20:41:44.0674 2136 iaStorF - ok 20:41:44.0752 2136 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 20:41:44.0752 2136 iaStorV - ok 20:41:44.0846 2136 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 20:41:44.0846 2136 IDriverT - ok 20:41:45.0017 2136 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 20:41:45.0033 2136 idsvc - ok 20:41:45.0080 2136 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 20:41:45.0080 2136 iirsp - ok 20:41:45.0173 2136 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 20:41:45.0298 2136 IKEEXT - ok 20:41:45.0423 2136 IntcAzAudAddService (a5f7cef8a939ebe270462edefd629f20) C:\Windows\system32\drivers\RTKVHD64.sys 20:41:45.0438 2136 IntcAzAudAddService - ok 20:41:45.0470 2136 Intel(R) PROSet Monitoring Service (d7b978f4504d3da95a21002863d0e7ee) C:\Windows\system32\IProsetMonitor.exe 20:41:45.0485 2136 Intel(R) PROSet Monitoring Service - ok 20:41:45.0532 2136 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 20:41:45.0532 2136 intelide - ok 20:41:45.0563 2136 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 20:41:45.0563 2136 intelppm - ok 20:41:45.0594 2136 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 20:41:45.0610 2136 IPBusEnum - ok 20:41:45.0641 2136 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:41:45.0657 2136 IpFilterDriver - ok 20:41:45.0735 2136 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 20:41:45.0750 2136 iphlpsvc - ok 20:41:45.0797 2136 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 20:41:45.0797 2136 IPMIDRV - ok 20:41:45.0828 2136 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 20:41:45.0828 2136 IPNAT - ok 20:41:45.0860 2136 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 20:41:45.0860 2136 IRENUM - ok 20:41:45.0906 2136 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 20:41:45.0906 2136 isapnp - ok 20:41:45.0969 2136 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 20:41:45.0969 2136 iScsiPrt - ok 20:41:46.0016 2136 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 20:41:46.0016 2136 kbdclass - ok 20:41:46.0047 2136 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 20:41:46.0047 2136 kbdhid - ok 20:41:46.0109 2136 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:41:46.0109 2136 KeyIso - ok 20:41:46.0203 2136 ksaud (cb342c6f3b477c341e4e1c75728f99e9) C:\Windows\system32\drivers\ksaud.sys 20:41:46.0218 2136 ksaud - ok 20:41:46.0234 2136 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 20:41:46.0234 2136 KSecDD - ok 20:41:46.0250 2136 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 20:41:46.0250 2136 KSecPkg - ok 20:41:46.0281 2136 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 20:41:46.0281 2136 ksthunk - ok 20:41:46.0312 2136 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 20:41:46.0328 2136 KtmRm - ok 20:41:46.0374 2136 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 20:41:46.0390 2136 LanmanServer - ok 20:41:46.0437 2136 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 20:41:46.0437 2136 LanmanWorkstation - ok 20:41:46.0499 2136 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 20:41:46.0499 2136 lltdio - ok 20:41:46.0530 2136 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 20:41:46.0546 2136 lltdsvc - ok 20:41:46.0562 2136 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 20:41:46.0577 2136 lmhosts - ok 20:41:46.0608 2136 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 20:41:46.0624 2136 LSI_FC - ok 20:41:46.0624 2136 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 20:41:46.0624 2136 LSI_SAS - ok 20:41:46.0640 2136 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 20:41:46.0655 2136 LSI_SAS2 - ok 20:41:46.0655 2136 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 20:41:46.0655 2136 LSI_SCSI - ok 20:41:46.0671 2136 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 20:41:46.0671 2136 luafv - ok 20:41:46.0733 2136 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 20:41:46.0733 2136 Mcx2Svc - ok 20:41:46.0764 2136 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 20:41:46.0764 2136 megasas - ok 20:41:46.0780 2136 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 20:41:46.0796 2136 MegaSR - ok 20:41:46.0811 2136 MEIx64 (86614752d2fae34ccd9e7b2aaba5fbec) C:\Windows\system32\DRIVERS\HECIx64.sys 20:41:46.0811 2136 MEIx64 - ok 20:41:46.0842 2136 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 20:41:46.0842 2136 MMCSS - ok 20:41:46.0858 2136 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 20:41:46.0858 2136 Modem - ok 20:41:46.0889 2136 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 20:41:46.0889 2136 monitor - ok 20:41:46.0936 2136 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 20:41:46.0936 2136 mouclass - ok 20:41:46.0967 2136 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 20:41:46.0983 2136 mouhid - ok 20:41:47.0014 2136 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 20:41:47.0014 2136 mountmgr - ok 20:41:47.0061 2136 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 20:41:47.0061 2136 mpio - ok 20:41:47.0076 2136 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 20:41:47.0092 2136 mpsdrv - ok 20:41:47.0139 2136 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 20:41:47.0154 2136 MpsSvc - ok 20:41:47.0201 2136 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 20:41:47.0201 2136 MRxDAV - ok 20:41:47.0248 2136 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 20:41:47.0248 2136 mrxsmb - ok 20:41:47.0279 2136 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:41:47.0295 2136 mrxsmb10 - ok 20:41:47.0310 2136 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:41:47.0310 2136 mrxsmb20 - ok 20:41:47.0357 2136 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 20:41:47.0357 2136 msahci - ok 20:41:47.0420 2136 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 20:41:47.0420 2136 msdsm - ok 20:41:47.0451 2136 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 20:41:47.0466 2136 MSDTC - ok 20:41:47.0498 2136 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 20:41:47.0498 2136 Msfs - ok 20:41:47.0513 2136 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 20:41:47.0529 2136 mshidkmdf - ok 20:41:47.0544 2136 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 20:41:47.0544 2136 msisadrv - ok 20:41:47.0560 2136 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 20:41:47.0560 2136 MSiSCSI - ok 20:41:47.0576 2136 msiserver - ok 20:41:47.0607 2136 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 20:41:47.0607 2136 MSKSSRV - ok 20:41:47.0622 2136 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 20:41:47.0622 2136 MSPCLOCK - ok 20:41:47.0622 2136 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 20:41:47.0622 2136 MSPQM - ok 20:41:47.0700 2136 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 20:41:47.0700 2136 MsRPC - ok 20:41:47.0747 2136 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 20:41:47.0747 2136 mssmbios - ok 20:41:47.0763 2136 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 20:41:47.0763 2136 MSTEE - ok 20:41:47.0934 2136 msvsmon90 (cb4a082af58d1a0969f931816d5cfb05) C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe 20:41:48.0028 2136 msvsmon90 - ok 20:41:48.0153 2136 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 20:41:48.0153 2136 MTConfig - ok 20:41:48.0168 2136 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 20:41:48.0168 2136 Mup - ok 20:41:48.0215 2136 mvs91xx (97cca67fcdabb8441149f04b34abf510) C:\Windows\system32\DRIVERS\mvs91xx.sys 20:41:48.0215 2136 mvs91xx - ok 20:41:48.0262 2136 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 20:41:48.0278 2136 napagent - ok 20:41:48.0402 2136 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 20:41:48.0402 2136 NativeWifiP - ok 20:41:48.0574 2136 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 20:41:48.0590 2136 NDIS - ok 20:41:48.0621 2136 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 20:41:48.0636 2136 NdisCap - ok 20:41:48.0652 2136 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 20:41:48.0652 2136 NdisTapi - ok 20:41:48.0699 2136 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 20:41:48.0699 2136 Ndisuio - ok 20:41:48.0761 2136 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 20:41:48.0761 2136 NdisWan - ok 20:41:48.0792 2136 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 20:41:48.0792 2136 NDProxy - ok 20:41:48.0839 2136 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 20:41:48.0839 2136 NetBIOS - ok 20:41:48.0886 2136 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 20:41:48.0886 2136 NetBT - ok 20:41:48.0933 2136 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:41:48.0933 2136 Netlogon - ok 20:41:48.0980 2136 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 20:41:48.0980 2136 Netman - ok 20:41:49.0229 2136 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:41:49.0245 2136 NetMsmqActivator - ok 20:41:49.0276 2136 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:41:49.0276 2136 NetPipeActivator - ok 20:41:49.0354 2136 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 20:41:49.0370 2136 netprofm - ok 20:41:49.0619 2136 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:41:49.0619 2136 NetTcpActivator - ok 20:41:49.0619 2136 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:41:49.0619 2136 NetTcpPortSharing - ok 20:41:49.0744 2136 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 20:41:49.0744 2136 nfrd960 - ok 20:41:49.0806 2136 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 20:41:49.0806 2136 NlaSvc - ok 20:41:49.0838 2136 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 20:41:49.0838 2136 Npfs - ok 20:41:49.0853 2136 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 20:41:49.0853 2136 nsi - ok 20:41:49.0869 2136 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 20:41:49.0869 2136 nsiproxy - ok 20:41:49.0947 2136 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 20:41:49.0994 2136 Ntfs - ok 20:41:50.0056 2136 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 20:41:50.0056 2136 Null - ok 20:41:50.0118 2136 NVHDA (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys 20:41:50.0118 2136 NVHDA - ok 20:41:50.0384 2136 nvlddmkm (9c1996dd3c0469bc8933321f15709f5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys 20:41:50.0430 2136 nvlddmkm - ok 20:41:50.0508 2136 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 20:41:50.0508 2136 nvraid - ok 20:41:50.0555 2136 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 20:41:50.0571 2136 nvstor - ok 20:41:50.0602 2136 nvsvc (39f933ca2798156b0b7a19d104b73b9a) C:\Windows\system32\nvvsvc.exe 20:41:50.0602 2136 nvsvc - ok 20:41:50.0711 2136 nvUpdatusService (4e5c5d88eb0a8d21824d5a3eb7327e69) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 20:41:50.0758 2136 nvUpdatusService - ok 20:41:50.0883 2136 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 20:41:50.0898 2136 nv_agp - ok 20:41:50.0930 2136 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 20:41:50.0930 2136 ohci1394 - ok 20:41:50.0945 2136 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 20:41:50.0961 2136 p2pimsvc - ok 20:41:50.0976 2136 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 20:41:50.0976 2136 p2psvc - ok 20:41:51.0008 2136 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 20:41:51.0008 2136 Parport - ok 20:41:51.0054 2136 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 20:41:51.0054 2136 partmgr - ok 20:41:51.0070 2136 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 20:41:51.0086 2136 PcaSvc - ok 20:41:51.0101 2136 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 20:41:51.0117 2136 pci - ok 20:41:51.0148 2136 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 20:41:51.0148 2136 pciide - ok 20:41:51.0179 2136 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 20:41:51.0179 2136 pcmcia - ok 20:41:51.0195 2136 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 20:41:51.0195 2136 pcw - ok 20:41:51.0226 2136 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 20:41:51.0242 2136 PEAUTH - ok 20:41:51.0288 2136 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 20:41:51.0288 2136 PerfHost - ok 20:41:51.0366 2136 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 20:41:51.0382 2136 pla - ok 20:41:51.0444 2136 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 20:41:51.0460 2136 PlugPlay - ok 20:41:51.0491 2136 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 20:41:51.0491 2136 PNRPAutoReg - ok 20:41:51.0507 2136 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 20:41:51.0522 2136 PNRPsvc - ok 20:41:51.0585 2136 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys 20:41:51.0585 2136 Point64 - ok 20:41:51.0663 2136 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 20:41:51.0678 2136 PolicyAgent - ok 20:41:51.0694 2136 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 20:41:51.0710 2136 Power - ok 20:41:51.0912 2136 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 20:41:51.0912 2136 PptpMiniport - ok 20:41:51.0944 2136 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 20:41:51.0944 2136 Processor - ok 20:41:51.0990 2136 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 20:41:51.0990 2136 ProfSvc - ok 20:41:52.0037 2136 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:41:52.0037 2136 ProtectedStorage - ok 20:41:52.0100 2136 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 20:41:52.0100 2136 Psched - ok 20:41:52.0146 2136 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 20:41:52.0178 2136 ql2300 - ok 20:41:52.0178 2136 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 20:41:52.0178 2136 ql40xx - ok 20:41:52.0209 2136 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 20:41:52.0209 2136 QWAVE - ok 20:41:52.0224 2136 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 20:41:52.0224 2136 QWAVEdrv - ok 20:41:52.0240 2136 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 20:41:52.0240 2136 RasAcd - ok 20:41:52.0271 2136 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 20:41:52.0271 2136 RasAgileVpn - ok 20:41:52.0287 2136 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 20:41:52.0287 2136 RasAuto - ok 20:41:52.0318 2136 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 20:41:52.0334 2136 Rasl2tp - ok 20:41:52.0396 2136 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 20:41:52.0396 2136 RasMan - ok 20:41:52.0427 2136 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 20:41:52.0427 2136 RasPppoe - ok 20:41:52.0427 2136 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 20:41:52.0427 2136 RasSstp - ok 20:41:52.0474 2136 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 20:41:52.0474 2136 rdbss - ok 20:41:52.0490 2136 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 20:41:52.0505 2136 rdpbus - ok 20:41:52.0505 2136 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 20:41:52.0505 2136 RDPCDD - ok 20:41:52.0521 2136 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 20:41:52.0521 2136 RDPENCDD - ok 20:41:52.0536 2136 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 20:41:52.0536 2136 RDPREFMP - ok 20:41:52.0552 2136 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 20:41:52.0552 2136 RDPWD - ok 20:41:52.0599 2136 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 20:41:52.0599 2136 rdyboost - ok 20:41:52.0630 2136 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 20:41:52.0646 2136 RemoteAccess - ok 20:41:52.0661 2136 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 20:41:52.0661 2136 RemoteRegistry - ok 20:41:52.0692 2136 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 20:41:52.0692 2136 RpcEptMapper - ok 20:41:52.0708 2136 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 20:41:52.0708 2136 RpcLocator - ok 20:41:52.0755 2136 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 20:41:52.0755 2136 RpcSs - ok 20:41:52.0770 2136 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 20:41:52.0786 2136 rspndr - ok 20:41:52.0817 2136 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:41:52.0833 2136 SamSs - ok 20:41:52.0880 2136 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 20:41:52.0880 2136 SASDIFSV - ok 20:41:52.0911 2136 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 20:41:52.0911 2136 SASKUTIL - ok 20:41:52.0973 2136 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 20:41:52.0973 2136 sbp2port - ok 20:41:53.0004 2136 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 20:41:53.0004 2136 SCardSvr - ok 20:41:53.0051 2136 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 20:41:53.0051 2136 scfilter - ok 20:41:53.0114 2136 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 20:41:53.0160 2136 Schedule - ok 20:41:53.0285 2136 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 20:41:53.0363 2136 SCPolicySvc - ok 20:41:53.0441 2136 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 20:41:53.0441 2136 SDRSVC - ok 20:41:53.0488 2136 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 20:41:53.0488 2136 secdrv - ok 20:41:53.0535 2136 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 20:41:53.0535 2136 seclogon - ok 20:41:53.0597 2136 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 20:41:53.0613 2136 SENS - ok 20:41:53.0628 2136 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 20:41:53.0644 2136 SensrSvc - ok 20:41:53.0675 2136 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 20:41:53.0675 2136 Serenum - ok 20:41:53.0706 2136 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 20:41:53.0706 2136 Serial - ok 20:41:53.0769 2136 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 20:41:53.0769 2136 sermouse - ok 20:41:53.0816 2136 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 20:41:53.0831 2136 SessionEnv - ok 20:41:53.0847 2136 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 20:41:53.0847 2136 sffdisk - ok 20:41:53.0878 2136 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 20:41:53.0878 2136 sffp_mmc - ok 20:41:53.0894 2136 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 20:41:53.0894 2136 sffp_sd - ok 20:41:53.0925 2136 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 20:41:53.0925 2136 sfloppy - ok 20:41:53.0940 2136 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 20:41:53.0956 2136 SharedAccess - ok 20:41:54.0003 2136 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 20:41:54.0018 2136 ShellHWDetection - ok 20:41:54.0034 2136 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 20:41:54.0050 2136 SiSRaid2 - ok 20:41:54.0050 2136 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 20:41:54.0050 2136 SiSRaid4 - ok 20:41:54.0143 2136 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe 20:41:54.0143 2136 SkypeUpdate - ok 20:41:54.0221 2136 Smart TimeLock (101556f6216e97f1258d87c38203695f) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe 20:41:54.0221 2136 Smart TimeLock - ok 20:41:54.0299 2136 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 20:41:54.0315 2136 Smb - ok 20:41:54.0377 2136 SNMP (ca62ae004e98374bf7f082cd765eea02) C:\Windows\System32\snmp.exe 20:41:54.0377 2136 SNMP - ok 20:41:54.0424 2136 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 20:41:54.0424 2136 SNMPTRAP - ok 20:41:54.0455 2136 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 20:41:54.0455 2136 spldr - ok 20:41:54.0502 2136 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 20:41:54.0502 2136 Spooler - ok 20:41:54.0611 2136 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 20:41:54.0627 2136 sppsvc - ok 20:41:54.0642 2136 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 20:41:54.0642 2136 sppuinotify - ok 20:41:54.0689 2136 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 20:41:54.0705 2136 srv - ok 20:41:54.0752 2136 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 20:41:54.0752 2136 srv2 - ok 20:41:54.0783 2136 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 20:41:54.0798 2136 srvnet - ok 20:41:54.0830 2136 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 20:41:54.0845 2136 SSDPSRV - ok 20:41:54.0845 2136 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 20:41:54.0861 2136 SstpSvc - ok 20:41:54.0954 2136 ssudmdm (78cd64791f8634cf7b582fd085e57c4b) C:\Windows\system32\DRIVERS\ssudmdm.sys 20:41:54.0954 2136 ssudmdm - ok 20:41:55.0017 2136 Steam Client Service - ok 20:41:55.0048 2136 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 20:41:55.0064 2136 stexstor - ok 20:41:55.0173 2136 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 20:41:55.0188 2136 stisvc - ok 20:41:55.0282 2136 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 20:41:55.0282 2136 swenum - ok 20:41:55.0344 2136 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 20:41:55.0360 2136 swprv - ok 20:41:55.0422 2136 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 20:41:55.0438 2136 SysMain - ok 20:41:55.0485 2136 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 20:41:55.0485 2136 TabletInputService - ok 20:41:55.0516 2136 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 20:41:55.0516 2136 TapiSrv - ok 20:41:55.0547 2136 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 20:41:55.0547 2136 TBS - ok 20:41:55.0641 2136 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 20:41:55.0672 2136 Tcpip - ok 20:41:55.0734 2136 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 20:41:55.0750 2136 TCPIP6 - ok 20:41:55.0781 2136 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 20:41:55.0781 2136 tcpipreg - ok 20:41:55.0812 2136 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 20:41:55.0812 2136 TDPIPE - ok 20:41:55.0844 2136 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 20:41:55.0844 2136 TDTCP - ok 20:41:55.0890 2136 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 20:41:55.0890 2136 tdx - ok 20:41:56.0187 2136 TeamViewer7 (a4d2ce94b028ef1e437cf4ac3d8ff26c) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe 20:41:56.0218 2136 TeamViewer7 - ok 20:41:56.0343 2136 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 20:41:56.0343 2136 TermDD - ok 20:41:56.0405 2136 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 20:41:56.0405 2136 TermService - ok 20:41:56.0436 2136 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 20:41:56.0452 2136 Themes - ok 20:41:56.0468 2136 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 20:41:56.0468 2136 THREADORDER - ok 20:41:56.0499 2136 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 20:41:56.0499 2136 TrkWks - ok 20:41:56.0577 2136 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 20:41:56.0577 2136 TrustedInstaller - ok 20:41:56.0639 2136 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 20:41:56.0639 2136 tssecsrv - ok 20:41:56.0733 2136 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 20:41:56.0733 2136 TsUsbFlt - ok 20:41:56.0826 2136 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 20:41:56.0826 2136 tunnel - ok 20:41:56.0858 2136 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 20:41:56.0858 2136 uagp35 - ok 20:41:56.0936 2136 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 20:41:56.0936 2136 udfs - ok 20:41:56.0967 2136 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 20:41:56.0967 2136 UI0Detect - ok 20:41:57.0029 2136 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 20:41:57.0029 2136 uliagpkx - ok 20:41:57.0092 2136 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 20:41:57.0092 2136 umbus - ok 20:41:57.0123 2136 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 20:41:57.0123 2136 UmPass - ok 20:41:57.0154 2136 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 20:41:57.0154 2136 upnphost - ok 20:41:57.0294 2136 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 20:41:57.0294 2136 usbaudio - ok 20:41:57.0310 2136 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 20:41:57.0326 2136 usbccgp - ok 20:41:57.0372 2136 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 20:41:57.0372 2136 usbcir - ok 20:41:57.0404 2136 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 20:41:57.0404 2136 usbehci - ok 20:41:57.0450 2136 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 20:41:57.0450 2136 usbhub - ok 20:41:57.0482 2136 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 20:41:57.0482 2136 usbohci - ok 20:41:57.0513 2136 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 20:41:57.0513 2136 usbprint - ok 20:41:57.0544 2136 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS 20:41:57.0544 2136 USBSTOR - ok 20:41:57.0575 2136 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 20:41:57.0575 2136 usbuhci - ok 20:41:57.0606 2136 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 20:41:57.0606 2136 UxSms - ok 20:41:57.0653 2136 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:41:57.0653 2136 VaultSvc - ok 20:41:57.0669 2136 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 20:41:57.0684 2136 vdrvroot - ok 20:41:57.0731 2136 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 20:41:57.0731 2136 vds - ok 20:41:57.0778 2136 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 20:41:57.0778 2136 vga - ok 20:41:57.0794 2136 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 20:41:57.0794 2136 VgaSave - ok 20:41:57.0856 2136 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 20:41:57.0872 2136 vhdmp - ok 20:41:57.0887 2136 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 20:41:57.0887 2136 viaide - ok 20:41:57.0918 2136 VirtDiskBus (ff7c6e015aa32fc6be0aef582b802332) C:\Windows\system32\DRIVERS\VirtDiskBus64.sys 20:41:57.0918 2136 VirtDiskBus - ok 20:41:57.0950 2136 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 20:41:57.0950 2136 volmgr - ok 20:41:58.0043 2136 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 20:41:58.0043 2136 volmgrx - ok 20:41:58.0074 2136 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 20:41:58.0074 2136 volsnap - ok 20:41:58.0106 2136 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 20:41:58.0106 2136 vsmraid - ok 20:41:58.0168 2136 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 20:41:58.0215 2136 VSS - ok 20:41:58.0230 2136 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 20:41:58.0230 2136 vwifibus - ok 20:41:58.0262 2136 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 20:41:58.0262 2136 W32Time - ok 20:41:58.0277 2136 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 20:41:58.0277 2136 WacomPen - ok 20:41:58.0340 2136 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 20:41:58.0340 2136 WANARP - ok 20:41:58.0340 2136 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 20:41:58.0340 2136 Wanarpv6 - ok 20:41:58.0418 2136 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 20:41:58.0433 2136 WatAdminSvc - ok 20:41:58.0511 2136 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 20:41:58.0542 2136 wbengine - ok 20:41:58.0574 2136 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 20:41:58.0589 2136 WbioSrvc - ok 20:41:58.0636 2136 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 20:41:58.0652 2136 wcncsvc - ok 20:41:58.0683 2136 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 20:41:58.0683 2136 WcsPlugInService - ok 20:41:58.0714 2136 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 20:41:58.0714 2136 Wd - ok 20:41:58.0745 2136 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 20:41:58.0761 2136 Wdf01000 - ok 20:41:58.0776 2136 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 20:41:58.0776 2136 WdiServiceHost - ok 20:41:58.0808 2136 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 20:41:58.0808 2136 WdiSystemHost - ok 20:41:58.0870 2136 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 20:41:58.0886 2136 WebClient - ok 20:41:58.0901 2136 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 20:41:58.0917 2136 Wecsvc - ok 20:41:58.0948 2136 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 20:41:58.0948 2136 wercplsupport - ok 20:41:58.0964 2136 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 20:41:58.0979 2136 WerSvc - ok 20:41:59.0010 2136 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 20:41:59.0026 2136 WfpLwf - ok 20:41:59.0042 2136 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 20:41:59.0042 2136 WIMMount - ok 20:41:59.0073 2136 WinDefend - ok 20:41:59.0073 2136 WinHttpAutoProxySvc - ok 20:41:59.0104 2136 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 20:41:59.0120 2136 Winmgmt - ok 20:41:59.0198 2136 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 20:41:59.0244 2136 WinRM - ok 20:41:59.0322 2136 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\drivers\WinUsb.sys 20:41:59.0322 2136 WinUsb - ok 20:41:59.0385 2136 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 20:41:59.0400 2136 Wlansvc - ok 20:41:59.0525 2136 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 20:41:59.0556 2136 wlidsvc - ok 20:41:59.0681 2136 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 20:41:59.0681 2136 WmiAcpi - ok 20:41:59.0712 2136 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 20:41:59.0728 2136 wmiApSrv - ok 20:41:59.0775 2136 WMPNetworkSvc - ok 20:41:59.0790 2136 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 20:41:59.0806 2136 WPCSvc - ok 20:41:59.0853 2136 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 20:41:59.0868 2136 WPDBusEnum - ok 20:41:59.0900 2136 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 20:41:59.0900 2136 ws2ifsl - ok 20:41:59.0915 2136 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 20:41:59.0931 2136 wscsvc - ok 20:41:59.0931 2136 WSearch - ok 20:41:59.0993 2136 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 20:42:00.0040 2136 wuauserv - ok 20:42:00.0102 2136 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 20:42:00.0102 2136 WudfPf - ok 20:42:00.0134 2136 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\drivers\WUDFRd.sys 20:42:00.0149 2136 WUDFRd - ok 20:42:00.0180 2136 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 20:42:00.0196 2136 wudfsvc - ok 20:42:00.0227 2136 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 20:42:00.0243 2136 WwanSvc - ok 20:42:00.0274 2136 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 20:42:00.0321 2136 \Device\Harddisk0\DR0 - ok 20:42:00.0336 2136 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk1\DR1 20:42:00.0336 2136 \Device\Harddisk1\DR1 - ok 20:42:00.0336 2136 MBR (0x1B8) (739b36f7a373fc81121d831231b6d311) \Device\Harddisk2\DR2 20:42:00.0399 2136 \Device\Harddisk2\DR2 - ok 20:42:00.0399 2136 Boot (0x1200) (aa63b7927980ff2d703d4121f06612dd) \Device\Harddisk0\DR0\Partition0 20:42:00.0399 2136 \Device\Harddisk0\DR0\Partition0 - ok 20:42:00.0414 2136 Boot (0x1200) (a83f29b9bd9e9df4eb0a0fa4f0a9a6c5) \Device\Harddisk0\DR0\Partition1 20:42:00.0414 2136 \Device\Harddisk0\DR0\Partition1 - ok 20:42:00.0414 2136 Boot (0x1200) (7994ba2c5079a639626ca539ddde5ec6) \Device\Harddisk1\DR1\Partition0 20:42:00.0414 2136 \Device\Harddisk1\DR1\Partition0 - ok 20:42:00.0414 2136 Boot (0x1200) (a30eea7f5d521bd0d121b59483cb280e) \Device\Harddisk2\DR
[ Ignorer ] [ # 6 ] MapleBoy
18.04.2012 20:51:01 Antal indlæg: 13	aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software Run date: 2012-04-18 20:43:40 ——————————————- 20:43:40.010 OS Version: Windows x64 6.1.7601 Service Pack 1 20:43:40.010 Number of processors: 8 586 0x2D07 20:43:40.010 ComputerName: ANDREAS-PC UserName: Andreas 20:43:41.350 Initialize success 20:43:41.444 AVAST engine defs: 12041801 20:44:05.858 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000064 20:44:05.858 Disk 0 Vendor: ATA_____ KC43 Size: 476940MB BusType: 11 20:44:05.873 Disk 0 MBR read successfully 20:44:05.873 Disk 0 MBR scan 20:44:05.873 Disk 0 Windows 7 default MBR code 20:44:05.873 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048 20:44:05.889 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848 20:44:05.904 Disk 0 scanning C:\Windows\system32\drivers 20:44:15.140 Service scanning 20:44:33.610 Modules scanning 20:44:33.610 Disk 0 trace - called modules: 20:44:33.641 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys ACPI.sys storport.sys hal.dll iaStorA.sys 20:44:33.641 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800e0d1790] 20:44:33.657 3 CLASSPNP.SYS[fffff8800480143f] -> nt!IofCallDriver -> [0xfffffa800dfcfb60] 20:44:33.657 5 iaStorF.sys[fffff88004b9b2fa] -> nt!IofCallDriver -> [0xfffffa800dda63c0] 20:44:33.672 7 ACPI.sys[fffff88000f8a7a1] -> nt!IofCallDriver -> \Device\00000064[0xfffffa800dd193f0] 20:44:34.983 AVAST engine scan C:\Windows 20:44:37.042 AVAST engine scan C:\Windows\system32 20:46:41.608 AVAST engine scan C:\Windows\system32\drivers 20:46:51.639 AVAST engine scan C:\Users\Andreas 20:48:23.648 AVAST engine scan C:\ProgramData 20:49:20.292 Scan finished successfully 20:50:24.408 Disk 0 MBR has been saved successfully to “C:\Users\Andreas\Desktop\MBR.dat” 20:50:24.408 The log file has been saved successfully to “C:\Users\Andreas\Desktop\aswMBR.txt”
[ Ignorer ] [ # 7 ] MapleBoy
19.04.2012 07:51:24 Antal indlæg: 13	Da jeg startede computeren for lidt siden støtte jeg på en ny fil på mit skrivebord jeg ikke selv mener jeg har lagt der kaldet MBR.dat. jeg har ingen anelse om hvad det er, så googlede filen og åbenbart lige den fil var der 21% risiko for at være en virus. jeg kørte den selv via virustotal men den ser clean ud for mig. nu tænker jeg bare eftersom der står at MBR.dat filen hører med til GOM player, at om det så kan være den GOM player der er noget galt med. Har aldrig brugt GOM player før men har læst mig frem til at det skulle være godt. /Andreas
[ Ignorer ] [ # 8 ] f-arn TeamSpywarefri
19.04.2012 08:43:32 Administrator Team Spywarefri Antal indlæg: 7044	MBR.dat blev lavet af aswMBR, som du kørte i går. 20:50:24.408 Disk 0 MBR has been saved successfully to “C:\Users\Andreas\Desktop\MBR.dat” Jeg ser ingen tegn på infektioner, men la’ os prøve en anden scanner. ——— Download OTL af OldTimer og gem den på dit skrivebord. Start OTL Vista og Windows 7 - højreklik på filen - Kør som Administrator. Øverst sætter du flueben i “Scan All Users” I nederste højre hjørne af det øverste panel, sæt fluben ved “LOP Check” og “Purity Check”. I boksen “Custom Scans/Fixes” kopierer du det fremhævede ind. netsvcs drivers32 msconfig activex set /c /md5start iexplore.exe volsnap.sys consrv.dll hlp.dat /md5stop %SYSTEMDRIVE%\. %systemroot%\. /rp /s %systemroot%\. /mp /s %USERPROFILE%\..\|smtmp;true;true;true /FP %programfiles%\. CREATERESTOREPOINT HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\|LastSuccessTime /rs Luk alle åbne vinduer og klik på “Run Scan*” øverst til venstre og lad programmet køre. Scanningen kan tage 5-10 minutter. Det vil give to logfiler på skrivebordet, OTL.txt og Extras.txt. Så kopier følgende ind i dit næste indlæg (i rækkefølge): Indholdet af OTL.txt Indholdet af Extras.txt Da de er forholdsvis lange, kan du blive nødt til at sende dem i flere indlæg. Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 9 ] MapleBoy
19.04.2012 11:11:43 Antal indlæg: 13	OTL logfile created on: 19-04-2012 10:55:20 - Run 1 OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Andreas\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16443) Locale: 00000406 \| Country: Danmark \| Language: DAN \| Date Format: dd-MM-yyyy 15,95 Gb Total Physical Memory \| 12,94 Gb Available Physical Memory \| 81,09% Memory free 31,91 Gb Paging File \| 28,77 Gb Available in Paging File \| 90,18% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files (x86) Drive C: \| 465,66 Gb Total Space \| 354,59 Gb Free Space \| 76,15% Space Free \| Partition Type: NTFS Unable to calculate disk information. Drive E: \| 465,76 Gb Total Space \| 372,15 Gb Free Space \| 79,90% Space Free \| Partition Type: NTFS Computer Name: ANDREAS-PC \| User Name: Andreas \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: All users \| Include 64bit Scans Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012-04-19 10:53:24 \| 000,595,968 \|——\| M] (OldTimer Tools)—C:\Users\Andreas\Downloads\OTL.exe PRC - [2012-04-12 08:46:42 \| 026,950,560 \|——\| M] (Dropbox, Inc.)—C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2012-04-04 23:44:46 \| 000,489,256 \|——\| M] (Valve Corporation)—C:\Program Files (x86)\Common Files\Steam\SteamService.exe PRC - [2012-04-04 23:39:51 \| 001,242,448 \|——\| M] (Valve Corporation)—C:\Games\Steam\Steam.exe PRC - [2012-03-19 13:38:47 \| 002,666,880 \|——\| M] (TeamViewer GmbH)—C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012-03-07 01:15:17 \| 004,241,512 \|——\| M] (AVAST Software)—C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012-03-07 01:15:14 \| 000,044,768 \|——\| M] (AVAST Software)—C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2011-09-14 23:41:58 \| 000,286,720 \|——\| M] (Intel Corporation)—C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe PRC - [2011-09-14 23:41:58 \| 000,007,168 \|——\| M] (Intel Corporation)—C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe PRC - [2011-08-25 10:19:44 \| 003,526,144 \|——\| M] (Creative Technology Ltd)—C:\Program Files (x86)\Creative\Sound Blaster Recon3D\Sound Blaster Recon3D Control Panel\SBRecon.exe PRC - [2011-08-03 13:50:00 \| 002,255,464 \| R—- \| M] (NVIDIA Corporation)—C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011-06-06 12:55:28 \| 000,064,952 \|——\| M] (Adobe Systems Incorporated)—C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-01-17 16:37:42 \| 011,322,880 \|——\| M] (OpenOffice.org)—C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2011-01-17 16:37:42 \| 011,314,688 \|——\| M] (OpenOffice.org)—C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2010-04-22 15:05:26 \| 001,011,712 \|——\| M] (Gigabyte Technology CO., LTD.)—C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe PRC - [2010-03-18 13:16:28 \| 000,130,384 \|——\| M] (Microsoft Corporation)—C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe PRC - [2009-10-13 16:39:46 \| 000,114,688 \|——\| M] (Gigabyte Technology CO., LTD.)—C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe ========== Modules (No Company Name) ========== MOD - [2012-04-18 08:49:58 \| 001,358,336 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\99f03be29e7f6de2f4bc278b83f0761b\System.WorkflowServices.ni.dll MOD - [2012-04-18 08:49:44 \| 001,707,008 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\0113a0162fe157bb4f0130a60bbcad1a\System.ServiceModel.Web.ni.dll MOD - [2012-04-18 08:48:23 \| 001,083,392 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d939fca96c3645bb8806ea8ae43cc0ca\System.IdentityModel.ni.dll MOD - [2012-04-18 08:48:22 \| 002,347,008 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bc96c5c6e644452270ff7c3d066ff713\System.Runtime.Serialization.ni.dll MOD - [2012-04-18 08:48:21 \| 000,256,000 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\281b67b96a2dd473dad4d222da0ca514\SMDiagnostics.ni.dll MOD - [2012-04-18 08:48:20 \| 017,478,656 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b74950292d5681795d9d2c1a72a79952\System.ServiceModel.ni.dll MOD - [2012-04-18 08:48:09 \| 000,028,672 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvcInt#\99f9d4d676e57711ec489761cccfc68f\IAStorDataMgrSvcInterfaces.ni.dll MOD - [2012-04-18 08:48:08 \| 000,032,256 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\bd182535f785cce2b9ae5bd8778fa8e9\IAStorCommon.ni.dll MOD - [2012-04-18 08:48:06 \| 000,335,360 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\a2016538af568ccd858f4ceff5e6fbe1\IAStorUtil.ni.dll MOD - [2012-04-17 12:43:50 \| 000,368,128 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\74fcc0f56435d0396f9524cd4293d3e5\PresentationFramework.Aero.ni.dll MOD - [2012-04-17 12:43:43 \| 011,833,344 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\42ae8760f0a74ab774e82a64368aa1f6\System.Web.ni.dll MOD - [2012-04-17 12:43:31 \| 014,339,072 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\02f7846cbc5c02a5dbf50fd34325eb61\PresentationFramework.ni.dll MOD - [2012-04-17 12:43:24 \| 012,433,408 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll MOD - [2012-04-17 12:43:20 \| 001,587,200 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll MOD - [2012-04-17 12:43:19 \| 000,060,928 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\bb1d36ae26e7cadf563061596682e747\UIAutomationProvider.ni.dll MOD - [2012-04-17 12:43:18 \| 012,234,752 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f4b2424c1b32fbd11130482bb899b7ae\PresentationCore.ni.dll MOD - [2012-04-17 12:43:18 \| 000,025,600 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\31fce331fded94dd06627603f6fe4562\Accessibility.ni.dll MOD - [2012-04-17 12:43:12 \| 003,347,968 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll MOD - [2012-04-17 12:43:09 \| 005,453,312 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll MOD - [2012-04-17 12:43:07 \| 007,967,232 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll MOD - [2012-04-17 12:43:07 \| 000,971,264 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll MOD - [2012-04-17 12:43:04 \| 011,490,304 \|——\| M] ()—C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll MOD - [2012-04-12 11:03:42 \| 000,036,864 \|——\| M] ()—C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Diagnostics.ServiceModelSink\3.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Diagnostics.ServiceModelSink.dll MOD - [2012-04-10 07:41:45 \| 000,985,088 \|——\| M] ()—C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll MOD - [2012-04-04 23:44:45 \| 020,297,512 \|——\| M] ()—C:\Games\Steam\bin\libcef.dll MOD - [2012-04-04 23:44:45 \| 001,099,576 \|——\| M] ()—C:\Games\Steam\bin\avcodec-53.dll MOD - [2012-04-04 23:44:45 \| 000,907,048 \|——\| M] ()—C:\Games\Steam\bin\chromehtml.dll MOD - [2012-04-04 23:44:45 \| 000,190,776 \|——\| M] ()—C:\Games\Steam\bin\avformat-53.dll MOD - [2012-04-04 23:44:45 \| 000,123,192 \|——\| M] ()—C:\Games\Steam\bin\avutil-51.dll MOD - [2011-08-17 16:21:36 \| 000,242,688 \|——\| M] ()—C:\Windows\SysWOW64\APOMngr.DLL MOD - [2011-08-17 15:45:34 \| 000,074,240 \|——\| M] ()—C:\Windows\SysWOW64\CmdRtr.DLL ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012-04-12 11:08:05 \| 001,431,888 \|——\| M] (Flexera Software, Inc.) [On_Demand \| Stopped]—C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe—(FLEXnet Licensing Service 64) SRV:64bit: - [2012-03-07 01:15:14 \| 000,044,768 \|——\| M] (AVAST Software) [Auto \| Running]—C:\Program Files\AVAST Software\Avast\AvastSvc.exe—(avast! Antivirus) SRV:64bit: - [2011-08-12 01:38:04 \| 000,140,672 \|——\| M] (SUPERAntiSpyware.com) [Auto \| Running]—C:\Program Files\SUPERAntiSpyware\SASCore64.exe—(!SASCORE) SRV:64bit: - [2011-06-29 10:51:26 \| 000,171,688 \|——\| M] (Intel Corporation) [Auto \| Running]—C:\Windows\SysNative\IPROSetMonitor.exe—(Intel(R) PROSet Monitoring Service) Intel(R) SRV:64bit: - [2010-11-20 15:25:18 \| 000,049,664 \|——\| M] (Microsoft Corporation) [Auto \| Running]—C:\Windows\SysNative\snmp.exe—(SNMP) SRV:64bit: - [2010-04-06 16:30:38 \| 000,031,272 \|——\| M] () [On_Demand \| Stopped]—C:\Windows\SysNative\AppleChargerSrv.exe—(AppleChargerSrv) SRV:64bit: - [2009-07-14 03:41:27 \| 001,011,712 \|——\| M] (Microsoft Corporation) [Auto \| Running]—C:\Program Files\Windows Defender\MpSvc.dll—(WinDefend) SRV:64bit: - [2008-07-29 13:20:28 \| 004,737,024 \|——\| M] (Microsoft Corporation) [Disabled \| Stopped]—C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe—(msvsmon90) SRV - [2012-04-13 20:40:23 \| 000,253,088 \|——\| M] (Adobe Systems Incorporated) [On_Demand \| Stopped]—C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe—(AdobeFlashPlayerUpdateSvc) SRV - [2012-04-06 00:30:36 \| 000,079,360 \|——\| M] (Creative Labs) [On_Demand \| Stopped]—C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe—(Creative Media Toolbox 6 Licensing Service) SRV - [2012-04-06 00:07:14 \| 000,079,360 \|——\| M] (Creative Labs) [On_Demand \| Stopped]—C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe—(Creative Audio Engine Licensing Service) SRV - [2012-04-06 00:06:44 \| 000,079,360 \|——\| M] (Creative Labs) [On_Demand \| Stopped]—C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe—(Creative ALchemy AL6 Licensing Service) SRV - [2012-04-04 23:44:46 \| 000,489,256 \|——\| M] (Valve Corporation) [On_Demand \| Running]—C:\Program Files (x86)\Common Files\Steam\SteamService.exe—(Steam Client Service) SRV - [2012-03-19 13:38:47 \| 002,666,880 \|——\| M] (TeamViewer GmbH) [Auto \| Running]—C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe—(TeamViewer7) SRV - [2012-02-29 08:50:48 \| 000,158,856 \| R—- \| M] (Skype Technologies) [Auto \| Stopped]—C:\Program Files (x86)\Skype\Updater\Updater.exe—(SkypeUpdate) SRV - [2011-09-14 23:41:58 \| 000,007,168 \|——\| M] (Intel Corporation) [Auto \| Running]—C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe—(IAStorDataMgrSvc) Intel(R) SRV - [2011-08-03 13:50:00 \| 002,255,464 \| R—- \| M] (NVIDIA Corporation) [Auto \| Running]—C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe—(nvUpdatusService) SRV - [2011-06-06 12:55:28 \| 000,064,952 \|——\| M] (Adobe Systems Incorporated) [Auto \| Running]—C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe—(AdobeARMservice) SRV - [2010-11-20 14:17:42 \| 000,047,616 \|——\| M] (Microsoft Corporation) [Auto \| Running]—C:\Windows\SysWOW64\snmp.exe—(SNMP) SRV - [2010-03-18 13:16:28 \| 000,130,384 \|——\| M] (Microsoft Corporation) [Auto \| Running]—C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe—(clr_optimization_v4.0.30319_32) SRV - [2009-10-13 16:39:46 \| 000,114,688 \|——\| M] (Gigabyte Technology CO., LTD.) [Auto \| Running]—C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe—(Smart TimeLock) SRV - [2009-06-10 23:23:09 \| 000,066,384 \|——\| M] (Microsoft Corporation) [Disabled \| Stopped]—C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe—(clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012-03-07 01:04:06 \| 000,819,032 \|——\| M] (AVAST Software) [File_System \| System \| Running]—C:\Windows\SysNative\drivers\aswSnx.sys—(aswSnx) DRV:64bit: - [2012-03-07 01:04:04 \| 000,337,240 \|——\| M] (AVAST Software) [Kernel \| System \| Running]—C:\Windows\SysNative\drivers\aswSP.sys—(aswSP) DRV:64bit: - [2012-03-07 01:02:20 \| 000,053,080 \|——\| M] (AVAST Software) [Kernel \| System \| Running]—C:\Windows\SysNative\drivers\aswRdr2.sys—(aswRdr) DRV:64bit: - [2012-03-07 01:01:57 \| 000,059,224 \|——\| M] (AVAST Software) [Kernel \| System \| Running]—C:\Windows\SysNative\drivers\aswTdi.sys—(aswTdi) DRV:64bit: - [2012-03-07 01:01:52 \| 000,069,976 \|——\| M] (AVAST Software) [File_System \| Auto \| Running]—C:\Windows\SysNative\drivers\aswMonFlt.sys—(aswMonFlt) DRV:64bit: - [2012-03-07 01:01:32 \| 000,024,408 \|——\| M] (AVAST Software) [File_System \| Auto \| Running]—C:\Windows\SysNative\drivers\aswFsBlk.sys—(aswFsBlk) DRV:64bit: - [2012-03-01 08:46:16 \| 000,023,408 \|——\| M] (Microsoft Corporation) [Recognizer \| Boot \| Unknown]—C:\Windows\SysNative\drivers\fs_rec.sys—(Fs_Rec) DRV:64bit: - [2012-02-24 11:14:42 \| 000,203,320 \|——\| M] (DEVGURU Co., LTD.(http://www.devguru.co.kr)) [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\ssudmdm.sys—(ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) DRV:64bit: - [2012-02-24 11:14:42 \| 000,099,384 \|——\| M] (DEVGURU Co., LTD.(http://www.devguru.co.kr)) [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\ssudbus.sys—(dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) DRV:64bit: - [2011-11-02 10:48:26 \| 000,021,616 \|——\| M] () [Kernel \| System \| Running]—C:\Windows\SysNative\drivers\AppleCharger.sys—(AppleCharger) DRV:64bit: - [2011-10-04 05:04:29 \| 000,215,296 \|——\| M] (Fresco Logic) [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\drivers\FLxHCIc.sys—(FLxHCIc) Fresco Logic xHCI (USB3) DRV:64bit: - [2011-10-04 05:04:29 \| 000,070,912 \|——\| M] (Fresco Logic) [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\drivers\FLxHCIh.sys—(FLxHCIh) Fresco Logic xHCI (USB3) DRV:64bit: - [2011-09-22 09:49:56 \| 000,056,600 \|——\| M] (Intel Corporation) [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\drivers\HECIx64.sys—(MEIx64) Intel(R) DRV:64bit: - [2011-09-14 23:43:30 \| 000,562,456 \|——\| M] (Intel Corporation) [Kernel \| Boot \| Running]—C:\Windows\SysNative\drivers\iaStorA.sys—(iaStorA) DRV:64bit: - [2011-09-14 23:43:30 \| 000,023,832 \|——\| M] (Intel Corporation) [Kernel \| Boot \| Running]—C:\Windows\SysNative\drivers\iaStorF.sys—(iaStorF) DRV:64bit: - [2011-08-27 18:15:22 \| 001,758,208 \|——\| M] (Creative Technology Ltd.) [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\drivers\ksaud.sys—(ksaud) DRV:64bit: - [2011-08-09 07:42:36 \| 000,315,696 \|——\| M] (Marvell Semiconductor, Inc.) [Kernel \| Boot \| Running]—C:\Windows\SysNative\drivers\mvs91xx.sys—(mvs91xx) DRV:64bit: - [2011-08-01 15:59:06 \| 000,045,416 \|——\| M] (Microsoft Corporation) [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\drivers\point64.sys—(Point64) DRV:64bit: - [2011-07-22 18:26:56 \| 000,014,928 \|——\| M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel \| System \| Running]—C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys—(SASDIFSV) DRV:64bit: - [2011-07-20 03:37:56 \| 000,342,704 \|——\| M] (Intel Corporation) [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\drivers\e1c62x64.sys—(e1cexpress) Intel(R) DRV:64bit: - [2011-07-12 23:55:18 \| 000,012,368 \|——\| M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel \| System \| Running]—C:\Program Files\SUPERAntiSpyware\saskutil64.sys—(SASKUTIL) DRV:64bit: - [2011-05-10 11:41:27 \| 000,174,184 \|——\| M] (NVIDIA Corporation) [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\drivers\nvhda64v.sys—(NVHDA) DRV:64bit: - [2011-03-11 08:41:12 \| 000,107,904 \|——\| M] (Advanced Micro Devices) [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\amdsata.sys—(amdsata) DRV:64bit: - [2011-03-11 08:41:12 \| 000,027,008 \|——\| M] (Advanced Micro Devices) [Kernel \| Boot \| Running]—C:\Windows\SysNative\drivers\amdxata.sys—(amdxata) DRV:64bit: - [2011-02-08 16:02:44 \| 000,066,160 \|——\| M] (Giga-Byte Technology CO., LTD.) [Kernel \| System \| Running]—C:\Windows\SysNative\drivers\VirtDiskBus64.sys—(VirtDiskBus) DRV:64bit: - [2010-11-20 15:33:35 \| 000,078,720 \|——\| M] (Hewlett-Packard Company) [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\HpSAMD.sys—(HpSAMD) DRV:64bit: - [2010-11-20 13:07:05 \| 000,059,392 \|——\| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\TsUsbFlt.sys—(TsUsbFlt) DRV:64bit: - [2009-07-14 03:52:20 \| 000,194,128 \|——\| M] (AMD Technologies Inc.) [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\amdsbs.sys—(amdsbs) DRV:64bit: - [2009-07-14 03:48:04 \| 000,065,600 \|——\| M] (LSI Corporation) [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\lsi_sas2.sys—(LSI_SAS2) DRV:64bit: - [2009-07-14 03:45:55 \| 000,024,656 \|——\| M] (Promise Technology) [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\stexstor.sys—(stexstor) DRV:64bit: - [2009-06-10 22:34:33 \| 003,286,016 \|——\| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\evbda.sys—(ebdrv) DRV:64bit: - [2009-06-10 22:34:28 \| 000,468,480 \|——\| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\bxvbda.sys—(b06bdrv) DRV:64bit: - [2009-06-10 22:34:23 \| 000,270,848 \|——\| M] (Broadcom Corporation) [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\b57nd60a.sys—(b57nd60a) DRV:64bit: - [2009-06-10 22:31:59 \| 000,031,232 \|——\| M] (Hauppauge Computer Works, Inc.) [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\hcw85cir.sys—(hcw85cir) DRV - [2012-04-19 07:39:21 \| 000,025,640 \|——\| M] (Windows (R) Server 2003 DDK provider) [Kernel \| On_Demand \| Running]—C:\Windows\gdrv.sys—(gdrv) DRV - [2012-04-04 23:08:53 \| 000,030,528 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\GVTDrv64.sys—(GVTDrv64) DRV - [2009-07-14 03:19:10 \| 000,019,008 \|——\| M] (Microsoft Corporation) [File_System \| On_Demand \| Stopped]—C:\Windows\SysWOW64\drivers\wimmount.sys—(WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0 IE - HKU\S-1-5-21-2273758202-2905085073-3037150910-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://dk.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2273758202-2905085073-3037150910-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da IE - HKU\S-1-5-21-2273758202-2905085073-3037150910-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 19 72 B1 0A 6E 18 CD 01 [binary data] IE - HKU\S-1-5-21-2273758202-2905085073-3037150910-1000\..\SearchScopes,DefaultScope = {96DEF125-A250-41ac-8A3A-E25FD43E24B7} IE - HKU\S-1-5-21-2273758202-2905085073-3037150910-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2273758202-2905085073-3037150910-1000\..\SearchScopes\{96DEF125-A250-41ac-8A3A-E25FD43E24B7}: “URL” = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV IE - HKU\S-1-5-21-2273758202-2905085073-3037150910-1000\..\SearchScopes\{A23D3B18-1703-4830-8316-ABEE65F16452}: “URL” = http://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH IE - HKU\S-1-5-21-2273758202-2905085073-3037150910-1000\..\SearchScopes\{EAD194CC-48F8-4db0-ACE6-2445C7CDF580}: “URL” = http://www.google.com/cse?cx=partner-pub-3794288947762788:7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com/cse/home?cx=partner-pub-3794288947762788:7941509802&q={searchTerms} IE - HKU\S-1-5-21-2273758202-2905085073-3037150910-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0 IE - HKU\S-1-5-21-2273758202-2905085073-3037150910-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://dk.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2273758202-2905085073-3037150910-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da IE - HKU\S-1-5-21-2273758202-2905085073-3037150910-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 19 72 B1 0A 6E 18 CD 01 [binary data] IE - HKU\S-1-5-21-2273758202-2905085073-3037150910-1001\..\SearchScopes,DefaultScope = {96DEF125-A250-41ac-8A3A-E25FD43E24B7} IE - HKU\S-1-5-21-2273758202-2905085073-3037150910-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: “URL” = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2273758202-2905085073-3037150910-1001\..\SearchScopes\{96DEF125-A250-41ac-8A3A-E25FD43E24B7}: “URL” = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV IE - HKU\S-1-5-21-2273758202-2905085073-3037150910-1001\..\SearchScopes\{A23D3B18-1703-4830-8316-ABEE65F16452}: “URL” = http://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH IE - HKU\S-1-5-21-2273758202-2905085073-3037150910-1001\..\SearchScopes\{EAD194CC-48F8-4db0-ACE6-2445C7CDF580}: “URL” = http://www.google.com/cse?cx=partner-pub-3794288947762788:7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com/cse/home?cx=partner-pub-3794288947762788:7941509802&q={searchTerms} IE - HKU\S-1-5-21-2273758202-2905085073-3037150910-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: “Bing “ FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: “www.google.dk” FF - prefs.js..extensions.enabledItems: .:7.0.1426 FF - prefs.js..extensions.enabledItems: {91c612bf-2a7a-48b8-8c8c-6de28589b7a0}:1.1.8.4 FF - prefs.js..extensions.enabledItems: {91c612bf-2a7a-48b8-8c8c-6de28589b7a1}:1.1.8.4 FF - prefs.js..extensions.enabledItems: {d9284e50-81fc-11da-a72b-0800200c9a66}:7.5.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-04-04 23:21:08 \| 000,000,000 \|—-D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-04-13 17:52:59 \| 000,000,000 \|—-D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-04-16 16:31:44 \| 000,000,000 \|—-D \| M] [2012-04-04 22:53:58 \| 000,000,000 \|—-D \| M] (No name found)—C:\Users\Andreas\AppData\Roaming\Mozilla\Extensions [2012-04-04 22:53:58 \| 000,000,000 \|—-D \| M] (No name found)—C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\zko978wx.default\extensions [2012-04-13 17:47:24 \| 000,001,747 \|——\| M] ()—C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\zko978wx.default\searchplugins\bing.xml [2012-04-13 17:47:24 \| 000,002,187 \|——\| M] ()—C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\zko978wx.default\searchplugins\google.xml [2012-04-13 17:47:24 \| 000,001,019 \|——\| M] ()—C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\zko978wx.default\searchplugins\yahoo.xml [2012-04-13 17:52:59 \| 000,000,000 \|—-D \| M] (No name found)—C:\Program Files (x86)\Mozilla Firefox\extensions [2012-04-04 23:21:08 \| 000,000,000 \|—-D \| M] (avast! WebRep)—C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2012-03-13 06:39:39 \| 000,097,208 \|——\| M] (Mozilla Foundation)—C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012-04-06 19:27:07 \| 000,476,904 \|——\| M] (Sun Microsystems, Inc.)—C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012-03-13 06:38:32 \| 000,002,252 \|——\| M] ()—C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012-03-13 06:38:32 \| 000,002,040 \|——\| M] ()—C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2009-06-10 23:00:26 \| 000,000,824 \|——\| M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:64bit: - HKLM..\Run: [Creative SB Monitoring Utility] C:\Windows\SysNative\SBAVMon.dll (Creative Technology Ltd.) O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [FLxHCIm64] C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe (Windows (R) Win 7 DDK provider) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [Sound Blaster Recon3D Control Panel] C:\Program Files (x86)\Creative\Sound Blaster Recon3D\Sound Blaster Recon3D Control Panel\SBRecon.exe (Creative Technology Ltd) O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2273758202-2905085073-3037150910-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - HKU\S-1-5-21-2273758202-2905085073-3037150910-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2273758202-2905085073-3037150910-1001..\Run: [Steam] C:\Games\Steam\Steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-2273758202-2905085073-3037150910-1001..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4:64bit: - HKLM..\RunOnce: [RPMKickstart] C:\Program Files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe (Gigabyte Technology CO., LTD.) O4 - HKLM..\RunOnce: [GBTUpd] C:\Program Files (x86)\GIGABYTE\UpdManager\PreRun.exe (PreRun) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-21-2273758202-2905085073-3037150910-1001..\RunOnce: [CTAutoUpdate] C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe (Creative Technology Ltd) O4 - HKU\S-1-5-21-2273758202-2905085073-3037150910-1001..\RunOnce: [InetReg] C:\Program Files (x86)\Creative\Product Registration\English\InetReg.exe (Creative Technology Ltd) O4 - HKU\S-1-5-21-2273758202-2905085073-3037150910-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () O4 - Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab (Creative Software AutoUpdate) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2) O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2) O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.10.10.5 212.10.239.244 212.10.10.4 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{506D30DB-7FF5-4E27-B15E-31A8510E8276}: DhcpNameServer = 212.10.10.5 212.10.239.244 212.10.10.4 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012-04-12 08:19:12 \| 000,000,000 \|—-D \| M] - C:\Autodesk—[ NTFS ] O33 - MountPoints2\{9b11c6f5-7e92-11e1-8f09-806e6f6e6963}\Shell - “” = AutoRun O33 - MountPoints2\{9b11c6f5-7e92-11e1-8f09-806e6f6e6963}\Shell\AutoRun\command - “” = D:\Audio\setup.exe O34 - HKLM BootExecute: (autocheck autochk ) O35:64bit:* - HKLM\..comfile [open]—“%1” %* O35:64bit: - HKLM\..exefile [open]—“%1” %* O35 - HKLM\..comfile [open]—“%1” %* O35 - HKLM\..exefile [open]—“%1” %* O37:64bit: - HKLM\...com [@ = comfile]—“%1” %* O37:64bit: - HKLM\...exe [@ = exefile]—“%1” %* O37 - HKLM\...com [@ = comfile]—“%1” %* O37 - HKLM\...exe [@ = exefile]—“%1” %* Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) ActiveX:64bit: {0C972F00-657E-F48D-336F-C252752BD4EA} - Browser Customizations ActiveX:64bit: {1FF0D64A-946E-838C-2D26-17181D1197DC} - Themes Setup ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - “%ProgramFiles%\Windows Mail\WinMail.exe” OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {9389CF5E-5FBC-E4AF-F4B9-43BBE1928819} - Browser Customizations ActiveX:64bit: {BE96B003-4108-160F-B4E2-EC42E37DAEFA} - DirectX ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F0330D4E-D652-2BBE-4AAC-15E5114BF42D} - Offline Browsing Pack ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - “C:\Windows\System32\rundll32.exe” “C:\Windows\System32\iedkcs32.dll”,BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - “%ProgramFiles(x86)%\Windows Mail\WinMail.exe” OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {49B75630-3517-DBB6-593C-2D62ADB4D360} - Browser Customizations ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - “C:\Windows\SysWOW64\rundll32.exe” “C:\Windows\SysWOW64\iedkcs32.dll”,BrandIEActiveSetup SIGNUP CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012-04-19 07:44:20 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{7AEC13A0-39D7-4D2D-958B-40536708482A} [2012-04-19 07:43:51 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{DA0A8C67-2209-4E9F-BCD1-7BDC87EB1E10} [2012-04-18 09:29:16 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{1FCBC01B-3345-44F8-A45F-D8835D96F003} [2012-04-18 09:29:03 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{9D2F238C-7439-4327-BBB5-ED12F9C161FF} [2012-04-17 17:14:12 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\Creative [2012-04-17 16:36:50 \| 000,025,640 \|——\| C] (Windows (R) Server 2003 DDK provider)—C:\Windows\gdrv.sys [2012-04-17 16:33:51 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby [2012-04-17 16:33:50 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Dolby Home Theater v4 [2012-04-17 16:33:28 \| 000,000,000 \|—-D \| C]—C:\Windows\SysWow64\RTCOM [2012-04-17 16:33:28 \| 000,000,000 \|—-D \| C]—C:\Program Files\Realtek [2012-04-17 16:33:01 \| 001,361,336 \|——\| C] (TOSHIBA Corporation)—C:\Windows\SysNative\tosade.dll [2012-04-17 16:33:01 \| 000,177,088 \|——\| C] (TOSHIBA Corporation)—C:\Windows\SysNative\tadefxapo264.dll [2012-04-17 16:33:01 \| 000,148,416 \|——\| C] (TOSHIBA Corporation)—C:\Windows\SysNative\tadefxapo.dll [2012-04-17 16:33:01 \| 000,065,432 \|——\| C] (TOSHIBA CORPORATION.)—C:\Windows\SysNative\tepeqapo64.dll [2012-04-17 16:33:00 \| 002,604,376 \|——\| C] (Waves Audio Ltd.)—C:\Windows\SysNative\WavesGUILib.dll [2012-04-17 16:33:00 \| 000,518,896 \|——\| C] (SRS Labs, Inc.)—C:\Windows\SysNative\SRSTSX64.dll [2012-04-17 16:33:00 \| 000,211,184 \|——\| C] (SRS Labs, Inc.)—C:\Windows\SysNative\SRSTSH64.dll [2012-04-17 16:33:00 \| 000,198,896 \|——\| C] (SRS Labs, Inc.)—C:\Windows\SysNative\SRSHP64.dll [2012-04-17 16:33:00 \| 000,155,888 \|——\| C] (SRS Labs, Inc.)—C:\Windows\SysNative\SRSWOW64.dll [2012-04-17 16:33:00 \| 000,121,744 \|——\| C] (Sony Corporation)—C:\Windows\SysNative\SFSS_APO.dll [2012-04-17 16:32:59 \| 000,332,392 \|——\| C] (Realtek Semiconductor Corp.)—C:\Windows\SysNative\RtlCPAPI64.dll [2012-04-17 16:32:59 \| 000,220,512 \|——\| C] (Synopsys, Inc.)—C:\Windows\SysNative\SFNHK64.dll [2012-04-17 16:32:59 \| 000,081,248 \|——\| C] (Synopsys, Inc.)—C:\Windows\SysNative\SFCOM64.dll [2012-04-17 16:32:59 \| 000,078,176 \|——\| C] (Synopsys, Inc.)—C:\Windows\SysNative\SFAPO64.dll [2012-04-17 16:32:59 \| 000,074,064 \|——\| C] (Virage Logic Corporation / Sonic Focus)—C:\Windows\SysWow64\SFCOM.dll [2012-04-17 16:32:58 \| 001,881,704 \|——\| C] (Realtek Semiconductor Corp.)—C:\Windows\SysNative\RtkApi64.dll [2012-04-17 16:32:58 \| 000,149,608 \|——\| C] (Realtek Semiconductor Corp.)—C:\Windows\SysNative\RtkCfg64.dll [2012-04-17 16:32:57 \| 003,201,128 \|——\| C] (Realtek Semiconductor Corp.)—C:\Windows\SysNative\RtkAPO64.dll [2012-04-17 16:32:57 \| 002,518,632 \|——\| C] (Realtek Semiconductor Corp.)—C:\Windows\SysNative\RtPgEx64.dll [2012-04-17 16:32:57 \| 001,560,168 \|——\| C] (Realtek Semiconductor Corp.)—C:\Windows\SysNative\RTSnMg64.cpl [2012-04-17 16:32:57 \| 001,247,848 \|——\| C] (Realtek Semiconductor Corp.)—C:\Windows\SysNative\RTCOM64.dll [2012-04-17 16:32:56 \| 001,501,696 \|——\| C] (Realtek Semiconductor Corp.)—C:\Windows\SysNative\RCoRes64.dat [2012-04-17 16:32:56 \| 000,375,128 \|——\| C] (Dolby Laboratories, Inc.)—C:\Windows\SysNative\RTEEP64A.dll [2012-04-17 16:32:56 \| 000,310,104 \|——\| C] (Dolby Laboratories, Inc.)—C:\Windows\SysNative\RP3DAA64.dll [2012-04-17 16:32:56 \| 000,310,104 \|——\| C] (Dolby Laboratories, Inc.)—C:\Windows\SysNative\RP3DHT64.dll [2012-04-17 16:32:56 \| 000,204,120 \|——\| C] (Dolby Laboratories, Inc.)—C:\Windows\SysNative\RTEED64A.dll [2012-04-17 16:32:56 \| 000,101,208 \|——\| C] (Dolby Laboratories, Inc.)—C:\Windows\SysNative\RTEEL64A.dll [2012-04-17 16:32:56 \| 000,097,896 \|——\| C] (Realtek Semiconductor Corp.)—C:\Windows\SysNative\RCoInst64.dll [2012-04-17 16:32:56 \| 000,078,680 \|——\| C] (Dolby Laboratories, Inc.)—C:\Windows\SysNative\RTEEG64A.dll [2012-04-17 16:32:54 \| 003,768,152 \|——\| C] (Waves Audio Ltd.)—C:\Windows\SysNative\MaxxAudioRealtek.dll [2012-04-17 16:32:54 \| 003,308,376 \|——\| C] (Dolby Laboratories)—C:\Windows\SysNative\R4EEP64A.dll [2012-04-17 16:32:54 \| 000,426,328 \|——\| C] (Dolby Laboratories)—C:\Windows\SysNative\R4EED64A.dll [2012-04-17 16:32:54 \| 000,334,680 \|——\| C] (Waves Audio Ltd.)—C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2012-04-17 16:32:54 \| 000,136,024 \|——\| C] (Dolby Laboratories)—C:\Windows\SysNative\R4EEL64A.dll [2012-04-17 16:32:54 \| 000,118,104 \|——\| C] (Dolby Laboratories)—C:\Windows\SysNative\R4EEA64A.dll [2012-04-17 16:32:54 \| 000,074,072 \|——\| C] (Dolby Laboratories)—C:\Windows\SysNative\R4EEG64A.dll [2012-04-17 16:32:53 \| 002,132,824 \|——\| C] (Waves Audio Ltd.)—C:\Windows\SysNative\MaxxAudioEQ.dll [2012-04-17 16:32:53 \| 000,603,984 \|——\| C] (Knowles Acoustics )—C:\Windows\SysNative\KAAPORT64.dll [2012-04-17 16:32:53 \| 000,341,336 \|——\| C] (Waves Audio Ltd.)—C:\Windows\SysNative\MaxxAudioAPO30.dll [2012-04-17 16:32:53 \| 000,318,808 \|——\| C] (Waves Audio Ltd.)—C:\Windows\SysNative\MaxxAudioAPO20.dll [2012-04-17 16:32:50 \| 002,085,440 \|——\| C] (Fortemedia Corporation)—C:\Windows\SysNative\FMAPO64.dll [2012-04-17 16:32:49 \| 001,756,264 \|——\| C] (DTS)—C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2012-04-17 16:32:49 \| 001,568,360 \|——\| C] (DTS)—C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2012-04-17 16:32:49 \| 001,486,952 \|——\| C] (DTS)—C:\Windows\SysNative\DTSBoostDLL64.dll [2012-04-17 16:32:49 \| 000,712,296 \|——\| C] (DTS)—C:\Windows\SysNative\DTSSymmetryDLL64.dll [2012-04-17 16:32:49 \| 000,693,352 \|——\| C] (DTS)—C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2012-04-17 16:32:49 \| 000,527,872 \|——\| C] (DTS)—C:\Windows\SysNative\DTSU2PLFX64.dll [2012-04-17 16:32:49 \| 000,515,584 \|——\| C] (DTS)—C:\Windows\SysNative\DTSU2PGFX64.dll [2012-04-17 16:32:49 \| 000,491,112 \|——\| C] (DTS)—C:\Windows\SysNative\DTSNeoPCDLL64.dll [2012-04-17 16:32:49 \| 000,439,808 \|——\| C] (DTS)—C:\Windows\SysNative\DTSU2PREC64.dll [2012-04-17 16:32:49 \| 000,432,744 \|——\| C] (DTS)—C:\Windows\SysNative\DTSLimiterDLL64.dll [2012-04-17 16:32:49 \| 000,428,648 \|——\| C] (DTS)—C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2012-04-17 16:32:49 \| 000,242,792 \|——\| C] (DTS)—C:\Windows\SysNative\DTSLFXAPO64.dll [2012-04-17 16:32:49 \| 000,242,792 \|——\| C] (DTS)—C:\Windows\SysNative\DTSGFXAPO64.dll [2012-04-17 16:32:49 \| 000,241,768 \|——\| C] (DTS)—C:\Windows\SysNative\DTSGFXAPONS64.dll [2012-04-17 16:32:48 \| 000,728,680 \|——\| C] (DTS)—C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2012-04-17 16:32:48 \| 000,200,800 \|——\| C] (Andrea Electronics Corporation)—C:\Windows\SysNative\AERTAC64.dll [2012-04-17 16:32:48 \| 000,108,960 \|——\| C] (Andrea Electronics Corporation)—C:\Windows\SysNative\AERTAR64.dll [2012-04-17 16:32:45 \| 001,698,408 \| R—- \| C] (Realtek Semiconductor Corp.)—C:\Windows\RtlExUpd.dll [2012-04-17 11:56:35 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{023A3C49-60B1-461E-80A9-9FDC8D3BB4ED} [2012-04-17 11:56:23 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{18F9D0DA-FBBF-4984-9410-5E737357A0EE} [2012-04-17 11:53:29 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\SUPERAntiSpyware.com [2012-04-17 11:53:09 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2012-04-17 11:53:04 \| 000,000,000 \|—-D \| C]—C:\ProgramData\SUPERAntiSpyware.com [2012-04-17 11:53:04 \| 000,000,000 \|—-D \| C]—C:\Program Files\SUPERAntiSpyware [2012-04-17 11:48:57 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\ESET [2012-04-17 11:10:35 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\Diagnostics [2012-04-17 11:09:57 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{331F3BD5-AEFB-40D3-8645-566E3C172417} [2012-04-17 09:26:00 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{5F1FFB1D-6193-44AC-8ABD-B7875179EA4C} [2012-04-17 09:25:47 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{74D2A76F-9522-4EC3-A53F-96F85119DD32} [2012-04-16 22:11:58 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Leadertech [2012-04-16 18:13:08 \| 000,000,000 \|—-D \| C]—C:\NVIDIA [2012-04-16 18:07:04 \| 000,149,504 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\rdpcorekmts.dll [2012-04-16 18:07:04 \| 000,077,312 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\rdpwsx.dll [2012-04-16 16:53:12 \| 000,000,000 \|—-D \| C]—C:\Windows\SysNative\SPReview [2012-04-16 16:52:24 \| 000,000,000 \|—-D \| C]—C:\Windows\SysNative\EventProviders [2012-04-16 16:51:47 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse [2012-04-16 16:51:12 \| 000,000,000 \|—-D \| C]—C:\Program Files\Microsoft IntelliPoint [2012-04-16 16:31:38 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Common Files\Adobe [2012-04-16 16:31:38 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Adobe [2012-04-16 16:30:28 \| 000,902,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\d2d1.dll [2012-04-16 16:23:01 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Malwarebytes [2012-04-16 16:22:57 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes’ Anti-Malware [2012-04-16 16:22:56 \| 000,024,904 \|——\| C] (Malwarebytes Corporation)—C:\Windows\SysNative\drivers\mbam.sys [2012-04-16 16:22:56 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Malwarebytes’ Anti-Malware [2012-04-16 16:22:56 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Malwarebytes [2012-04-16 16:16:40 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012-04-16 16:16:39 \| 000,000,000 \|—-D \| C]—C:\Program Files\CCleaner [2012-04-16 08:42:13 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{68B562E9-4372-43BA-9A6E-FC767E6DB735} [2012-04-16 08:41:59 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{AA711303-2F4B-4675-B81C-D5B896AF07DF} [2012-04-15 13:59:30 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012-04-15 13:59:27 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Microsoft Silverlight [2012-04-14 17:18:07 \| 001,942,856 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\dfshim.dll [2012-04-14 17:18:07 \| 000,048,976 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\netfxperf.dll [2012-04-14 17:18:04 \| 001,130,824 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\dfshim.dll [2012-04-14 17:18:02 \| 003,715,584 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mstscax.dll [2012-04-14 17:18:02 \| 000,059,392 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\drivers\TsUsbFlt.sys [2012-04-14 17:18:02 \| 000,012,288 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2012-04-14 17:18:01 \| 001,838,080 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\d3d10warp.dll [2012-04-14 17:18:00 \| 003,215,872 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mstscax.dll [2012-04-14 17:17:57 \| 000,954,752 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mfc40.dll [2012-04-14 17:17:57 \| 000,954,288 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mfc40u.dll [2012-04-14 17:17:55 \| 014,633,472 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wmp.dll [2012-04-14 17:17:54 \| 004,120,064 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mf.dll [2012-04-14 17:17:54 \| 003,205,120 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mmcndmgr.dll [2012-04-14 17:17:54 \| 000,485,888 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\secproc_isv.dll [2012-04-14 17:17:54 \| 000,423,936 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\secproc_isv.dll [2012-04-14 17:17:54 \| 000,362,496 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\RMActivate_isv.exe [2012-04-14 17:17:53 \| 003,008,000 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\xpsservices.dll [2012-04-14 17:17:53 \| 001,219,584 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\rpcrt4.dll [2012-04-14 17:17:53 \| 000,488,448 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\secproc.dll [2012-04-14 17:17:53 \| 000,428,032 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\secproc.dll [2012-04-14 17:17:53 \| 000,359,424 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\RMActivate.exe [2012-04-14 17:17:53 \| 000,327,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\RMActivate_isv.exe [2012-04-14 17:17:52 \| 002,086,912 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ole32.dll [2012-04-14 17:17:52 \| 000,322,048 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\RMActivate.exe [2012-04-14 17:17:51 \| 003,207,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mf.dll [2012-04-14 17:17:51 \| 001,556,992 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\RacEngn.dll [2012-04-14 17:17:51 \| 001,340,416 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\diagperf.dll [2012-04-14 17:17:51 \| 001,197,056 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\taskschd.dll [2012-04-14 17:17:51 \| 000,263,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\spwizui.dll [2012-04-14 17:17:50 \| 001,866,240 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ExplorerFrame.dll [2012-04-14 17:17:50 \| 001,753,088 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\vssapi.dll [2012-04-14 17:17:50 \| 001,334,272 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\CertEnroll.dll [2012-04-14 17:17:49 \| 011,410,432 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wmp.dll [2012-04-14 17:17:49 \| 003,860,992 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\UIRibbon.dll [2012-04-14 17:17:49 \| 001,326,080 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\NaturalLanguage6.dll [2012-04-14 17:17:49 \| 000,299,392 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mcupdate_GenuineIntel.dll [2012-04-14 17:17:48 \| 003,027,968 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\WMVCORE.DLL [2012-04-14 17:17:48 \| 000,295,264 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\PresentationHost.exe [2012-04-14 17:17:48 \| 000,099,176 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\PresentationHostProxy.dll [2012-04-14 17:17:47 \| 001,975,296 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\CertEnroll.dll [2012-04-14 17:17:47 \| 000,598,016 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\spinstall.exe [2012-04-14 17:17:47 \| 000,320,352 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\PresentationHost.exe [2012-04-14 17:17:47 \| 000,301,568 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\spreview.exe [2012-04-14 17:17:47 \| 000,274,944 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\rdpdd.dll [2012-04-14 17:17:47 \| 000,109,928 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\PresentationHostProxy.dll [2012-04-14 17:17:46 \| 003,957,760 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\WinSAT.exe [2012-04-14 17:17:45 \| 002,067,456 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\d3d9.dll [2012-04-14 17:17:45 \| 001,888,256 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\WMVDECOD.DLL [2012-04-14 17:17:45 \| 001,115,136 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\RacEngn.dll [2012-04-14 17:17:45 \| 000,867,840 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\SearchFolder.dll [2012-04-14 17:17:43 \| 005,066,752 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\AuthFWSnapin.dll [2012-04-14 17:17:43 \| 005,066,752 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\AuthFWSnapin.dll [2012-04-14 17:17:42 \| 003,391,488 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\dbgeng.dll [2012-04-14 17:17:42 \| 001,632,256 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\dwmcore.dll [2012-04-14 17:17:41 \| 001,493,504 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ExplorerFrame.dll [2012-04-14 17:17:41 \| 001,456,128 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\crypt32.dll [2012-04-14 17:17:40 \| 000,958,464 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\actxprxy.dll [2012-04-14 17:17:40 \| 000,750,080 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\TSWorkspace.dll [2012-04-14 17:17:39 \| 001,244,160 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\imapi2fs.dll [2012-04-14 17:17:39 \| 001,116,672 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mstsc.exe [2012-04-14 17:17:39 \| 000,695,808 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\netlogon.dll [2012-04-14 17:17:38 \| 001,212,416 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\propsys.dll [2012-04-14 17:17:38 \| 000,787,968 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\d3d11.dll [2012-04-14 17:17:37 \| 001,900,544 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\setupapi.dll [2012-04-14 17:17:37 \| 000,505,856 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\taskschd.dll [2012-04-14 17:17:36 \| 001,927,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\authui.dll [2012-04-14 17:17:36 \| 001,281,024 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\werconcpl.dll [2012-04-14 17:17:36 \| 000,720,896 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\odbc32.dll [2012-04-14 17:17:36 \| 000,464,384 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\taskeng.exe [2012-04-14 17:17:35 \| 001,796,096 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\certmgr.dll [2012-04-14 17:17:35 \| 001,049,600 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mstsc.exe [2012-04-14 17:17:35 \| 001,008,128 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\user32.dll [2012-04-14 17:17:35 \| 000,376,192 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\drivers\netio.sys [2012-04-14 17:17:34 \| 000,955,904 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\localspl.dll [2012-04-14 17:17:34 \| 000,758,272 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\PortableDeviceApi.dll [2012-04-14 17:17:34 \| 000,381,440 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wer.dll [2012-04-14 17:17:34 \| 000,342,016 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\certcli.dll [2012-04-14 17:17:34 \| 000,299,520 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\tsmf.dll [2012-04-14 17:17:34 \| 000,146,944 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\scavengeui.dll [2012-04-14 17:17:33 \| 002,652,160 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\netshell.dll [2012-04-14 17:17:33 \| 001,509,888 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\msdtctm.dll [2012-04-14 17:17:33 \| 001,371,136 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\dwmcore.dll [2012-04-14 17:17:33 \| 000,457,216 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\msdrm.dll [2012-04-14 17:17:33 \| 000,448,512 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\shlwapi.dll [2012-04-14 17:17:33 \| 000,295,936 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\framedynos.dll [2012-04-14 17:17:33 \| 000,210,944 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ncsi.dll [2012-04-14 17:17:32 \| 000,573,440 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\odbc32.dll [2012-04-14 17:17:32 \| 000,524,288 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wmicmiplugin.dll [2012-04-14 17:17:32 \| 000,519,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\netcfgx.dll [2012-04-14 17:17:32 \| 000,390,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\winlogon.exe [2012-04-14 17:17:32 \| 000,061,440 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\tcpmonui.dll [2012-04-14 17:17:31 \| 000,800,256 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\usp10.dll [2012-04-14 17:17:31 \| 000,297,984 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ws2_32.dll [2012-04-14 17:17:30 \| 000,343,040 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\lsm.exe [2012-04-14 17:17:29 \| 000,658,944 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\dxgi.dll [2012-04-14 17:17:29 \| 000,597,504 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\TSWorkspace.dll [2012-04-14 17:17:29 \| 000,594,432 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\comdlg32.dll [2012-04-14 17:17:29 \| 000,481,280 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wmpps.dll [2012-04-14 17:17:29 \| 000,342,016 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\apphelp.dll [2012-04-14 17:17:28 \| 002,055,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\Query.dll [2012-04-14 17:17:28 \| 000,422,912 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\drvstore.dll [2012-04-14 17:17:28 \| 000,270,848 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\tsmf.dll [2012-04-14 17:17:28 \| 000,091,136 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\dot3api.dll [2012-04-14 17:17:27 \| 002,543,616 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wpdshext.dll [2012-04-14 17:17:27 \| 001,098,240 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\Vault.dll [2012-04-14 17:17:27 \| 000,897,536 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\azroles.dll [2012-04-14 17:17:27 \| 000,758,784 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\samsrv.dll [2012-04-14 17:17:27 \| 000,345,088 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\cmd.exe [2012-04-14 17:17:27 \| 000,281,600 \|——\| C] (Microsoft)—C:\Windows\SysNative\DShowRdpFilter.dll [2012-04-14 17:17:27 \| 000,266,240 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\QAGENT.DLL [2012-04-14 17:17:26 \| 002,522,624 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\dbgeng.dll [2012-04-14 17:17:26 \| 000,751,104 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\win32spl.dll [2012-04-14 17:17:26 \| 000,653,312 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\lpksetup.exe [2012-04-14 17:17:25 \| 001,619,456 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\WMVDECOD.DLL [2012-04-14 17:17:25 \| 000,522,752 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\d3d11.dll [2012-04-14 17:17:25 \| 000,406,528 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\netcfgx.dll [2012-04-14 17:17:24 \| 001,190,400 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\WindowsCodecs.dll [2012-04-14 17:17:23 \| 001,808,384 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\pnidui.dll [2012-04-14 17:17:23 \| 000,582,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\sxs.dll [2012-04-14 17:17:23 \| 000,473,600 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\taskcomp.dll [2012-04-14 17:17:23 \| 000,381,440 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mfds.dll [2012-04-14 17:17:23 \| 000,312,832 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\Wldap32.dll [2012-04-14 17:17:23 \| 000,272,896 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mcbuilder.exe [2012-04-14 17:17:23 \| 000,206,848 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\upnp.dll [2012-04-14 17:17:22 \| 002,151,936 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mmcndmgr.dll [2012-04-14 17:17:22 \| 001,158,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\webservices.dll [2012-04-14 17:17:22 \| 000,584,192 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ipsmsnap.dll [2012-04-14 17:17:22 \| 000,252,928 \|——\| C] (Microsoft)—C:\Windows\Sys
[ Ignorer ] [ # 10 ] MapleBoy
19.04.2012 11:12:26 Antal indlæg: 13	[2012-04-14 17:16:53 \| 002,202,624 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\SensorsCpl.dll [2012-04-14 17:16:53 \| 002,157,568 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\themecpl.dll [2012-04-14 17:16:53 \| 000,856,576 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\FirewallControlPanel.dll [2012-04-14 17:16:53 \| 000,649,216 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\appwiz.cpl [2012-04-14 17:16:53 \| 000,416,768 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wiadefui.dll [2012-04-14 17:16:53 \| 000,403,968 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\untfs.dll [2012-04-14 17:16:53 \| 000,366,080 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\zipfldr.dll [2012-04-14 17:16:53 \| 000,349,696 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\slui.exe [2012-04-14 17:16:53 \| 000,268,288 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\MSAC3ENC.DLL [2012-04-14 17:16:53 \| 000,216,576 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\FWPUCLNT.DLL [2012-04-14 17:16:53 \| 000,193,536 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\sppcomapi.dll [2012-04-14 17:16:53 \| 000,176,640 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\rasppp.dll [2012-04-14 17:16:53 \| 000,155,520 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\drivers\ataport.sys [2012-04-14 17:16:53 \| 000,132,608 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\cabview.dll [2012-04-14 17:16:53 \| 000,127,488 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\logoncli.dll [2012-04-14 17:16:53 \| 000,111,104 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\shsetup.dll [2012-04-14 17:16:53 \| 000,109,056 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\dnscmmc.dll [2012-04-14 17:16:53 \| 000,030,720 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\userinit.exe [2012-04-14 17:16:52 \| 000,828,928 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\fontext.dll [2012-04-14 17:16:52 \| 000,769,536 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\sud.dll [2012-04-14 17:16:52 \| 000,508,928 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\DeviceCenter.dll [2012-04-14 17:16:52 \| 000,429,056 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\localsec.dll [2012-04-14 17:16:52 \| 000,413,696 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\PhotoScreensaver.scr [2012-04-14 17:16:52 \| 000,335,360 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\msieftp.dll [2012-04-14 17:16:52 \| 000,312,832 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\hgcpl.dll [2012-04-14 17:16:52 \| 000,268,800 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mprddm.dll [2012-04-14 17:16:52 \| 000,233,984 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\defaultlocationcpl.dll [2012-04-14 17:16:52 \| 000,175,616 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\scecli.dll [2012-04-14 17:16:52 \| 000,080,720 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mscories.dll [2012-04-14 17:16:51 \| 002,146,816 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\networkmap.dll [2012-04-14 17:16:51 \| 001,644,032 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\netcenter.dll [2012-04-14 17:16:51 \| 001,065,984 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\cryptui.dll [2012-04-14 17:16:51 \| 000,898,560 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\OobeFldr.dll [2012-04-14 17:16:51 \| 000,780,800 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ActionCenter.dll [2012-04-14 17:16:51 \| 000,740,864 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\batmeter.dll [2012-04-14 17:16:51 \| 000,701,440 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\dsuiext.dll [2012-04-14 17:16:51 \| 000,638,976 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\VAN.dll [2012-04-14 17:16:51 \| 000,600,576 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\PerfCenterCPL.dll [2012-04-14 17:16:51 \| 000,600,064 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\usercpl.dll [2012-04-14 17:16:51 \| 000,509,440 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\qedit.dll [2012-04-14 17:16:51 \| 000,503,296 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\srcore.dll [2012-04-14 17:16:51 \| 000,472,064 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\azroleui.dll [2012-04-14 17:16:51 \| 000,410,112 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wlanui.dll [2012-04-14 17:16:51 \| 000,373,248 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\intl.cpl [2012-04-14 17:16:51 \| 000,346,112 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\bcdedit.exe [2012-04-14 17:16:51 \| 000,345,600 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\MediaMetadataHandler.dll [2012-04-14 17:16:51 \| 000,314,368 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\SndVol.exe [2012-04-14 17:16:51 \| 000,243,712 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\taskbarcpl.dll [2012-04-14 17:16:51 \| 000,221,696 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\OnLineIDCpl.dll [2012-04-14 17:16:51 \| 000,220,160 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\SndVolSSO.dll [2012-04-14 17:16:51 \| 000,172,544 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\twext.dll [2012-04-14 17:16:51 \| 000,154,624 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\uxlib.dll [2012-04-14 17:16:51 \| 000,146,944 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\recovery.dll [2012-04-14 17:16:51 \| 000,120,320 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\prntvpt.dll [2012-04-14 17:16:51 \| 000,095,232 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\cca.dll [2012-04-14 17:16:51 \| 000,091,648 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\isoburn.exe [2012-04-14 17:16:51 \| 000,066,048 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\w32tm.exe [2012-04-14 17:16:51 \| 000,024,064 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\sisbkup.dll [2012-04-14 17:16:50 \| 003,727,872 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\accessibilitycpl.dll [2012-04-14 17:16:50 \| 000,352,768 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\spwizeng.dll [2012-04-14 17:16:50 \| 000,314,368 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\azroleui.dll [2012-04-14 17:16:49 \| 002,130,944 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\networkmap.dll [2012-04-14 17:16:49 \| 001,003,520 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\cryptui.dll [2012-04-14 17:16:49 \| 000,762,368 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\sdcpl.dll [2012-04-14 17:16:49 \| 000,721,408 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\bthprops.cpl [2012-04-14 17:16:49 \| 000,549,888 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ActionCenterCPL.dll [2012-04-14 17:16:49 \| 000,516,096 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\main.cpl [2012-04-14 17:16:49 \| 000,460,800 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\certcli.dll [2012-04-14 17:16:49 \| 000,451,072 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\shwebsvc.dll [2012-04-14 17:16:49 \| 000,445,952 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\spwizeng.dll [2012-04-14 17:16:49 \| 000,419,840 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\systemcpl.dll [2012-04-14 17:16:49 \| 000,414,720 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wlanmsm.dll [2012-04-14 17:16:49 \| 000,395,264 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\prnfldr.dll [2012-04-14 17:16:49 \| 000,320,512 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\Faultrep.dll [2012-04-14 17:16:49 \| 000,314,880 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wusa.exe [2012-04-14 17:16:49 \| 000,312,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\MCEWMDRMNDBootstrap.dll [2012-04-14 17:16:49 \| 000,304,128 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\efscore.dll [2012-04-14 17:16:49 \| 000,238,080 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\recdisc.exe [2012-04-14 17:16:49 \| 000,226,304 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\MSAC3ENC.DLL [2012-04-14 17:16:49 \| 000,207,360 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\sysclass.dll [2012-04-14 17:16:49 \| 000,200,192 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\syncui.dll [2012-04-14 17:16:49 \| 000,196,096 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\VBICodec.ax [2012-04-14 17:16:49 \| 000,193,024 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\netplwiz.dll [2012-04-14 17:16:49 \| 000,186,880 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\adsldp.dll [2012-04-14 17:16:49 \| 000,161,792 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\netjoin.dll [2012-04-14 17:16:49 \| 000,155,136 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\autoplay.dll [2012-04-14 17:16:49 \| 000,135,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\AuxiliaryDisplayServices.dll [2012-04-14 17:16:49 \| 000,066,048 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ncryptui.dll [2012-04-14 17:16:49 \| 000,066,048 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ksxbar.ax [2012-04-14 17:16:49 \| 000,059,904 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\fdeploy.dll [2012-04-14 17:16:49 \| 000,058,368 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\tzutil.exe [2012-04-14 17:16:49 \| 000,045,056 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\httpapi.dll [2012-04-14 17:16:48 \| 000,755,200 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\sud.dll [2012-04-14 17:16:48 \| 000,744,448 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ActionCenter.dll [2012-04-14 17:16:48 \| 000,692,736 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\bthprops.cpl [2012-04-14 17:16:48 \| 000,641,024 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\msscp.dll [2012-04-14 17:16:48 \| 000,474,112 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\sysmon.ocx [2012-04-14 17:16:48 \| 000,446,976 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\sqlcese30.dll [2012-04-14 17:16:48 \| 000,428,544 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\shwebsvc.dll [2012-04-14 17:16:48 \| 000,421,888 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\termmgr.dll [2012-04-14 17:16:48 \| 000,389,632 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\sysmon.ocx [2012-04-14 17:16:48 \| 000,345,088 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\intl.cpl [2012-04-14 17:16:48 \| 000,321,536 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\unimdm.tsp [2012-04-14 17:16:48 \| 000,313,856 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ReAgent.dll [2012-04-14 17:16:48 \| 000,301,568 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\msieftp.dll [2012-04-14 17:16:48 \| 000,296,960 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\rstrui.exe [2012-04-14 17:16:48 \| 000,295,424 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\photowiz.dll [2012-04-14 17:16:48 \| 000,281,088 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\iprtrmgr.dll [2012-04-14 17:16:48 \| 000,279,040 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\sethc.exe [2012-04-14 17:16:48 \| 000,271,360 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\iprtrmgr.dll [2012-04-14 17:16:48 \| 000,266,752 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\MediaMetadataHandler.dll [2012-04-14 17:16:48 \| 000,240,640 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\MFPlay.dll [2012-04-14 17:16:48 \| 000,220,672 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\defaultlocationcpl.dll [2012-04-14 17:16:48 \| 000,218,112 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\OnLineIDCpl.dll [2012-04-14 17:16:48 \| 000,205,312 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\efscore.dll [2012-04-14 17:16:48 \| 000,189,952 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\SmartcardCredentialProvider.dll [2012-04-14 17:16:48 \| 000,185,856 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\vdsutil.dll [2012-04-14 17:16:48 \| 000,148,992 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ifsutil.dll [2012-04-14 17:16:48 \| 000,129,536 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ntlanman.dll [2012-04-14 17:16:48 \| 000,084,480 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\UserAccountControlSettings.dll [2012-04-14 17:16:48 \| 000,082,432 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\dot3cfg.dll [2012-04-14 17:16:48 \| 000,068,096 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\rdpd3d.dll [2012-04-14 17:16:48 \| 000,048,640 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wwanprotdim.dll [2012-04-14 17:16:48 \| 000,044,032 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\tsgqec.dll [2012-04-14 17:16:48 \| 000,042,496 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ftp.exe [2012-04-14 17:16:48 \| 000,019,456 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\sisbkup.dll [2012-04-14 17:16:47 \| 000,859,648 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\OobeFldr.dll [2012-04-14 17:16:47 \| 000,781,312 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wmdrmsdk.dll [2012-04-14 17:16:47 \| 000,743,424 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\blackbox.dll [2012-04-14 17:16:47 \| 000,738,816 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wmpmde.dll [2012-04-14 17:16:47 \| 000,656,384 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\nshwfp.dll [2012-04-14 17:16:47 \| 000,537,600 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ActionCenterCPL.dll [2012-04-14 17:16:47 \| 000,495,104 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\drmmgrtn.dll [2012-04-14 17:16:47 \| 000,484,864 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\DeviceCenter.dll [2012-04-14 17:16:47 \| 000,410,624 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\systemcpl.dll [2012-04-14 17:16:47 \| 000,344,576 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ntprint.dll [2012-04-14 17:16:47 \| 000,333,824 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ssText3d.scr [2012-04-14 17:16:47 \| 000,297,472 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ntprint.dll [2012-04-14 17:16:47 \| 000,282,624 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\iTVData.dll [2012-04-14 17:16:47 \| 000,270,848 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\srrstr.dll [2012-04-14 17:16:47 \| 000,270,336 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\sethc.exe [2012-04-14 17:16:47 \| 000,255,488 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wavemsp.dll [2012-04-14 17:16:47 \| 000,225,280 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\DevicePairingFolder.dll [2012-04-14 17:16:47 \| 000,202,752 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\activeds.dll [2012-04-14 17:16:47 \| 000,196,608 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\dskquoui.dll [2012-04-14 17:16:47 \| 000,193,536 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ksproxy.ax [2012-04-14 17:16:47 \| 000,175,616 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\netplwiz.dll [2012-04-14 17:16:47 \| 000,175,616 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\bcdboot.exe [2012-04-14 17:16:47 \| 000,173,568 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\powercfg.cpl [2012-04-14 17:16:47 \| 000,159,232 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\syncui.dll [2012-04-14 17:16:47 \| 000,152,064 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\SmartcardCredentialProvider.dll [2012-04-14 17:16:47 \| 000,146,944 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\autoplay.dll [2012-04-14 17:16:47 \| 000,133,632 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\NAPHLPR.DLL [2012-04-14 17:16:47 \| 000,128,000 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\srvcli.dll [2012-04-14 17:16:47 \| 000,109,568 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\nslookup.exe [2012-04-14 17:16:47 \| 000,107,008 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\NAPHLPR.DLL [2012-04-14 17:16:47 \| 000,102,400 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\sppnp.dll [2012-04-14 17:16:47 \| 000,093,696 \|——\| C] (Windows (R) Codename Longhorn DDK provider)—C:\Windows\SysWow64\fms.dll [2012-04-14 17:16:47 \| 000,068,608 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\WSTPager.ax [2012-04-14 17:16:47 \| 000,053,248 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\acppage.dll [2012-04-14 17:16:47 \| 000,015,360 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\slwga.dll [2012-04-14 17:16:46 \| 001,672,704 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\networkexplorer.dll [2012-04-14 17:16:46 \| 001,133,568 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\cdosys.dll [2012-04-14 17:16:46 \| 000,805,376 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\cdosys.dll [2012-04-14 17:16:46 \| 000,606,208 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\dfrgui.exe [2012-04-14 17:16:46 \| 000,592,384 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\msftedit.dll [2012-04-14 17:16:46 \| 000,428,032 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wlanmsm.dll [2012-04-14 17:16:46 \| 000,358,400 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wmpdxm.dll [2012-04-14 17:16:46 \| 000,346,112 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\nshipsec.dll [2012-04-14 17:16:46 \| 000,257,024 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\dpx.dll [2012-04-14 17:16:46 \| 000,247,808 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ReAgent.dll [2012-04-14 17:16:46 \| 000,222,208 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wavemsp.dll [2012-04-14 17:16:46 \| 000,217,600 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\WinSCard.dll [2012-04-14 17:16:46 \| 000,182,272 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wmpsrcwp.dll [2012-04-14 17:16:46 \| 000,164,352 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wuwebv.dll [2012-04-14 17:16:46 \| 000,153,088 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\remotepg.dll [2012-04-14 17:16:46 \| 000,102,912 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\kstvtune.ax [2012-04-14 17:16:46 \| 000,101,888 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\migisol.dll [2012-04-14 17:16:46 \| 000,094,720 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\cabinet.dll [2012-04-14 17:16:46 \| 000,086,528 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\isoburn.exe [2012-04-14 17:16:46 \| 000,071,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wkscli.dll [2012-04-14 17:16:46 \| 000,067,072 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wsnmp32.dll [2012-04-14 17:16:46 \| 000,048,128 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ftp.exe [2012-04-14 17:16:46 \| 000,034,816 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\httpapi.dll [2012-04-14 17:16:45 \| 001,911,808 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\OpcServices.dll [2012-04-14 17:16:45 \| 000,899,584 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\Bubbles.scr [2012-04-14 17:16:45 \| 000,840,192 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\blackbox.dll [2012-04-14 17:16:45 \| 000,685,056 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\dsuiext.dll [2012-04-14 17:16:45 \| 000,636,416 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wmdrmdev.dll [2012-04-14 17:16:45 \| 000,594,432 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wvc.dll [2012-04-14 17:16:45 \| 000,586,752 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\dfrgui.exe [2012-04-14 17:16:45 \| 000,497,664 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\main.cpl [2012-04-14 17:16:45 \| 000,444,928 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wvc.dll [2012-04-14 17:16:45 \| 000,406,528 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wimgapi.dll [2012-04-14 17:16:45 \| 000,333,824 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\dot3ui.dll [2012-04-14 17:16:45 \| 000,293,888 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wsqmcons.exe [2012-04-14 17:16:45 \| 000,281,088 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\unimdm.tsp [2012-04-14 17:16:45 \| 000,258,048 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\drivers\dxgmms1.sys [2012-04-14 17:16:45 \| 000,209,920 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\PkgMgr.exe [2012-04-14 17:16:45 \| 000,209,920 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mstask.dll [2012-04-14 17:16:45 \| 000,206,848 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\qasf.dll [2012-04-14 17:16:45 \| 000,206,848 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mfps.dll [2012-04-14 17:16:45 \| 000,197,632 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ocsetup.exe [2012-04-14 17:16:45 \| 000,190,976 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\qcap.dll [2012-04-14 17:16:45 \| 000,182,784 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\WUDFPlatform.dll [2012-04-14 17:16:45 \| 000,178,688 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wuwebv.dll [2012-04-14 17:16:45 \| 000,152,064 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\net1.exe [2012-04-14 17:16:45 \| 000,146,432 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\twext.dll [2012-04-14 17:16:45 \| 000,113,152 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\setupugc.exe [2012-04-14 17:16:45 \| 000,091,648 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mapistub.dll [2012-04-14 17:16:45 \| 000,091,648 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mapi32.dll [2012-04-14 17:16:45 \| 000,073,216 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\unimdmat.dll [2012-04-14 17:16:45 \| 000,051,200 \|——\| C] (Twain Working Group)—C:\Windows\twain_32.dll [2012-04-14 17:16:45 \| 000,049,664 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\snmp.exe [2012-04-14 17:16:45 \| 000,047,616 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\tzutil.exe [2012-04-14 17:16:45 \| 000,037,376 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\iscsium.dll [2012-04-14 17:16:45 \| 000,026,112 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\WerFaultSecure.exe [2012-04-14 17:16:45 \| 000,008,192 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe [2012-04-14 17:16:44 \| 001,087,488 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\dbghelp.dll [2012-04-14 17:16:44 \| 000,616,960 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wmdrmsdk.dll [2012-04-14 17:16:44 \| 000,573,952 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\d3d10level9.dll [2012-04-14 17:16:44 \| 000,504,320 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\msscp.dll [2012-04-14 17:16:44 \| 000,363,520 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\diskraid.exe [2012-04-14 17:16:44 \| 000,327,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wimserv.exe [2012-04-14 17:16:44 \| 000,294,912 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\WindowsAnytimeUpgradeResults.exe [2012-04-14 17:16:44 \| 000,293,888 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ssText3d.scr [2012-04-14 17:16:44 \| 000,276,480 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\diskraid.exe [2012-04-14 17:16:44 \| 000,254,464 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\qasf.dll [2012-04-14 17:16:44 \| 000,242,688 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\Mystify.scr [2012-04-14 17:16:44 \| 000,241,664 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\Ribbons.scr [2012-04-14 17:16:44 \| 000,230,912 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\clusapi.dll [2012-04-14 17:16:44 \| 000,222,208 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\rdpencom.dll [2012-04-14 17:16:44 \| 000,213,504 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ActionQueue.dll [2012-04-14 17:16:44 \| 000,211,456 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\DevicePairingFolder.dll [2012-04-14 17:16:44 \| 000,186,368 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\rdpencom.dll [2012-04-14 17:16:44 \| 000,180,736 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ifsutil.dll [2012-04-14 17:16:44 \| 000,172,544 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\perfmon.exe [2012-04-14 17:16:44 \| 000,157,184 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\perfmon.exe [2012-04-14 17:16:44 \| 000,132,608 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wmpshell.dll [2012-04-14 17:16:44 \| 000,120,320 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\msvfw32.dll [2012-04-14 17:16:44 \| 000,118,784 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\uxlib.dll [2012-04-14 17:16:44 \| 000,098,304 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\nslookup.exe [2012-04-14 17:16:44 \| 000,084,480 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mciavi32.dll [2012-04-14 17:16:44 \| 000,073,728 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\tlscsp.dll [2012-04-14 17:16:44 \| 000,059,904 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\umb.dll [2012-04-14 17:16:44 \| 000,050,176 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\NAPCRYPT.DLL [2012-04-14 17:16:44 \| 000,047,616 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\snmp.exe [2012-04-14 17:16:44 \| 000,045,568 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\acppage.dll [2012-04-14 17:16:44 \| 000,031,744 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\AzSqlExt.dll [2012-04-14 17:16:44 \| 000,029,184 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\netutils.dll [2012-04-14 17:16:44 \| 000,016,896 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\muifontsetup.dll [2012-04-14 17:16:44 \| 000,014,336 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\slwga.dll [2012-04-14 17:16:43 \| 001,232,896 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\WMADMOD.DLL [2012-04-14 17:16:43 \| 001,111,552 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\onexui.dll [2012-04-14 17:16:43 \| 000,666,112 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\WMVSDECD.DLL [2012-04-14 17:16:43 \| 000,623,104 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\FXSAPI.dll [2012-04-14 17:16:43 \| 000,402,944 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\drmmgrtn.dll [2012-04-14 17:16:43 \| 000,395,776 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\nltest.exe [2012-04-14 17:16:43 \| 000,337,920 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\raschap.dll [2012-04-14 17:16:43 \| 000,318,976 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\raschap.dll [2012-04-14 17:16:43 \| 000,299,520 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wmpdxm.dll [2012-04-14 17:16:43 \| 000,238,080 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mstask.dll [2012-04-14 17:16:43 \| 000,219,648 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\iTVData.dll [2012-04-14 17:16:43 \| 000,215,040 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wpdwcn.dll [2012-04-14 17:16:43 \| 000,210,432 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\dxdiagn.dll [2012-04-14 17:16:43 \| 000,202,240 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\input.dll [2012-04-14 17:16:43 \| 000,198,144 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wpdwcn.dll [2012-04-14 17:16:43 \| 000,190,976 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\vdsbas.dll [2012-04-14 17:16:43 \| 000,174,592 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ocsetapi.dll [2012-04-14 17:16:43 \| 000,160,256 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\vdsbas.dll [2012-04-14 17:16:43 \| 000,146,944 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\remotepg.dll [2012-04-14 17:16:43 \| 000,146,944 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\MdSched.exe [2012-04-14 17:16:43 \| 000,146,432 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\drivers\rmcast.sys [2012-04-14 17:16:43 \| 000,133,120 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\Kswdmcap.ax [2012-04-14 17:16:43 \| 000,124,928 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wiavideo.dll [2012-04-14 17:16:43 \| 000,080,896 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\QUTIL.DLL [2012-04-14 17:16:43 \| 000,078,848 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\UserAccountControlSettings.dll [2012-04-14 17:16:43 \| 000,071,168 \|——\| C] (Microsoft Corporation)—C:\Windows\bfsvc.exe [2012-04-14 17:16:43 \| 000,056,832 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\runonce.exe [2012-04-14 17:16:43 \| 000,050,688 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\runonce.exe [2012-04-14 17:16:43 \| 000,048,128 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\PrintIsolationProxy.dll [2012-04-14 17:16:43 \| 000,046,080 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\NAPCRYPT.DLL [2012-04-14 17:16:43 \| 000,025,600 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\vpnikeapi.dll [2012-04-14 17:16:43 \| 000,017,408 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\syssetup.dll [2012-04-14 17:16:42 \| 000,232,448 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\bitsadmin.exe [2012-04-14 17:16:42 \| 000,095,232 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\logagent.exe [2012-04-14 17:16:37 \| 000,242,176 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\eapp3hst.dll [2012-04-14 17:16:37 \| 000,176,128 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\MFPlay.dll [2012-04-14 17:16:36 \| 000,978,944 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\WMSPDMOD.DLL [2012-04-14 17:16:36 \| 000,878,592 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\Bubbles.scr [2012-04-14 17:16:36 \| 000,527,872 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wmdrmnet.dll [2012-04-14 17:16:36 \| 000,507,392 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wmdrmdev.dll [2012-04-14 17:16:36 \| 000,431,104 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\WPDSp.dll [2012-04-14 17:16:36 \| 000,325,632 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\msnetobj.dll [2012-04-14 17:16:36 \| 000,309,760 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\sqlcese30.dll [2012-04-14 17:16:36 \| 000,250,880 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\qdv.dll [2012-04-14 17:16:36 \| 000,224,256 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\PortableDeviceSyncProvider.dll [2012-04-14 17:16:36 \| 000,186,368 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\bitsadmin.exe [2012-04-14 17:16:36 \| 000,181,248 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\qcap.dll [2012-04-14 17:16:36 \| 000,158,720 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mprapi.dll [2012-04-14 17:16:36 \| 000,135,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\shacct.dll [2012-04-14 17:16:36 \| 000,124,416 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\QSVRMGMT.DLL [2012-04-14 17:16:36 \| 000,121,856 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\secproc_ssp_isv.dll [2012-04-14 17:16:36 \| 000,121,856 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\secproc_ssp.dll [2012-04-14 17:16:36 \| 000,108,032 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\shacct.dll [2012-04-14 17:16:36 \| 000,105,472 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wmpshell.dll [2012-04-14 17:16:36 \| 000,104,448 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\logman.exe [2012-04-14 17:16:36 \| 000,098,304 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wudriver.dll [2012-04-14 17:16:36 \| 000,087,552 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wudriver.dll [2012-04-14 17:16:36 \| 000,078,848 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\tabcal.exe [2012-04-14 17:16:36 \| 000,061,952 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\vss_ps.dll [2012-04-14 17:16:36 \| 000,059,392 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\unimdmat.dll [2012-04-14 17:16:36 \| 000,052,224 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\rdpd3d.dll [2012-04-14 17:16:36 \| 000,046,080 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\cscapi.dll [2012-04-14 17:16:36 \| 000,028,672 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\iscsium.dll [2012-04-14 17:16:36 \| 000,021,504 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\lsmproxy.dll [2012-04-14 17:16:35 \| 001,160,192 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\OpcServices.dll [2012-04-14 17:16:35 \| 000,435,712 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\PortableDeviceStatus.dll [2012-04-14 17:16:35 \| 000,350,720 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\WPDSp.dll [2012-04-14 17:16:35 \| 000,236,544 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\pdh.dll [2012-04-14 17:16:35 \| 000,183,296 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\PortableDeviceSyncProvider.dll [2012-04-14 17:16:35 \| 000,084,480 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\kstvtune.ax [2012-04-14 17:16:35 \| 000,082,944 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\logman.exe [2012-04-14 17:16:35 \| 000,078,848 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\spbcd.dll [2012-04-14 17:16:35 \| 000,077,824 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\olethk32.dll [2012-04-14 17:16:35 \| 000,060,928 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ncryptui.dll [2012-04-14 17:16:34 \| 000,427,520 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\PortableDeviceStatus.dll [2012-04-14 17:16:34 \| 000,313,344 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\dot3ui.dll [2012-04-14 17:16:34 \| 000,221,184 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\Mystify.scr [2012-04-14 17:16:34 \| 000,220,672 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\Ribbons.scr [2012-04-14 17:16:34 \| 000,142,336 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\powercfg.cpl [2012-04-14 17:16:34 \| 000,130,048 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\desk.cpl [2012-04-14 17:16:34 \| 000,121,344 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\fphc.dll [2012-04-14 17:16:34 \| 000,099,328 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\QSVRMGMT.DLL [2012-04-14 17:16:34 \| 000,063,488 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\takeown.exe [2012-04-14 17:16:34 \| 000,062,976 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\PnPUnattend.exe [2012-04-14 17:16:34 \| 000,036,864 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\tsgqec.dll [2012-04-14 17:16:33 \| 001,148,416 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\IMJP10.IME [2012-04-14 17:16:33 \| 000,902,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\WMADMOD.DLL [2012-04-14 17:16:33 \| 000,541,184 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\WMVSDECD.DLL [2012-04-14 17:16:33 \| 000,436,736 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wmdrmnet.dll [2012-04-14 17:16:33 \| 000,392,192 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\WMPhoto.dll [2012-04-14 17:16:33 \| 000,318,464 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\WMPhoto.dll [2012-04-14 17:16:33 \| 000,153,600 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\VBICodec.ax [2012-04-14 17:16:33 \| 000,144,896 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\EhStorAPI.dll [2012-04-14 17:16:33 \| 000,115,200 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\dot3msm.dll [2012-04-14 17:16:33 \| 000,109,568 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wiavideo.dll [2012-04-14 17:16:33 \| 000,107,008 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\Kswdmcap.ax [2012-04-14 17:16:33 \| 000,098,304 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\fphc.dll [2012-04-14 17:16:33 \| 000,091,648 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\avifil32.dll [2012-04-14 17:16:33 \| 000,089,088 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\amstream.dll [2012-04-14 17:16:33 \| 000,079,872 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\QCLIPROV.DLL [2012-04-14 17:16:33 \| 000,076,800 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mapistub.dll [2012-04-14 17:16:33 \| 000,072,704 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\netapi32.dll [2012-04-14 17:16:33 \| 000,061,440 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\djoin.exe [2012-04-14 17:16:33 \| 000,051,200 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\takeown.exe [2012-04-14 17:16:33 \| 000,037,376 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\shimgvw.dll [2012-04-14 17:16:33 \| 000,031,744 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\utildll.dll [2012-04-14 17:16:33 \| 000,027,136 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\HotStartUserAgent.dll [2012-04-14 17:16:32 \| 000,681,472 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\WUDFx.dll [2012-04-14 17:16:32 \| 000,283,136 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\qdv.dll [2012-04-14 17:16:32 \| 000,265,216 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\msnetobj.dll [2012-04-14 17:16:32 \| 000,226,816 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\WUDFHost.exe [2012-04-14 17:16:32 \| 000,100,864 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\sppinst.dll [2012-04-14 17:16:32 \| 000,092,160 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\cmstp.exe [2012-04-14 17:16:32 \| 000,084,992 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\cmstp.exe [2012-04-14 17:16:32 \| 000,074,240 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\fdProxy.dll [2012-04-14 17:16:32 \| 000,071,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\QCLIPROV.DLL [2012-04-14 17:16:32 \| 000,071,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\CertPolEng.dll [2012-04-14 17:16:32 \| 000,070,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\MuiUnattend.exe [2012-04-14 17:16:32 \| 000,066,560 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\cca.dll [2012-04-14 17:16:32 \| 000,061,952 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\WavDest.dll [2012-04-14 17:16:32 \| 000,056,832 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\vfwwdm32.dll [2012-04-14 17:16:32 \| 000,015,360 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\nrpsrv.dll [2012-04-14 17:16:31 \| 000,739,328 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\WMSPDMOD.DLL [2012-04-14 17:16:31 \| 000,152,064 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\iscsicli.exe [2012-04-14 17:16:31 \| 000,143,360 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mydocs.dll [2012-04-14 17:16:31 \| 000,115,712 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\setupcln.dll [2012-04-14 17:16:31 \| 000,057,856 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\g711codc.ax [2012-04-14 17:16:31 \| 000,051,712 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wsnmp32.dll [2012-04-14 17:16:31 \| 000,051,712 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\MultiDigiMon.exe [2012-04-14 17:16:31 \| 000,051,200 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wuauclt.exe [2012-04-14 17:16:31 \| 000,046,592 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\pdhui.dll [2012-04-14 17:16:31 \| 000,043,008 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\relog.exe [2012-04-14 17:16:31 \| 000,013,312 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\sscore.dll [2012-04-14 17:16:30 \| 000,176,128 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\msorcl32.dll [2012-04-14 17:16:30 \| 000,166,400 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\diskpart.exe [2012-04-14 17:16:30 \| 000,144,896 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\iscsicli.exe [2012-04-14 17:16:30 \| 000,128,000 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\desk.cpl [2012-04-14 17:16:30 \| 000,102,400 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mobsync.exe [2012-04-14 17:16:30 \| 000,061,952 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\spbcd.dll [2012-04-14 17:16:30 \| 000,047,104 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wkscli.dll [2012-04-14 17:16:30 \| 000,043,520 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\vbisurf.ax [2012-04-14 17:16:30 \| 000,037,888 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\relog.exe [2012-04-14 17:16:30 \| 000,028,160 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\AzSqlExt.dll [2012-04-14 17:16:30 \| 000,025,600 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\netiougc.exe [2012-04-14 17:16:30 \| 000,014,848 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\BWUnpairElevated.dll [2012-04-14 17:16:29 \| 000,306,688 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\RMActivate_ssp.exe [2012-04-14 17:16:29 \| 000,305,152 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\RMActivate_ssp_isv.exe [2012-04-14 17:16:29 \| 000,194,048 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\itircl.dll [2012-04-14 17:16:29 \| 000,136,192 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mydocs.dll [2012-04-14 17:16:29 \| 000,133,632 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\diskpart.exe [2012-04-14 17:16:29 \| 000,103,936 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\dot3msm.dll [2012-04-14 17:16:29 \| 000,070,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\amstream.dll [2012-04-14 17:16:29 \| 000,069,632 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\rastapi.dll [2012-04-14 17:16:29 \| 000,058,880 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\browcli.dll [2012-04-14 17:16:29 \| 000,035,840 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\msdmo.dll [2012-04-14 17:16:28 \| 001,027,584 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\IMJP10.IME [2012-04-14 17:16:28 \| 000,434,688 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\FXSTIFF.dll [2012-04-14 17:16:28 \| 000,158,720 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\itircl.dll [2012-04-14 17:16:28 \| 000,144,384 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wmpps.dll [2012-04-14 17:16:28 \| 000,103,936 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\eappgnui.dll [2012-04-14 17:16:28 \| 000,085,504 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\secproc_ssp_isv.dll [2012-04-14 17:16:28 \| 000,085,504 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\secproc_ssp.dll [2012-04-14 17:16:28 \| 000,071,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\resutils.dll [2012-04-14 17:16:28 \| 000,071,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\findstr.exe [2012-04-14 17:16:28 \| 000,065,024 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\CertPolEng.dll [2012-04-14 17:16:28 \| 000,048,640 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ksxbar.ax [2012-04-14 17:16:28 \| 000,041,472 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mciqtz32.dll [2012-04-14 17:16:28 \| 000,036,864 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wuapp.exe [2012-04-14 17:16:28 \| 000,036,864 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\choice.exe [2012-04-14 17:16:28 \| 000,033,792 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wuapp.exe [2012-04-14 17:16:28 \| 000,024,064 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\netbtugc.exe [2012-04-14 17:16:28 \| 000,014,848 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\syssetup.dll [2012-04-14 17:16:27 \| 000,280,064 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\RMActivate_ssp.exe [2012-04-14 17:16:27 \| 000,278,016 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\RMActivate_ssp_isv.exe [2012-04-14 17:16:27 \| 000,145,920 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\sppc.dll [2012-04-14 17:16:27 \| 000,094,208 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\eappgnui.dll [2012-04-14 17:16:27 \| 000,069,632 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\tlscsp.dll [2012-04-14 17:16:27 \| 000,062,976 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\findstr.exe [2012-04-14 17:16:27 \| 000,048,640 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\luainstall.dll [2012-04-14 17:16:27 \| 000,028,672 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\WerFaultSecure.exe [2012-04-14 17:16:27 \| 000,022,016 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ReAgentc.exe [2012-04-14 17:16:26 \| 001,080,320 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\onexui.dll [2012-04-14 17:16:26 \| 000,101,376 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mobsync.exe [2012-04-14 17:16:26 \| 000,036,352 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mciqtz32.dll [2012-04-14 17:16:26 \| 000,024,064 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\schedcli.dll [2012-04-14 17:16:25 \| 000,079,872 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\manage-bde.exe [2012-04-14 17:16:25 \| 000,065,536 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\inetmib1.dll [2012-04-14 17:16:25 \| 000,051,712 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\repair-bde.exe [2012-04-14 17:16:25 \| 000,036,352 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wdiasqmmodule.dll [2012-04-14 17:16:25 \| 000,013,312 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\muifontsetup.dll [2012-04-14 17:16:24 \| 000,121,344 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\sppc.dll [2012-04-14 17:16:24 \| 000,082,944 \|——\| C] (Radius Inc.)—C:\Windows\SysWow64\iccvid.dll [2012-04-14 17:16:24 \| 000,035,840 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\shimgvw.dll [2012-04-14 17:16:24 \| 000,019,968 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\spopk.dll [2012-04-14 17:16:24 \| 000,018,944 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\spopk.dll [2012-04-14 17:16:23 \| 000,147,456 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\RDPENCDD.dll [2012-04-14 17:16:23 \| 000,053,248 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\odbcconf.dll [2012-04-14 17:16:23 \| 000,052,736 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\inetmib1.dll [2012-04-14 17:16:23 \| 000,045,568 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\g711codc.ax [2012-04-14 17:16:23 \| 000,044,544 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\WUDFCoinstaller.dll [2012-04-14 17:16:23 \| 000,041,984 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\luainstall.dll [2012-04-14 17:16:23 \| 000,034,304 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\unlodctr.exe [2012-04-14 17:16:23 \| 000,033,792 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\vbisurf.ax [2012-04-14 17:16:23 \| 000,033,792 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\profprov.dll [2012-04-14 17:16:23 \| 000,030,720 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\msdmo.dll [2012-04-14 17:16:23 \| 000,021,504 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\rdprefdrvapi.dll [2012-04-14 17:16:23 \| 000,017,920 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\fixmapi.exe [2012-04-14 17:16:22 \| 000,041,984 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\FXSMON.dll [2012-04-14 17:16:18 \| 001,164,800 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\UIRibbonRes.dll [2012-04-14 17:16:18 \| 001,164,800 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\UIRibbonRes.dll [2012-04-14 17:16:18 \| 000,041,984 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\browcli.dll [2012-04-14 17:16:18 \| 000,040,960 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\odbcconf.dll [2012-04-14 17:16:18 \| 000,027,648 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wups.dll [2012-04-14 17:16:18 \| 000,026,624 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\drivers\tdi.sys [2012-04-14 17:16:18 \| 000,025,600 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\elsTrans.dll [2012-04-14 17:16:18 \| 000,021,504 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\TRAPI.dll [2012-04-14 17:16:17 \| 000,072,192 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\napdsnap.dll [2012-04-14 17:16:17 \| 000,068,096 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\napdsnap.dll [2012-04-14 17:16:17 \| 000,036,864 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\dsauth.dll [2012-04-14 17:16:17 \| 000,031,744 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\drivers\usbrpm.sys [2012-04-14 17:16:17 \| 000,030,208 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\dsauth.dll [2012-04-14 17:16:17 \| 000,030,208 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\cscdll.dll [2012-04-14 17:16:17 \| 000,027,648 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\LogonUI.exe [2012-04-14 17:16:17 \| 000,024,576 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\bitsperf.dll [2012-04-14 17:16:17 \| 000,023,040 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\rdprefdrvapi.dll [2012-04-14 17:16:17 \| 000,022,528 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\elsTrans.dll [2012-04-14 17:16:17 \| 000,021,504 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\TRAPI.dll [2012-04-14 17:16:17 \| 000,019,456 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\bitsperf.dll [2012-04-14 17:16:17 \| 000,018,432 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\FXSUNATD.exe [2012-04-14 17:16:17 \| 000,017,408 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\schedcli.dll [2012-04-14 17:16:17 \| 000,017,408 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\perfts.dll [2012-04-14 17:16:16 \| 000,457,216 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\imkr80.ime [2012-04-14 17:16:16 \| 000,430,080 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\imkr80.ime [2012-04-14 17:16:16 \| 000,037,376 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wups2.dll [2012-04-14 17:16:16 \| 000,033,280 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wups.dll [2012-04-14 17:16:16 \| 000,032,896 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\drivers\USBCAMD2.sys [2012-04-14 17:16:16 \| 000,028,160 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\shgina.dll [2012-04-14 17:16:16 \| 000,026,112 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wsdchngr.dll [2012-04-14 17:16:16 \| 000,021,504 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wsdchngr.dll [2012-04-14 17:16:16 \| 000,020,992 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\shgina.dll [2012-04-14 17:16:16 \| 000,013,824 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wshirda.dll [2012-04-14 17:16:16 \| 000,009,728 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\sscore.dll [2012-04-14 17:16:16 \| 000,008,704 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\riched32.dll [2012-04-14 17:16:15 \| 000,013,312 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\C_ISCII.DLL [2012-04-14 17:16:15 \| 000,011,264 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wshirda.dll [2012-04-14 17:16:15 \| 000,011,264 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\shunimpl.dll [2012-04-14 17:16:15 \| 000,011,264 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\C_ISCII.DLL [2012-04-14 17:16:15 \| 000,010,752 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\riched32.dll [2012-04-14 17:16:15 \| 000,010,240 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\rdpcfgex.dll [2012-04-14 17:16:15 \| 000,009,728 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\spwmp.dll [2012-04-14 17:16:15 \| 000,008,192 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\spwmp.dll [2012-04-14 17:16:15 \| 000,005,120 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\msdxm.ocx [2012-04-14 17:16:15 \| 000,005,120 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\dxmasf.dll [2012-04-14 17:16:15 \| 000,004,096 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\msdxm.ocx [2012-04-14 17:16:15 \| 000,004,096 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\dxmasf.dll [2012-04-14 17:16:15 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-ums-l1-1-0.dll [2012-04-14 17:16:14 \| 012,625,920 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wmploc.DLL [2012-04-14 17:16:14 \| 012,625,408 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wmploc.DLL [2012-04-14 17:16:14 \| 000,069,120 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\nlsbres.dll [2012-04-14 17:16:14 \| 000,069,120 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\nlsbres.dll [2012-04-14 17:16:14 \| 000,052,736 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\BlbEvents.dll [2012-04-14 17:16:14 \| 000,035,328 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\pifmgr.dll [2012-04-14 17:16:14 \| 000,035,328 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\pifmgr.dll [2012-04-14 17:16:14 \| 000,008,192 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDTUQ.DLL [2012-04-14 17:16:14 \| 000,008,192 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDTUF.DLL [2012-04-14 17:16:14 \| 000,008,192 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDSG.DLL [2012-04-14 17:16:14 \| 000,008,192 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\kbdlk41a.dll [2012-04-14 17:16:14 \| 000,008,192 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDGKL.DLL [2012-04-14 17:16:14 \| 000,008,192 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDCZ1.DLL [2012-04-14 17:16:14 \| 000,007,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\spwizres.dll [2012-04-14 17:16:14 \| 000,007,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\spwizres.dll [2012-04-14 17:16:14 \| 000,007,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDTUQ.DLL [2012-04-14 17:16:14 \| 000,007,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDTUF.DLL [2012-04-14 17:16:14 \| 000,007,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDSG.DLL [2012-04-14 17:16:14 \| 000,007,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDSF.DLL [2012-04-14 17:16:14 \| 000,007,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDPO.DLL [2012-04-14 17:16:14 \| 000,007,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDNEPR.DLL [2012-04-14 17:16:14 \| 000,007,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\kbdlk41a.dll [2012-04-14 17:16:14 \| 000,007,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDINTAM.DLL [2012-04-14 17:16:14 \| 000,007,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDINBEN.DLL [2012-04-14 17:16:14 \| 000,007,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDGR1.DLL [2012-04-14 17:16:14 \| 000,007,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDGR1.DLL [2012-04-14 17:16:14 \| 000,007,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDGKL.DLL [2012-04-14 17:16:14 \| 000,007,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDCZ1.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDUS.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDUGHR1.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDTURME.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDTAJIK.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDSF.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDPO.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDNEPR.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDMON.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDMAORI.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDLT1.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDINTEL.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDINTAM.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDINORI.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDINORI.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDINMAR.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDINMAR.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDINKAN.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDINKAN.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDINHIN.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDINHIN.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDINBEN.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDBULG.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDBLR.DLL [2012-04-14 17:16:14 \| 000,007,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDBASH.DLL [2012-04-14 17:16:14 \| 000,006,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDUS.DLL [2012-04-14 17:16:14 \| 000,006,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDUGHR1.DLL [2012-04-14 17:16:14 \| 000,006,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDTURME.DLL [2012-04-14 17:16:14 \| 000,006,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDTAJIK.DLL [2012-04-14 17:16:14 \| 000,006,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDMON.DLL [2012-04-14 17:16:14 \| 000,006,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDMAORI.DLL [2012-04-14 17:16:14 \| 000,006,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDLT1.DLL [2012-04-14 17:16:14 \| 000,006,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDINTEL.DLL [2012-04-14 17:16:14 \| 000,006,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDGEO.DLL [2012-04-14 17:16:14 \| 000,006,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KBDGEO.DLL [2012-04-14 17:16:14 \| 000,006,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDBULG.DLL [2012-04-14 17:16:14 \| 000,006,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDBLR.DLL [2012-04-14 17:16:14 \| 000,006,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\KBDBASH.DLL [2012-04-14 17:16:14 \| 000,003,072 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\dpnaddr.dll [2012-04-14 17:16:14 \| 000,002,560 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\dpnaddr.dll [2012-04-14 17:16:11 \| 000,399,872 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\dpx.dll [2012-04-14 17:16:11 \| 000,189,952 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wdscore.dll [2012-04-14 17:16:04 \| 000,189,952 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\sqmapi.dll [2012-04-14 17:15:18 \| 000,529,408 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wbemcomn.dll [2012-04-14 17:15:18 \| 000,244,736 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\sqmapi.dll [2012-04-13 17:37:01 \| 000,000,000 \|—-D \| C]—C:\Windows\SysWow64\Wat [2012-04-13 17:37:00 \| 000,000,000 \|—-D \| C]—C:\Windows\SysNative\Wat [2012-04-13 14:27:42 \| 003,695,416 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ieapfltr.dat [2012-04-13 14:27:42 \| 003,695,416 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ieapfltr.dat [2012-04-13 14:27:42 \| 002,311,168 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\jscript9.dll [2012-04-13 14:27:42 \| 001,493,504 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\inetcpl.cpl [2012-04-13 14:27:42 \| 001,427,456 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\inetcpl.cpl [2012-04-13 14:27:42 \| 000,818,688 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\jscript.dll [2012-04-13 14:27:42 \| 000,716,800 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\jscript.dll [2012-04-13 14:27:42 \| 000,696,832 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\msfeeds.dll [2012-04-13 14:27:42 \| 000,603,648 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\vbscript.dll [2012-04-13 14:27:42 \| 000,534,528 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ieapfltr.dll [2012-04-13 14:27:42 \| 000,452,608 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\dxtmsft.dll [2012-04-13 14:27:42 \| 000,448,512 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\html.iec [2012-04-13 14:27:42 \| 000,434,176 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ieapfltr.dll [2012-04-13 14:27:42 \| 000,367,104 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\html.iec [2012-04-13 14:27:42 \| 000,282,112 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\dxtrans.dll [2012-04-13 14:27:42 \| 000,267,776 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ieaksie.dll [2012-04-13 14:27:42 \| 000,248,320 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ieui.dll [2012-04-13 14:27:42 \| 000,237,056 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\url.dll [2012-04-13 14:27:42 \| 000,231,936 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\url.dll [2012-04-13 14:27:42 \| 000,227,840 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ieaksie.dll [2012-04-13 14:27:42 \| 000,222,208 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\msls31.dll [2012-04-13 14:27:42 \| 000,197,120 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\msrating.dll [2012-04-13 14:27:42 \| 000,176,640 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ieui.dll [2012-04-13 14:27:42 \| 000,173,056 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ieUnatt.exe [2012-04-13 14:27:42 \| 000,165,888 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\iexpress.exe [2012-04-13 14:27:42 \| 000,163,840 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ieakui.dll [2012-04-13 14:27:42 \| 000,163,840 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ieakui.dll [2012-04-13 14:27:42 \| 000,162,304 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\msrating.dll [2012-04-13 14:27:42 \| 000,160,256 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wextract.exe [2012-04-13 14:27:42 \| 000,160,256 \|——\| C] (Mi
[ Ignorer ] [ # 11 ] MapleBoy
19.04.2012 11:13:23 Antal indlæg: 13	[2012-04-12 09:45:31 \| 000,666,624 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mssvp.dll [2012-04-12 09:45:31 \| 000,491,520 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mssph.dll [2012-04-12 09:45:31 \| 000,337,408 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mssph.dll [2012-04-12 09:45:31 \| 000,113,664 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\SearchFilterHost.exe [2012-04-12 09:45:30 \| 000,288,256 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mssphtb.dll [2012-04-12 09:45:30 \| 000,075,264 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\msscntrs.dll [2012-04-12 09:45:30 \| 000,059,392 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\msscntrs.dll [2012-04-12 09:45:12 \| 001,118,720 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\sbe.dll [2012-04-12 09:45:12 \| 000,961,024 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\CPFilters.dll [2012-04-12 09:45:12 \| 000,642,048 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\CPFilters.dll [2012-04-12 09:45:11 \| 000,850,944 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\sbe.dll [2012-04-12 09:45:11 \| 000,259,072 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mpg2splt.ax [2012-04-12 09:45:11 \| 000,199,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mpg2splt.ax [2012-04-12 09:45:08 \| 001,447,936 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\lsasrv.dll [2012-04-12 09:45:08 \| 000,395,776 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\webio.dll [2012-04-12 09:45:08 \| 000,314,880 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\webio.dll [2012-04-12 09:45:07 \| 000,136,192 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\sspicli.dll [2012-04-12 09:45:06 \| 000,029,184 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\sspisrv.dll [2012-04-12 09:45:06 \| 000,028,160 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\secur32.dll [2012-04-12 09:44:59 \| 000,142,336 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\poqexec.exe [2012-04-12 09:44:59 \| 000,123,904 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\poqexec.exe [2012-04-12 09:44:48 \| 000,509,952 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ntshrui.dll [2012-04-12 09:44:44 \| 001,572,864 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\quartz.dll [2012-04-12 09:44:44 \| 001,328,128 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\quartz.dll [2012-04-12 09:44:44 \| 000,514,560 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\qdvd.dll [2012-04-12 09:44:44 \| 000,366,592 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\qdvd.dll [2012-04-12 09:44:25 \| 002,871,808 \|——\| C] (Microsoft Corporation)—C:\Windows\explorer.exe [2012-04-12 09:44:25 \| 002,616,320 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\explorer.exe [2012-04-12 09:43:50 \| 001,544,192 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\DWrite.dll [2012-04-12 09:42:58 \| 001,465,344 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\XpsPrint.dll [2012-04-12 09:42:57 \| 000,870,912 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\XpsPrint.dll [2012-04-12 09:42:52 \| 000,288,640 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2012-04-12 09:42:15 \| 000,476,160 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\XpsGdiConverter.dll [2012-04-12 09:42:15 \| 000,288,256 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\XpsGdiConverter.dll [2012-04-12 09:42:06 \| 000,043,520 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\csrsrv.dll [2012-04-12 09:42:04 \| 000,515,584 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\timedate.cpl [2012-04-12 09:42:03 \| 000,478,720 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\timedate.cpl [2012-04-12 09:42:00 \| 001,395,712 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mfc42.dll [2012-04-12 09:42:00 \| 001,359,872 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\mfc42u.dll [2012-04-12 09:41:59 \| 001,164,288 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mfc42u.dll [2012-04-12 09:41:59 \| 001,137,664 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\mfc42.dll [2012-04-12 09:41:44 \| 000,613,888 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\psisdecd.dll [2012-04-12 09:41:44 \| 000,465,408 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\psisdecd.dll [2012-04-12 09:41:44 \| 000,288,256 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\MSNP.ax [2012-04-12 09:41:44 \| 000,204,288 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\MSNP.ax [2012-04-12 09:41:44 \| 000,108,032 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\psisrndr.ax [2012-04-12 09:41:44 \| 000,104,960 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\Mpeg2Data.ax [2012-04-12 09:41:44 \| 000,075,776 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\psisrndr.ax [2012-04-12 09:41:44 \| 000,075,776 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\MSDvbNP.ax [2012-04-12 09:41:44 \| 000,072,704 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\Mpeg2Data.ax [2012-04-12 09:41:44 \| 000,059,904 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\MSDvbNP.ax [2012-04-12 09:40:39 \| 008,766,112 \|——\| C] (Adobe Systems Incorporated)—C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012-04-12 09:39:30 \| 001,162,752 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\kernel32.dll [2012-04-12 09:39:30 \| 000,421,888 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\KernelBase.dll [2012-04-12 09:39:30 \| 000,362,496 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wow64win.dll [2012-04-12 09:39:30 \| 000,338,432 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\conhost.exe [2012-04-12 09:39:30 \| 000,243,200 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wow64.dll [2012-04-12 09:39:30 \| 000,214,528 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\winsrv.dll [2012-04-12 09:39:30 \| 000,025,600 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\setup16.exe [2012-04-12 09:39:30 \| 000,016,384 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ntvdm64.dll [2012-04-12 09:39:30 \| 000,014,336 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ntvdm64.dll [2012-04-12 09:39:30 \| 000,013,312 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\wow64cpu.dll [2012-04-12 09:39:30 \| 000,007,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\instnm.exe [2012-04-12 09:39:30 \| 000,005,120 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\wow32.dll [2012-04-12 09:39:30 \| 000,003,584 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2012-04-12 09:39:30 \| 000,003,584 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2012-04-12 09:39:29 \| 000,006,144 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2012-04-12 09:39:29 \| 000,006,144 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2012-04-12 09:39:29 \| 000,005,120 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2012-04-12 09:39:29 \| 000,005,120 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2012-04-12 09:39:29 \| 000,004,608 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2012-04-12 09:39:29 \| 000,004,608 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2012-04-12 09:39:29 \| 000,004,608 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2012-04-12 09:39:29 \| 000,004,608 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2012-04-12 09:39:29 \| 000,004,096 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2012-04-12 09:39:29 \| 000,004,096 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2012-04-12 09:39:29 \| 000,004,096 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2012-04-12 09:39:29 \| 000,004,096 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2012-04-12 09:39:29 \| 000,004,096 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2012-04-12 09:39:29 \| 000,004,096 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2012-04-12 09:39:29 \| 000,004,096 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2012-04-12 09:39:29 \| 000,004,096 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2012-04-12 09:39:29 \| 000,004,096 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,584 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,584 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,584 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,584 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,584 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,584 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,584 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,584 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,584 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,584 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,584 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,584 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2012-04-12 09:39:29 \| 000,003,072 \| -H—\| C] (Microsoft Corporation)—C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2012-04-12 09:39:29 \| 000,002,048 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\user.exe [2012-04-12 09:39:04 \| 000,605,552 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\winload.exe [2012-04-12 09:39:03 \| 000,642,944 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\winload.efi [2012-04-12 09:39:03 \| 000,566,208 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\winresume.efi [2012-04-12 09:39:03 \| 000,518,672 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\winresume.exe [2012-04-12 09:39:02 \| 000,063,488 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\setbcdlocale.dll [2012-04-12 09:39:02 \| 000,020,352 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\kdusb.dll [2012-04-12 09:39:02 \| 000,019,328 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\kd1394.dll [2012-04-12 09:39:02 \| 000,017,792 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\kdcom.dll [2012-04-12 09:38:54 \| 000,367,616 \|——\| C] (Adobe Systems Incorporated)—C:\Windows\SysNative\atmfd.dll [2012-04-12 09:38:54 \| 000,294,912 \|——\| C] (Adobe Systems Incorporated)—C:\Windows\SysWow64\atmfd.dll [2012-04-12 09:38:54 \| 000,100,864 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\fontsub.dll [2012-04-12 09:38:54 \| 000,070,656 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\fontsub.dll [2012-04-12 09:38:54 \| 000,046,080 \|——\| C] (Adobe Systems)—C:\Windows\SysNative\atmlib.dll [2012-04-12 09:38:54 \| 000,034,304 \|——\| C] (Adobe Systems)—C:\Windows\SysWow64\atmlib.dll [2012-04-12 09:38:32 \| 001,731,920 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\ntdll.dll [2012-04-12 09:38:27 \| 000,357,888 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\dnsapi.dll [2012-04-12 09:38:27 \| 000,030,208 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\dnscacheugc.exe [2012-04-12 09:38:27 \| 000,028,672 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\dnscacheugc.exe [2012-04-12 09:38:21 \| 000,207,872 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\cfgmgr32.dll [2012-04-12 09:38:20 \| 000,252,928 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\drvinst.exe [2012-04-12 09:38:20 \| 000,044,544 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\devrtl.dll [2012-04-12 09:38:10 \| 000,321,024 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\d3d10_1core.dll [2012-04-12 09:38:10 \| 000,197,120 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\d3d10_1.dll [2012-04-12 09:38:04 \| 000,267,776 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\FXSCOVER.exe [2012-04-12 09:38:03 \| 000,974,336 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\WFS.exe [2012-04-12 09:37:57 \| 000,861,696 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\oleaut32.dll [2012-04-12 09:37:57 \| 000,331,776 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\oleacc.dll [2012-04-12 09:37:53 \| 000,723,456 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\EncDec.dll [2012-04-12 09:37:53 \| 000,534,528 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\EncDec.dll [2012-04-12 09:37:40 \| 000,634,880 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\msvcrt.dll [2012-04-12 09:37:38 \| 000,031,232 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\prevhost.exe [2012-04-12 09:37:38 \| 000,031,232 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\prevhost.exe [2012-04-12 09:37:29 \| 000,027,520 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\drivers\Diskdump.sys [2012-04-12 09:22:42 \| 000,077,312 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\packager.dll [2012-04-12 09:22:42 \| 000,067,072 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\packager.dll [2012-04-12 09:16:26 \| 000,418,464 \|——\| C] (Adobe Systems Incorporated)—C:\Windows\SysWow64\FlashPlayerApp.exe [2012-04-12 09:16:24 \| 000,000,000 \|—-D \| C]—C:\Windows\SysNative\Macromed [2012-04-12 08:24:53 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Autodesk [2012-04-12 08:24:53 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Autodesk [2012-04-12 08:19:12 \| 000,000,000 \|—-D \| C]—C:\Autodesk [2012-04-11 17:51:29 \| 000,000,000 \|—-D \| C]—C:\Temp [2012-04-11 17:48:58 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\Samsung [2012-04-11 17:48:54 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Samsung [2012-04-11 17:48:53 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\Documents\samsung [2012-04-11 17:48:21 \| 000,203,320 \|——\| C] (DEVGURU Co., LTD.(http://www.devguru.co.kr))—C:\Windows\SysNative\drivers\ssudmdm.sys [2012-04-11 17:48:21 \| 000,099,384 \|——\| C] (DEVGURU Co., LTD.(http://www.devguru.co.kr))—C:\Windows\SysNative\drivers\ssudbus.sys [2012-04-11 17:46:56 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [2012-04-11 17:46:51 \| 004,659,712 \|——\| C] (Dmitry Streblechenko)—C:\Windows\SysWow64\Redemption.dll [2012-04-11 17:46:41 \| 000,821,824 \|——\| C] (Devguru Co., Ltd.)—C:\Windows\SysWow64\dgderapi.dll [2012-04-11 17:46:41 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\MarkAny [2012-04-11 17:46:09 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Samsung [2012-04-11 17:46:09 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Samsung [2012-04-11 17:45:11 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\Downloaded Installations [2012-04-10 21:01:25 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{167CA234-9B1A-4EAF-B60D-3A62CA085146} [2012-04-10 21:01:14 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{E59B53A2-0A52-48C5-8E30-ADE7D2460E30} [2012-04-10 07:42:27 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\OpenOffice.org [2012-04-10 07:41:39 \| 000,000,000 \|—SD \| C]—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3 [2012-04-10 07:41:10 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\OpenOffice.org 3 [2012-04-10 07:39:23 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\Desktop\OpenOffice.org 3.3 (da) Installation Files [2012-04-10 07:37:10 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{7131DC30-3AFB-4A6E-8020-5F38A2D8607F} [2012-04-10 07:36:46 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{CCE516CF-FDDB-4276-97BC-26F006CB3743} [2012-04-09 18:56:45 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\GRETECH [2012-04-09 18:56:24 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player [2012-04-09 18:56:16 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\GRETECH [2012-04-09 18:52:45 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Media Player Classic [2012-04-08 20:18:16 \| 000,000,000 \| R—D \| C]—C:\Users\Andreas\Dropbox [2012-04-08 20:16:38 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2012-04-08 20:16:08 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Dropbox [2012-04-08 17:47:57 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\WinRAR [2012-04-08 17:47:57 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-08 17:47:57 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012-04-08 17:47:55 \| 000,000,000 \|—-D \| C]—C:\Program Files\WinRAR [2012-04-08 11:09:48 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{33E72490-22ED-4FA5-B428-2A66F3F32188} [2012-04-08 11:09:25 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{5A711B32-A801-4FC2-ABE0-471057D33491} [2012-04-08 11:09:25 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{3CFCBC6C-2D82-413B-8B82-B6EB6F1552E8} [2012-04-06 23:26:26 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\TeamViewer [2012-04-06 23:23:31 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\TeamViewer [2012-04-06 19:28:50 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\.oces2 [2012-04-06 19:27:25 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Sun [2012-04-06 19:27:24 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Common Files\Java [2012-04-06 19:27:12 \| 000,472,808 \|——\| C] (Sun Microsystems, Inc.)—C:\Windows\SysWow64\deployJava1.dll [2012-04-06 19:27:12 \| 000,157,472 \|——\| C] (Sun Microsystems, Inc.)—C:\Windows\SysWow64\javaws.exe [2012-04-06 19:27:12 \| 000,149,280 \|——\| C] (Sun Microsystems, Inc.)—C:\Windows\SysWow64\javaw.exe [2012-04-06 19:27:12 \| 000,149,280 \|——\| C] (Sun Microsystems, Inc.)—C:\Windows\SysWow64\java.exe [2012-04-06 19:27:05 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Java [2012-04-06 19:23:25 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Macromedia [2012-04-06 19:23:11 \| 000,000,000 \|—-D \| C]—C:\ProgramData\McAfee [2012-04-06 19:23:00 \| 000,070,304 \|——\| C] (Adobe Systems Incorporated)—C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-04-06 19:22:59 \| 000,000,000 \|—-D \| C]—C:\Windows\SysWow64\Macromed [2012-04-06 17:47:04 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{08B8850C-854A-4B28-B695-4072AEF5463D} [2012-04-06 17:47:02 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Adobe [2012-04-06 17:47:02 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\Adobe [2012-04-06 17:46:50 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{11C11545-9F0E-437F-9DAD-FEAD5AADFC28} [2012-04-06 00:28:47 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Common Files\Creative [2012-04-06 00:28:46 \| 000,000,000 \| -H-D \| C]—C:\Program Files (x86)\Creative Installation Information [2012-04-06 00:07:20 \| 000,090,112 \|——\| C] (Creative Technology Ltd.)—C:\Windows\Updreg.EXE [2012-04-06 00:07:17 \| 000,466,520 \|——\| C] (Creative Labs)—C:\Windows\SysNative\wrap_oal.dll [2012-04-06 00:07:17 \| 000,445,016 \|——\| C] (Creative Labs)—C:\Windows\SysWow64\wrap_oal.dll [2012-04-06 00:07:17 \| 000,123,480 \|——\| C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.)—C:\Windows\SysNative\OpenAL32.dll [2012-04-06 00:07:17 \| 000,109,144 \|——\| C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.)—C:\Windows\SysWow64\OpenAL32.dll [2012-04-06 00:07:08 \| 002,906,588 \|——\| C] (Creative)—C:\Windows\SysWow64\Sens_oal.dll [2012-04-06 00:06:44 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Common Files\Creative Labs Shared [2012-04-06 00:05:32 \| 000,699,952 \|——\| C] (Creative Technology Ltd)—C:\Windows\KSAIM64.exe [2012-04-05 23:57:53 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Creative Labs [2012-04-05 23:57:03 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\Programs [2012-04-05 08:29:37 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Beta [2012-04-05 08:29:03 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Battle.net [2012-04-05 08:18:25 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse [2012-04-05 08:17:14 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\Deployment [2012-04-05 08:17:14 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\Apps [2012-04-05 08:11:59 \| 000,000,000 \|—-D \| C]—C:\Windows\Panther [2012-04-05 00:06:56 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\{6C57DFDD-1194-45CB-B38E-A82CF4138D39} [2012-04-05 00:06:41 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Windows Live Writer [2012-04-05 00:06:41 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\Windows Live Writer [2012-04-04 23:59:45 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Windows Live [2012-04-04 23:59:41 \| 000,000,000 \|—-D \| C]—C:\Program Files\Windows Live [2012-04-04 23:59:27 \| 000,000,000 \|—-D \| C]—C:\Windows\PCHEALTH [2012-04-04 23:57:20 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\Windows Live [2012-04-04 23:57:15 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Common Files\Windows Live [2012-04-04 23:45:42 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft [2012-04-04 23:45:42 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Common Files\Blizzard Entertainment [2012-04-04 23:45:14 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Blizzard Entertainment [2012-04-04 23:44:33 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\Desktop\Games [2012-04-04 23:39:19 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2012-04-04 23:39:19 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Common Files\Steam [2012-04-04 23:38:50 \| 000,000,000 \|—-D \| C]—C:\Games [2012-04-04 23:31:16 \| 001,426,536 \|——\| C] (NVIDIA Corporation)—C:\Windows\SysNative\nvhdagenco642040.dll [2012-04-04 23:31:16 \| 000,174,184 \|——\| C] (NVIDIA Corporation)—C:\Windows\SysNative\drivers\nvhda64v.sys [2012-04-04 23:31:16 \| 000,029,288 \|——\| C] (NVIDIA Corporation)—C:\Windows\SysNative\nvhdap64.dll [2012-04-04 23:28:04 \| 001,737,536 \|——\| C] (NVIDIA Corporation)—C:\Windows\SysNative\nvdispco64.dll [2012-04-04 23:28:04 \| 001,466,176 \|——\| C] (NVIDIA Corporation)—C:\Windows\SysNative\nvgenco64.dll [2012-04-04 23:27:29 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Skype [2012-04-04 23:27:21 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012-04-04 23:27:21 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Common Files\Skype [2012-04-04 23:27:18 \| 000,000,000 \| R—D \| C]—C:\Program Files (x86)\Skype [2012-04-04 23:27:04 \| 009,717,568 \|——\| C] (NVIDIA Corporation)—C:\Windows\SysNative\nvwgf2umx.dll [2012-04-04 23:27:03 \| 007,713,088 \|——\| C] (NVIDIA Corporation)—C:\Windows\SysWow64\nvwgf2um.dll [2012-04-04 23:26:48 \| 017,642,816 \|——\| C] (NVIDIA Corporation)—C:\Windows\SysNative\nvd3dumx.dll [2012-04-04 23:26:31 \| 002,301,248 \|——\| C] (NVIDIA Corporation)—C:\Windows\SysWow64\nvapi.dll [2012-04-04 23:23:12 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\Desktop\Random shit [2012-04-04 23:21:28 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\Google [2012-04-04 23:21:28 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Google [2012-04-04 23:21:28 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012-04-04 23:21:27 \| 000,337,240 \|——\| C] (AVAST Software)—C:\Windows\SysNative\drivers\aswSP.sys [2012-04-04 23:21:27 \| 000,024,408 \|——\| C] (AVAST Software)—C:\Windows\SysNative\drivers\aswFsBlk.sys [2012-04-04 23:21:25 \| 000,053,080 \|——\| C] (AVAST Software)—C:\Windows\SysNative\drivers\aswRdr2.sys [2012-04-04 23:21:24 \| 000,819,032 \|——\| C] (AVAST Software)—C:\Windows\SysNative\drivers\aswSnx.sys [2012-04-04 23:21:24 \| 000,059,224 \|——\| C] (AVAST Software)—C:\Windows\SysNative\drivers\aswTdi.sys [2012-04-04 23:21:20 \| 000,258,520 \|——\| C] (AVAST Software)—C:\Windows\SysNative\aswBoot.exe [2012-04-04 23:21:20 \| 000,069,976 \|——\| C] (AVAST Software)—C:\Windows\SysNative\drivers\aswMonFlt.sys [2012-04-04 23:20:57 \| 000,201,352 \|——\| C] (AVAST Software)—C:\Windows\SysWow64\aswBoot.exe [2012-04-04 23:20:57 \| 000,041,184 \|——\| C] (AVAST Software)—C:\Windows\avastSS.scr [2012-04-04 23:20:49 \| 000,000,000 \|—-D \| C]—C:\ProgramData\AVAST Software [2012-04-04 23:20:49 \| 000,000,000 \|—-D \| C]—C:\Program Files\AVAST Software [2012-04-04 23:19:55 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\AVG [2012-04-04 23:12:16 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Creative [2012-04-04 23:12:16 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Creative [2012-04-04 23:09:55 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Intel Corporation [2012-04-04 23:09:38 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Creative [2012-04-04 23:04:47 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Skype [2012-04-04 23:02:36 \| 001,900,032 \|——\| C] (Creative)—C:\Windows\SysNative\Sens_oal.dll [2012-04-04 23:02:27 \| 000,647,872 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\Mscomct2.ocx [2012-04-04 23:02:27 \| 000,053,248 \|——\| C] (Creative Technology Ltd )—C:\Windows\Ctregrun.exe [2012-04-04 23:01:49 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative [2012-04-04 23:01:06 \| 001,758,208 \|——\| C] (Creative Technology Ltd.)—C:\Windows\SysNative\drivers\ksaud.sys [2012-04-04 23:01:06 \| 001,113,088 \|——\| C] (Creative Technology Ltd.)—C:\Windows\SysNative\KsMalc64.DLL [2012-04-04 23:01:06 \| 000,953,856 \|——\| C] (Creative Technology Ltd.)—C:\Windows\SysWow64\KsMalc32.dll [2012-04-04 23:01:06 \| 000,873,472 \|——\| C] (Creative Technology Ltd.)—C:\Windows\SysNative\KSAPO64.dll [2012-04-04 23:01:06 \| 000,733,184 \|——\| C] (Creative Technology Ltd.)—C:\Windows\SysWow64\KSAPO32.dll [2012-04-04 23:01:06 \| 000,354,304 \|——\| C] (Creative Technology Ltd.)—C:\Windows\SysNative\KSVSPI64.dll [2012-04-04 23:01:06 \| 000,258,560 \|——\| C] (Creative Technology Ltd.)—C:\Windows\SysWow64\KSVSPI32.dll [2012-04-04 23:01:06 \| 000,235,520 \|——\| C] (Creative Technology Limited)—C:\Windows\SysNative\KsDvInst.dll [2012-04-04 23:01:06 \| 000,115,200 \|——\| C] (Creative Technology Ltd.)—C:\Windows\SysNative\SBAVMon.dll [2012-04-04 23:01:06 \| 000,057,856 \|——\| C] (Creative Technology Ltd.)—C:\Windows\SysNative\KSPPLD64.dll [2012-04-04 23:01:06 \| 000,000,000 \|—-D \| C]—C:\Program Files\Creative [2012-04-04 23:00:31 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Creative [2012-04-04 22:58:17 \| 000,066,160 \|——\| C] (Giga-Byte Technology CO., LTD.)—C:\Windows\SysNative\drivers\VirtDiskBus64.sys [2012-04-04 22:57:46 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Adobe [2012-04-04 22:57:00 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip [2012-04-04 22:56:43 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\WinZip [2012-04-04 22:56:43 \| 000,000,000 \|—-D \| C]—C:\ProgramData\WinZip [2012-04-04 22:56:41 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\WinZip [2012-04-04 22:53:54 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Mozilla [2012-04-04 22:53:54 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\Mozilla [2012-04-04 22:53:51 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Mozilla Firefox [2012-04-04 22:45:11 \| 000,000,000 \| -H-D \| C]—C:\ProgramData\Common Files [2012-04-04 22:43:31 \| 000,000,000 \|—-D \| C]—C:\ProgramData\MFAData [2012-04-04 22:40:27 \| 000,000,000 \|—-D \| C]—C:\ProgramData\InstallShield [2012-04-04 22:39:01 \| 000,073,728 \|——\| C] (InstallShield Software Corporation)—C:\Windows\SysWow64\ISUSPM.cpl [2012-04-04 22:37:48 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE [2012-04-04 22:37:42 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\AMD [2012-04-04 22:33:50 \| 000,000,000 \|—-D \| C]—C:\ProgramData\NVIDIA [2012-04-04 22:33:46 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\NVIDIA Corporation [2012-04-04 22:33:40 \| 006,136,936 \| R—- \| C] (NVIDIA Corporation)—C:\Windows\SysNative\nvcpl.dll [2012-04-04 22:33:40 \| 003,021,416 \| R—- \| C] (NVIDIA Corporation)—C:\Windows\SysNative\nvsvc64.dll [2012-04-04 22:33:40 \| 002,560,616 \|——\| C] (NVIDIA Corporation)—C:\Windows\SysNative\nvsvcr.dll [2012-04-04 22:33:40 \| 000,836,200 \| R—- \| C] (NVIDIA Corporation)—C:\Windows\SysNative\easyupdatusapiu64.dll [2012-04-04 22:33:40 \| 000,117,864 \| R—- \| C] (NVIDIA Corporation)—C:\Windows\SysNative\nvmctray.dll [2012-04-04 22:33:40 \| 000,061,544 \| R—- \| C] (NVIDIA Corporation)—C:\Windows\SysNative\nvshext.dll [2012-04-04 22:33:30 \| 000,000,000 \|—-D \| C]—C:\ProgramData\NVIDIA Corporation [2012-04-04 22:33:28 \| 000,000,000 \|—-D \| C]—C:\Program Files\NVIDIA Corporation [2012-04-04 22:32:26 \| 000,009,216 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\rdrmemptylst.exe [2012-04-04 22:32:21 \| 001,031,680 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\rdpcore.dll [2012-04-04 22:32:21 \| 000,826,880 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\rdpcore.dll [2012-04-04 22:32:06 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Splashtop [2012-04-04 22:31:56 \| 000,000,000 \|—-D \| C]—C:\Program Files\GIGABYTE [2012-04-04 22:31:56 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\GIGABYTE [2012-04-04 22:31:53 \| 000,000,000 \| -HSD \| C]—C:\Windows\SysWow64\AI_RecycleBin [2012-04-04 22:31:37 \| 000,000,000 \|—-D \| C]—C:\Program Files\Fresco Logic [2012-04-04 22:31:21 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell [2012-04-04 22:31:09 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Marvell [2012-04-04 22:31:06 \| 000,000,000 \| R—D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [2012-04-04 22:30:41 \| 000,171,688 \|——\| C] (Intel Corporation)—C:\Windows\SysNative\IPROSetMonitor.exe [2012-04-04 22:30:35 \| 000,000,000 \|—-D \| C]—C:\Program Files\Intel [2012-04-04 22:30:30 \| 000,355,016 \| R—- \| C] (Intel Corporation)—C:\Windows\SysNative\PROUnstl.exe [2012-04-04 22:29:54 \| 000,342,704 \|——\| C] (Intel Corporation)—C:\Windows\SysNative\drivers\e1c62x64.sys [2012-04-04 22:29:54 \| 000,068,264 \|——\| C] (Intel Corporation)—C:\Windows\SysNative\e1cmsg.dll [2012-04-04 22:29:54 \| 000,036,472 \|——\| C] (Intel Corporation)—C:\Windows\SysNative\NicCo36.dll [2012-04-04 22:29:53 \| 000,098,496 \|——\| C] (Intel Corporation)—C:\Windows\SysNative\NicInstC.dll [2012-04-04 22:28:50 \| 000,000,000 \| -H-D \| C]—C:\Program Files (x86)\Temp [2012-04-04 22:28:50 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Realtek [2012-04-04 22:28:45 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Common Files\InstallShield [2012-04-04 22:27:54 \| 000,053,248 \| R—- \| C] (Windows XP Bundled build C-Centric Single User)—C:\Windows\SysWow64\CSVer.dll [2012-04-04 22:27:46 \| 000,000,000 \|—-D \| C]—C:\Intel [2012-04-04 22:27:45 \| 000,056,600 \|——\| C] (Intel Corporation)—C:\Windows\SysNative\drivers\HECIx64.sys [2012-04-04 22:27:44 \| 000,000,000 \| -H-D \| C]—C:\Program Files (x86)\InstallShield Installation Information [2012-04-04 22:27:44 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Intel [2012-04-04 22:27:43 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\InstallShield [2012-04-04 22:27:13 \| 000,000,000 \| -H-D \| C]—C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3} [2012-04-04 22:27:11 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Splashtop [2012-04-04 22:26:55 \| 000,000,000 \| -HSD \| C]—C:\Windows\Installer [2012-04-04 22:22:31 \| 000,000,000 \| R—D \| C]—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012-04-04 22:22:31 \| 000,000,000 \| R—D \| C]—C:\Users\Andreas\Searches [2012-04-04 22:22:31 \| 000,000,000 \| R—D \| C]—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012-04-04 22:22:31 \| 000,000,000 \| -H-D \| C]—C:\Users\Andreas\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2012-04-04 22:22:23 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Identities [2012-04-04 22:22:20 \| 000,000,000 \| R—D \| C]—C:\Users\Andreas\Contacts [2012-04-04 22:22:18 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\VirtualStore [2012-04-04 22:22:06 \| 000,000,000 \|—SD \| C]—C:\Users\Andreas\AppData\Roaming\Microsoft [2012-04-04 22:22:06 \| 000,000,000 \| R—D \| C]—C:\Users\Andreas\Videos [2012-04-04 22:22:06 \| 000,000,000 \| R—D \| C]—C:\Users\Andreas\Saved Games [2012-04-04 22:22:06 \| 000,000,000 \| R—D \| C]—C:\Users\Andreas\Pictures [2012-04-04 22:22:06 \| 000,000,000 \| R—D \| C]—C:\Users\Andreas\Music [2012-04-04 22:22:06 \| 000,000,000 \| R—D \| C]—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012-04-04 22:22:06 \| 000,000,000 \| R—D \| C]—C:\Users\Andreas\Links [2012-04-04 22:22:06 \| 000,000,000 \| R—D \| C]—C:\Users\Andreas\Favorites [2012-04-04 22:22:06 \| 000,000,000 \| R—D \| C]—C:\Users\Andreas\Downloads [2012-04-04 22:22:06 \| 000,000,000 \| R—D \| C]—C:\Users\Andreas\Documents [2012-04-04 22:22:06 \| 000,000,000 \| R—D \| C]—C:\Users\Andreas\Desktop [2012-04-04 22:22:06 \| 000,000,000 \| R—D \| C]—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012-04-04 22:22:06 \| 000,000,000 \| -HSD \| C]—C:\Users\Andreas\AppData\Local\Temporary Internet Files [2012-04-04 22:22:06 \| 000,000,000 \| -HSD \| C]—C:\Users\Andreas\Templates [2012-04-04 22:22:06 \| 000,000,000 \| -HSD \| C]—C:\Users\Andreas\Start Menu [2012-04-04 22:22:06 \| 000,000,000 \| -HSD \| C]—C:\Users\Andreas\SendTo [2012-04-04 22:22:06 \| 000,000,000 \| -HSD \| C]—C:\Users\Andreas\Recent [2012-04-04 22:22:06 \| 000,000,000 \| -HSD \| C]—C:\Users\Andreas\PrintHood [2012-04-04 22:22:06 \| 000,000,000 \| -HSD \| C]—C:\Users\Andreas\NetHood [2012-04-04 22:22:06 \| 000,000,000 \| -HSD \| C]—C:\Users\Andreas\Documents\My Videos [2012-04-04 22:22:06 \| 000,000,000 \| -HSD \| C]—C:\Users\Andreas\Documents\My Pictures [2012-04-04 22:22:06 \| 000,000,000 \| -HSD \| C]—C:\Users\Andreas\Documents\My Music [2012-04-04 22:22:06 \| 000,000,000 \| -HSD \| C]—C:\Users\Andreas\My Documents [2012-04-04 22:22:06 \| 000,000,000 \| -HSD \| C]—C:\Users\Andreas\Local Settings [2012-04-04 22:22:06 \| 000,000,000 \| -HSD \| C]—C:\Users\Andreas\AppData\Local\History [2012-04-04 22:22:06 \| 000,000,000 \| -HSD \| C]—C:\Users\Andreas\Cookies [2012-04-04 22:22:06 \| 000,000,000 \| -HSD \| C]—C:\Users\Andreas\Application Data [2012-04-04 22:22:06 \| 000,000,000 \| -HSD \| C]—C:\Users\Andreas\AppData\Local\Application Data [2012-04-04 22:22:06 \| 000,000,000 \| -H-D \| C]—C:\Users\Andreas\AppData [2012-04-04 22:22:06 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\Temp [2012-04-04 22:22:06 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Local\Microsoft [2012-04-04 22:22:06 \| 000,000,000 \|—-D \| C]—C:\Users\Andreas\AppData\Roaming\Media Center Programs [2012-04-04 22:21:59 \| 000,000,000 \| -HSD \| C]—C:\Recovery [2012-04-04 22:16:21 \| 000,000,000 \|—-D \| C]—C:\Windows\SoftwareDistribution [2012-04-04 22:14:09 \| 000,000,000 \|—-D \| C]—C:\Windows\Prefetch [2012-04-04 22:13:28 \| 000,000,000 \| -HSD \| C]—C:\System Volume Information [2012-03-28 22:11:08 \| 000,325,552 \|——\| C] ((주)마크애니)—C:\Windows\MASetupCaller.dll [2012-03-28 22:11:08 \| 000,090,112 \|——\| C] ((주)마크애니)—C:\Windows\MAMCityDownload.ocx [2012-03-28 22:11:06 \| 000,569,344 \|——\| C] ((c) MusicCity)—C:\Windows\SysWow64\muzdecode.ax [2012-03-28 22:11:06 \| 000,491,520 \|——\| C] (Musiccity Co.Ltd.)—C:\Windows\SysWow64\muzapp.dll [2012-03-28 22:11:06 \| 000,352,256 \|——\| C] (Sample Corporation)—C:\Windows\SysWow64\MSLUR71.dll [2012-03-28 22:11:06 \| 000,258,048 \|——\| C] ((c) PeeringPortal)—C:\Windows\SysWow64\muzoggsp.ax [2012-03-28 22:11:06 \| 000,245,760 \|——\| C] (Teruten Inc.)—C:\Windows\SysWow64\MSCLib.dll [2012-03-28 22:11:06 \| 000,200,704 \|——\| C] ( (c) MusicCity)—C:\Windows\SysWow64\muzwmts.dll [2012-03-28 22:11:06 \| 000,172,032 \|——\| C] (Musiccity Co.Ltd.)—C:\Windows\SysWow64\muzapp.exe [2012-03-28 22:11:06 \| 000,155,648 \|——\| C] (Teruten Inc.)—C:\Windows\SysWow64\MSFLib.dll [2012-03-28 22:11:06 \| 000,135,168 \|——\| C] (Musiccity Co.Ltd.)—C:\Windows\SysWow64\muzaf1.dll [2012-03-28 22:11:06 \| 000,131,072 \|——\| C] ((c) MusicCity)—C:\Windows\SysWow64\muzmpgsp.ax [2012-03-28 22:11:06 \| 000,122,880 \|——\| C] ((c) MUSICCITY)—C:\Windows\SysWow64\muzeffect.ax [2012-03-28 22:11:06 \| 000,118,784 \|——\| C] ((주)마크애니)—C:\Windows\SysWow64\MaDRM.dll [2012-03-28 22:11:06 \| 000,110,592 \|——\| C] ((c) MusicCity)—C:\Windows\SysWow64\muzmp4sp.ax [2012-03-28 22:11:06 \| 000,057,344 \|——\| C] (Marktek)—C:\Windows\SysWow64\MK_Lyric.dll [2012-03-28 22:11:06 \| 000,057,344 \|——\| C] (Marktek Inc.)—C:\Windows\SysWow64\MTXSYNCICON.dll [2012-03-28 22:11:06 \| 000,049,152 \|——\| C] ((주) 마크애니)—C:\Windows\SysWow64\MaJGUILib.dll [2012-03-28 22:11:06 \| 000,045,320 \|——\| C] (MARKANY)—C:\Windows\SysWow64\MAMACExtract.dll [2012-03-28 22:11:06 \| 000,045,056 \|——\| C] ((주) 마크애니)—C:\Windows\SysWow64\MaXMLProto.dll [2012-03-28 22:11:06 \| 000,045,056 \|——\| C] ((주) 마크애니)—C:\Windows\SysWow64\MACXMLProto.dll [2012-03-28 22:11:06 \| 000,040,960 \|——\| C] (Telechips Inc.,)—C:\Windows\SysWow64\MTTELECHIP.dll [2012-03-28 22:11:06 \| 000,024,576 \|——\| C] ((주)마크애니)—C:\Windows\SysWow64\MASetupCleaner.exe [4 C:\Windows\SysWow64\.tmp files -> C:\Windows\SysWow64\.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012-04-19 10:40:00 \| 000,000,830 \|——\| M] ()—C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-19 08:15:23 \| 000,780,650 \|——\| M] ()—C:\Windows\SysNative\PerfStringBackup.INI [2012-04-19 08:15:23 \| 000,652,976 \|——\| M] ()—C:\Windows\SysNative\perfh009.dat [2012-04-19 08:15:23 \| 000,121,406 \|——\| M] ()—C:\Windows\SysNative\perfc009.dat [2012-04-19 07:46:54 \| 000,013,408 \| -H—\| M] ()—C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-04-19 07:46:53 \| 000,013,408 \| -H—\| M] ()—C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012-04-19 07:39:21 \| 000,025,640 \|——\| M] (Windows (R) Server 2003 DDK provider)—C:\Windows\gdrv.sys [2012-04-19 07:38:50 \| 000,067,584 \|—S- \| M] ()—C:\Windows\bootstat.dat [2012-04-19 07:38:45 \| 4257,538,046 \| -HS- \| M] ()—C:\hiberfil.sys [2012-04-18 20:50:24 \| 000,000,512 \|——\| M] ()—C:\Users\Andreas\Desktop\MBR.dat [2012-04-18 15:48:33 \| 000,059,681 \|——\| M] ()—C:\Users\Andreas\Desktop\Lille_dansk.dwg [2012-04-18 10:21:33 \| 010,294,528 \|——\| M] ()—C:\Users\Andreas\Documents\trikz_daemon.zip [2012-04-18 09:27:45 \| 000,000,205 \|——\| M] ()—C:\Users\Andreas\Desktop\Counter-Strike Source.url [2012-04-18 07:56:01 \| 000,001,053 \|——\| M] ()—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-04-18 07:55:36 \| 000,001,025 \|——\| M] ()—C:\Users\Andreas\Desktop\Dropbox.lnk [2012-04-17 16:31:34 \| 000,000,010 \|——\| M] ()—C:\Windows\GSetup.ini [2012-04-17 12:39:00 \| 000,298,328 \|——\| M] ()—C:\Windows\SysNative\FNTCACHE.DAT [2012-04-17 11:53:09 \| 000,001,808 \|——\| M] ()—C:\Users\Andreas\Desktop\SUPERAntiSpyware Free Edition.lnk [2012-04-16 17:00:07 \| 000,175,616 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\msclmd.dll [2012-04-16 17:00:07 \| 000,152,576 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\msclmd.dll [2012-04-16 16:51:46 \| 000,000,000 \| -H—\| M] ()—C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf [2012-04-16 16:31:44 \| 000,002,019 \|——\| M] ()—C:\Users\Public\Desktop\Adobe Reader X.lnk [2012-04-16 16:22:57 \| 000,001,113 \|——\| M] ()—C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-04-16 16:16:40 \| 000,000,822 \|——\| M] ()—C:\Users\Public\Desktop\CCleaner.lnk [2012-04-15 23:55:43 \| 000,001,885 \|——\| M] ()—C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012-04-14 17:59:14 \| 000,766,118 \|——\| M] ()—C:\Windows\SysWow64\PerfStringBackup.INI [2012-04-13 20:40:23 \| 000,418,464 \|——\| M] (Adobe Systems Incorporated)—C:\Windows\SysWow64\FlashPlayerApp.exe [2012-04-13 20:40:23 \| 000,070,304 \|——\| M] (Adobe Systems Incorporated)—C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012-04-13 20:40:06 \| 008,766,112 \|——\| M] (Adobe Systems Incorporated)—C:\Windows\SysWow64\FlashPlayerInstaller.exe [2012-04-13 17:53:01 \| 000,002,048 \|——\| M] ()—C:\Users\Andreas\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2012-04-13 17:53:01 \| 000,001,134 \|——\| M] ()—C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-04-13 17:43:57 \| 000,001,441 \|——\| M] ()—C:\Users\Andreas\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012-04-13 14:27:42 \| 003,695,416 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\ieapfltr.dat [2012-04-13 14:27:42 \| 003,695,416 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\ieapfltr.dat [2012-04-13 14:27:42 \| 002,311,168 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\jscript9.dll [2012-04-13 14:27:42 \| 001,493,504 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\inetcpl.cpl [2012-04-13 14:27:42 \| 001,427,456 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\inetcpl.cpl [2012-04-13 14:27:42 \| 000,818,688 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\jscript.dll [2012-04-13 14:27:42 \| 000,716,800 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\jscript.dll [2012-04-13 14:27:42 \| 000,696,832 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\msfeeds.dll [2012-04-13 14:27:42 \| 000,603,648 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\vbscript.dll [2012-04-13 14:27:42 \| 000,534,528 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\ieapfltr.dll [2012-04-13 14:27:42 \| 000,452,608 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\dxtmsft.dll [2012-04-13 14:27:42 \| 000,448,512 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\html.iec [2012-04-13 14:27:42 \| 000,434,176 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\ieapfltr.dll [2012-04-13 14:27:42 \| 000,367,104 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\html.iec [2012-04-13 14:27:42 \| 000,282,112 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\dxtrans.dll [2012-04-13 14:27:42 \| 000,267,776 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\ieaksie.dll [2012-04-13 14:27:42 \| 000,248,320 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\ieui.dll [2012-04-13 14:27:42 \| 000,237,056 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\url.dll [2012-04-13 14:27:42 \| 000,231,936 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\url.dll [2012-04-13 14:27:42 \| 000,227,840 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\ieaksie.dll [2012-04-13 14:27:42 \| 000,222,208 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\msls31.dll [2012-04-13 14:27:42 \| 000,197,120 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\msrating.dll [2012-04-13 14:27:42 \| 000,176,640 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\ieui.dll [2012-04-13 14:27:42 \| 000,173,056 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\ieUnatt.exe [2012-04-13 14:27:42 \| 000,165,888 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\iexpress.exe [2012-04-13 14:27:42 \| 000,163,840 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\ieakui.dll [2012-04-13 14:27:42 \| 000,163,840 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\ieakui.dll [2012-04-13 14:27:42 \| 000,162,304 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\msrating.dll [2012-04-13 14:27:42 \| 000,160,256 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\wextract.exe [2012-04-13 14:27:42 \| 000,160,256 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\ieakeng.dll [2012-04-13 14:27:42 \| 000,152,064 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\wextract.exe [2012-04-13 14:27:42 \| 000,150,528 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\iexpress.exe [2012-04-13 14:27:42 \| 000,149,504 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\occache.dll [2012-04-13 14:27:42 \| 000,145,920 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\iepeers.dll [2012-04-13 14:27:42 \| 000,142,848 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\ieUnatt.exe [2012-04-13 14:27:42 \| 000,135,168 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\IEAdvpack.dll [2012-04-13 14:27:42 \| 000,130,560 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\ieakeng.dll [2012-04-13 14:27:42 \| 000,123,392 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\occache.dll [2012-04-13 14:27:42 \| 000,118,784 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\iepeers.dll [2012-04-13 14:27:42 \| 000,114,176 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\admparse.dll [2012-04-13 14:27:42 \| 000,111,616 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\iesysprep.dll [2012-04-13 14:27:42 \| 000,110,592 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\IEAdvpack.dll [2012-04-13 14:27:42 \| 000,103,936 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\inseng.dll [2012-04-13 14:27:42 \| 000,101,888 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\admparse.dll [2012-04-13 14:27:42 \| 000,096,256 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\mshtmled.dll [2012-04-13 14:27:42 \| 000,091,648 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\SetIEInstalledDate.exe [2012-04-13 14:27:42 \| 000,089,088 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\RegisterIEPKEYs.exe [2012-04-13 14:27:42 \| 000,089,088 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\ie4uinit.exe [2012-04-13 14:27:42 \| 000,086,528 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\iesysprep.dll [2012-04-13 14:27:42 \| 000,085,504 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\iesetup.dll [2012-04-13 14:27:42 \| 000,082,432 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\icardie.dll [2012-04-13 14:27:42 \| 000,078,848 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\inseng.dll [2012-04-13 14:27:42 \| 000,076,800 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\tdc.ocx [2012-04-13 14:27:42 \| 000,076,800 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\SetIEInstalledDate.exe [2012-04-13 14:27:42 \| 000,074,752 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\RegisterIEPKEYs.exe [2012-04-13 14:27:42 \| 000,074,752 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\iesetup.dll [2012-04-13 14:27:42 \| 000,074,240 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\ie4uinit.exe [2012-04-13 14:27:42 \| 000,072,822 \|——\| M] ()—C:\Windows\SysWow64\ieuinit.inf [2012-04-13 14:27:42 \| 000,072,822 \|——\| M] ()—C:\Windows\SysNative\ieuinit.inf [2012-04-13 14:27:42 \| 000,072,704 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\mshtmled.dll [2012-04-13 14:27:42 \| 000,066,048 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\icardie.dll [2012-04-13 14:27:42 \| 000,065,024 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\pngfilt.dll [2012-04-13 14:27:42 \| 000,063,488 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\tdc.ocx [2012-04-13 14:27:42 \| 000,054,272 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\pngfilt.dll [2012-04-13 14:27:42 \| 000,049,664 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\imgutil.dll [2012-04-13 14:27:42 \| 000,048,640 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\mshtmler.dll [2012-04-13 14:27:42 \| 000,048,640 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\mshtmler.dll [2012-04-13 14:27:42 \| 000,039,936 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\iernonce.dll [2012-04-13 14:27:42 \| 000,031,744 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\iernonce.dll [2012-04-13 14:27:42 \| 000,030,720 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\licmgr10.dll [2012-04-13 14:27:42 \| 000,023,552 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\licmgr10.dll [2012-04-13 14:27:42 \| 000,012,288 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\mshta.exe [2012-04-13 14:27:42 \| 000,010,752 \|——\| M] (Microsoft Corporation)—C:\Windows\SysWow64\msfeedssync.exe [2012-04-13 14:27:42 \| 000,010,752 \|——\| M] (Microsoft Corporation)—C:\Windows\SysNative\msfeedssync.exe [2012-04-12 15:17:19 \| 000,388,452 \|——\| M] ()—C:\Users\Andreas\Desktop\udstykningsplan.png [2012-04-12 11:08:02 \| 000,002,158 \|——\| M] ()—C:\Users\Public\Desktop\Revit Architecture 2012.lnk [2012-04-11 17:51:05 \| 000,000,000 \| -H—\| M] ()—C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-04-11 17:48:49 \| 000,001,957 \|——\| M] ()—C:\Users\Public\Desktop\Samsung Kies.lnk [2012-04-11 17:46:56 \| 000,001,981 \|——\| M] ()—C:\Users\Andreas\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk [2012-04-10 07:42:53 \| 000,001,239 \|——\| M] ()—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2012-04-10 07:41:40 \| 000,001,206 \|——\| M] ()—C:\Users\Andreas\Desktop\OpenOffice.org 3.3.lnk [2012-04-09 18:56:24 \| 000,001,183 \|——\| M] ()—C:\Users\Andreas\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk [2012-04-09 18:56:24 \| 000,001,159 \|——\| M] ()—C:\Users\Public\Desktop\GOM Player.lnk [2012-04-06 23:23:34 \| 000,001,166 \|——\| M] ()—C:\Users\Public\Desktop\TeamViewer 7.lnk [2012-04-06 19:27:06 \| 000,472,808 \|——\| M] (Sun Microsystems, Inc.)—C:\Windows\SysWow64\deployJava1.dll [2012-04-06 19:27:06 \| 000,157,472 \|——\| M] (Sun Microsystems, Inc.)—C:\Windows\SysWow64\javaws.exe [2012-04-06 19:27:06 \| 000,149,280 \|——\| M] (Sun Microsystems, Inc.)—C:\Windows\SysWow64\javaw.exe [2012-04-06 19:27:06 \| 000,149,280 \|——\| M] (Sun Microsystems, Inc.)—C:\Windows\SysWow64\java.exe [2012-04-06 00:07:17 \| 000,466,520 \|——\| M] (Creative Labs)—C:\Windows\SysNative\wrap_oal.dll [2012-04-06 00:07:17 \| 000,445,016 \|——\| M] (Creative Labs)—C:\Windows\SysWow64\wrap_oal.dll [2012-04-06 00:07:17 \| 000,123,480 \|——\| M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.)—C:\Windows\SysNative\OpenAL32.dll [2012-04-06 00:07:17 \| 000,109,144 \|——\| M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.)—C:\Windows\SysWow64\OpenAL32.dll [2012-04-06 00:06:05 \| 000,000,258 \| RH—\| M] ()—C:\Windows\ctfile.rfc [2012-04-05 08:18:28 \| 000,000,000 \|——\| M] ()—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2012-04-05 08:18:25 \| 000,000,312 \|——\| M] ()—C:\Users\Andreas\Desktop\Curse Client.appref-ms [2012-04-05 00:04:18 \| 000,000,000 \| -H—\| M] ()—C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-04 23:27:21 \| 000,002,513 \|——\| M] ()—C:\Users\Public\Desktop\Skype.lnk [2012-04-04 23:21:20 \| 000,000,000 \|——\| M] ()—C:\Windows\SysWow64\config.nt [2012-04-04 23:08:53 \| 000,030,528 \|——\| M] ()—C:\Windows\GVTDrv64.sys [2012-04-04 23:08:53 \| 000,000,004 \|——\| M] ()—C:\Windows\SysWow64\GVTunner.ref [2012-04-04 22:58:19 \| 000,000,000 \| -H—\| M] ()—C:\Windows\SysNative\drivers\Msft_Kernel_VirtDiskBus64_01009.Wdf [2012-04-04 22:53:55 \| 000,000,000 \|——\| M] ()—C:\Windows\nsreg.dat [2012-04-04 22:31:39 \| 000,000,000 \| -H—\| M] ()—C:\Windows\SysNative\drivers\Msft_Kernel_FLxHCIc_01009.Wdf [2012-04-04 22:18:31 \| 000,041,962 \|——\| M] ()—C:\Windows\SysWow64\license.rtf [2012-04-04 22:18:31 \| 000,041,962 \|——\| M] ()—C:\Windows\SysNative\license.rtf [2012-04-04 15:56:40 \| 000,024,904 \|——\| M] (Malwarebytes Corporation)—C:\Windows\SysNative\drivers\mbam.sys [2012-03-28 22:11:22 \| 004,659,712 \|——\| M] (Dmitry Streblechenko)—C:\Windows\SysWow64\Redemption.dll [2012-03-28 22:11:08 \| 000,325,552 \|——\| M] ((주)마크애니)—C:\Windows\MASetupCaller.dll [2012-03-28 22:11:08 \| 000,090,112 \|——\| M] ((주)마크애니)—C:\Windows\MAMCityDownload.ocx [2012-03-28 22:11:08 \| 000,030,568 \|——\| M] ()—C:\Windows\MusiccityDownload.exe [2012-03-28 22:11:06 \| 000,974,848 \|——\| M] ()—C:\Windows\SysWow64\cis-2.4.dll [2012-03-28 22:11:06 \| 000,569,344 \|——\| M] ((c) MusicCity)—C:\Windows\SysWow64\muzdecode.ax [2012-03-28 22:11:06 \| 000,491,520 \|——\| M] (Musiccity Co.Ltd.)—C:\Windows\SysWow64\muzapp.dll [2012-03-28 22:11:06 \| 000,352,256 \|——\| M] (Sample Corporation)—C:\Windows\SysWow64\MSLUR71.dll [2012-03-28 22:11:06 \| 000,258,048 \|——\| M] ((c) PeeringPortal)—C:\Windows\SysWow64\muzoggsp.ax [2012-03-28 22:11:06 \| 000,245,760 \|——\| M] (Teruten Inc.)—C:\Windows\SysWow64\MSCLib.dll [2012-03-28 22:11:06 \| 000,200,704 \|——\| M] ( (c) MusicCity)—C:\Windows\SysWow64\muzwmts.dll [2012-03-28 22:11:06 \| 000,172,032 \|——\| M] (Musiccity Co.Ltd.)—C:\Windows\SysWow64\muzapp.exe [2012-03-28 22:11:06 \| 000,155,648 \|——\| M] (Teruten Inc.)—C:\Windows\SysWow64\MSFLib.dll [2012-03-28 22:11:06 \| 000,143,360 \|——\| M] ()—C:\Windows\SysWow64\3DAudio.ax [2012-03-28 22:11:06 \| 000,135,168 \|——\| M] (Musiccity Co.Ltd.)—C:\Windows\SysWow64\muzaf1.dll [2012-03-28 22:11:06 \| 000,131,072 \|——\| M] ((c) MusicCity)—C:\Windows\SysWow64\muzmpgsp.ax [2012-03-28 22:11:06 \| 000,122,880 \|——\| M] ((c) MUSICCITY)—C:\Windows\SysWow64\muzeffect.ax [2012-03-28 22:11:06 \| 000,118,784 \|——\| M] ((주)마크애니)—C:\Windows\SysWow64\MaDRM.dll [2012-03-28 22:11:06 \| 000,110,592 \|——\| M] ((c) MusicCity)—C:\Windows\SysWow64\muzmp4sp.ax [2012-03-28 22:11:06 \| 000,081,920 \|——\| M] ()—C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012-03-28 22:11:06 \| 000,065,536 \|——\| M] ()—C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012-03-28 22:11:06 \| 000,057,344 \|——\| M] (Marktek)—C:\Windows\SysWow64\MK_Lyric.dll [2012-03-28 22:11:06 \| 000,057,344 \|——\| M] (Marktek Inc.)—C:\Windows\SysWow64\MTXSYNCICON.dll [2012-03-28 22:11:06 \| 000,057,344 \|——\| M] ()—C:\Windows\SysWow64\issacapi_se-2.3.dll [2012-03-28 22:11:06 \| 000,049,152 \|——\| M] ((주) 마크애니)—C:\Windows\SysWow64\MaJGUILib.dll [2012-03-28 22:11:06 \| 000,045,320 \|——\| M] (MARKANY)—C:\Windows\SysWow64\MAMACExtract.dll [2012-03-28 22:11:06 \| 000,045,056 \|——\| M] ((주) 마크애니)—C:\Windows\SysWow64\MaXMLProto.dll [2012-03-28 22:11:06 \| 000,045,056 \|——\| M] ((주) 마크애니)—C:\Windows\SysWow64\MACXMLProto.dll [2012-03-28 22:11:06 \| 000,040,960 \|——\| M] (Telechips Inc.,)—C:\Windows\SysWow64\MTTELECHIP.dll [2012-03-28 22:11:06 \| 000,024,576 \|——\| M] ((주)마크애니)—C:\Windows\SysWow64\MASetupCleaner.exe [2012-03-28 22:11:02 \| 000,821,824 \|——\| M] (Devguru Co., Ltd.)—C:\Windows\SysWow64\dgderapi.dll [4 C:\Windows\SysWow64\.tmp files -> C:\Windows\SysWow64\.tmp -> ] ========== Files Created - No Company Name ========== [2012-04-18 20:50:24 \| 000,000,512 \|——\| C] ()—C:\Users\Andreas\Desktop\MBR.dat [2012-04-18 15:48:33 \| 000,059,681 \|——\| C] ()—C:\Users\Andreas\Desktop\Lille_dansk.dwg [2012-04-18 10:20:09 \| 010,294,528 \|——\| C] ()—C:\Users\Andreas\Documents\trikz_daemon.zip [2012-04-18 09:27:45 \| 000,000,205 \|——\| C] ()—C:\Users\Andreas\Desktop\Counter-Strike Source.url [2012-04-17 12:38:52 \| 000,298,328 \|——\| C] ()—C:\Windows\SysNative\FNTCACHE.DAT [2012-04-17 11:53:09 \| 000,001,808 \|——\| C] ()—C:\Users\Andreas\Desktop\SUPERAntiSpyware Free Edition.lnk [2012-04-16 16:51:46 \| 000,000,000 \| -H—\| C] ()—C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf [2012-04-16 16:31:44 \| 000,002,441 \|——\| C] ()—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012-04-16 16:31:44 \| 000,002,019 \|——\| C] ()—C:\Users\Public\Desktop\Adobe Reader X.lnk [2012-04-16 16:22:57 \| 000,001,113 \|——\| C] ()—C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-04-16 16:16:40 \| 000,000,822 \|——\| C] ()—C:\Users\Public\Desktop\CCleaner.lnk [2012-04-14 17:17:48 \| 000,347,904 \|——\| C] ()—C:\Windows\SysNative\systemsf.ebd [2012-04-14 17:16:26 \| 000,010,429 \|——\| C] ()—C:\Windows\SysNative\ScavengeSpace.xml [2012-04-14 17:16:13 \| 000,105,559 \|——\| C] ()—C:\Windows\SysWow64\RacRules.xml [2012-04-14 17:16:13 \| 000,105,559 \|——\| C] ()—C:\Windows\SysNative\RacRules.xml [2012-04-14 17:16:02 \| 000,001,041 \|——\| C] ()—C:\Windows\SysWow64\tcpbidi.xml [2012-04-13 17:53:01 \| 000,001,146 \|——\| C] ()—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012-04-13 14:27:42 \| 000,072,822 \|——\| C] ()—C:\Windows\SysWow64\ieuinit.inf [2012-04-13 14:27:42 \| 000,072,822 \|——\| C] ()—C:\Windows\SysNative\ieuinit.inf [2012-04-12 15:15:07 \| 000,388,452 \|——\| C] ()—C:\Users\Andreas\Desktop\udstykningsplan.png [2012-04-12 11:08:02 \| 000,002,158 \|——\| C] ()—C:\Users\Public\Desktop\Revit Architecture 2012.lnk [2012-04-12 09:16:26 \| 000,000,830 \|——\| C] ()—C:\Windows\tasks\Adobe Flash Player Updater.job [2012-04-12 09:06:01 \| 000,003,188 \|——\| C] ()—C:\Users\Public\Documents\EULA.rtf [2012-04-11 17:51:05 \| 000,000,000 \| -H—\| C] ()—C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012-04-11 17:48:49 \| 000,001,957 \|——\| C] ()—C:\Users\Public\Desktop\Samsung Kies.lnk [2012-04-11 17:46:56 \| 000,001,981 \|——\| C] ()—C:\Users\Andreas\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk [2012-04-10 07:42:53 \| 000,001,239 \|——\| C] ()—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2012-04-10 07:41:39 \| 000,001,206 \|——\| C] ()—C:\Users\Andreas\Desktop\OpenOffice.org 3.3.lnk [2012-04-09 18:56:24 \| 000,001,183 \|——\| C] ()—C:\Users\Andreas\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk [2012-04-09 18:56:24 \| 000,001,159 \|——\| C] ()—C:\Users\Public\Desktop\GOM Player.lnk [2012-04-08 20:18:16 \| 000,001,025 \|——\| C] ()—C:\Users\Andreas\Desktop\Dropbox.lnk [2012-04-08 20:16:46 \| 000,001,053 \|——\| C] ()—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-04-06 23:23:34 \| 000,001,178 \|——\| C] ()—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk [2012-04-06 23:23:34 \| 000,001,166 \|——\| C] ()—C:\Users\Public\Desktop\TeamViewer 7.lnk [2012-04-06 00:05:58 \| 000,321,024 \|——\| C] ()—C:\Windows\SysNative\APOMgr64.DLL [2012-04-06 00:05:58 \| 000,242,688 \|——\| C] ()—C:\Windows\SysWow64\APOMngr.DLL [2012-04-06 00:05:58 \| 000,089,600 \|——\| C] ()—C:\Windows\SysNative\CmdRtr64.DLL [2012-04-06 00:05:58 \| 000,074,240 \|——\| C] ()—C:\Windows\SysWow6
[ Ignorer ] [ # 12 ] MapleBoy
19.04.2012 11:15:27 Antal indlæg: 13	[2012-04-06 00:05:58 \| 000,074,240 \|——\| C] ()—C:\Windows\SysWow64\CmdRtr.DLL [2012-04-06 00:05:33 \| 000,035,969 \|——\| C] ()—C:\Windows\SysNative\ksaud.ini [2012-04-06 00:05:33 \| 000,015,968 \|——\| C] ()—C:\Windows\SysNative\MixerDefault.reg [2012-04-06 00:05:32 \| 000,029,350 \|——\| C] ()—C:\Windows\ksaudENG.reg [2012-04-05 08:18:28 \| 000,000,000 \|——\| C] ()—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2012-04-05 08:18:25 \| 000,000,312 \|——\| C] ()—C:\Users\Andreas\Desktop\Curse Client.appref-ms [2012-04-05 00:04:18 \| 000,000,000 \| -H—\| C] ()—C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012-04-05 00:02:06 \| 000,001,458 \|——\| C] ()—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [2012-04-04 23:27:21 \| 000,002,513 \|——\| C] ()—C:\Users\Public\Desktop\Skype.lnk [2012-04-04 23:21:28 \| 000,001,885 \|——\| C] ()—C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012-04-04 23:21:20 \| 000,000,000 \|——\| C] ()—C:\Windows\SysWow64\config.nt [2012-04-04 23:10:00 \| 000,766,118 \|——\| C] ()—C:\Windows\SysWow64\PerfStringBackup.INI [2012-04-04 23:08:53 \| 000,030,528 \|——\| C] ()—C:\Windows\GVTDrv64.sys [2012-04-04 23:08:53 \| 000,000,004 \|——\| C] ()—C:\Windows\SysWow64\GVTunner.ref [2012-04-04 23:02:22 \| 000,007,062 \|——\| C] ()—C:\Windows\SysWow64\audiopid.vxd [2012-04-04 23:01:24 \| 000,046,766 \|——\| C] ()—C:\Windows\SysNative\kschimp.ini [2012-04-04 23:01:06 \| 000,004,534 \|——\| C] ()—C:\Windows\SysNative\SB.bmp [2012-04-04 23:01:06 \| 000,003,759 \|——\| C] ()—C:\Windows\SysNative\DeviceDefaultVista.reg [2012-04-04 23:01:06 \| 000,000,806 \|——\| C] ()—C:\ProgramData\CfSB1300.ini [2012-04-04 23:01:05 \| 000,000,258 \| RH—\| C] ()—C:\Windows\ctfile.rfc [2012-04-04 22:58:19 \| 000,000,000 \| -H—\| C] ()—C:\Windows\SysNative\drivers\Msft_Kernel_VirtDiskBus64_01009.Wdf [2012-04-04 22:53:55 \| 000,000,000 \|——\| C] ()—C:\Windows\nsreg.dat [2012-04-04 22:53:52 \| 000,002,048 \|——\| C] ()—C:\Users\Andreas\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2012-04-04 22:53:52 \| 000,001,134 \|——\| C] ()—C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012-04-04 22:40:41 \| 000,001,441 \|——\| C] ()—C:\Users\Andreas\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012-04-04 22:31:56 \| 000,031,272 \|——\| C] ()—C:\Windows\SysNative\AppleChargerSrv.exe [2012-04-04 22:31:56 \| 000,021,616 \|——\| C] ()—C:\Windows\SysNative\drivers\AppleCharger.sys [2012-04-04 22:31:39 \| 000,000,000 \| -H—\| C] ()—C:\Windows\SysNative\drivers\Msft_Kernel_FLxHCIc_01009.Wdf [2012-04-04 22:30:30 \| 000,001,904 \|——\| C] ()—C:\Windows\SysNative\SetupBD.din [2012-04-04 22:29:54 \| 000,003,114 \|——\| C] ()—C:\Windows\SysNative\e1c62x64.din [2012-04-04 22:27:49 \| 000,008,192 \|——\| C] ()—C:\Windows\SysNative\drivers\IntelMEFWVer.dll [2012-04-04 22:26:17 \| 000,000,010 \|——\| C] ()—C:\Windows\GSetup.ini [2012-04-04 22:22:35 \| 000,001,413 \|——\| C] ()—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012-04-04 22:22:32 \| 000,001,447 \|——\| C] ()—C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012-04-04 22:22:06 \| 000,000,290 \|——\| C] ()—C:\Users\Andreas\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2012-04-04 22:22:06 \| 000,000,272 \|——\| C] ()—C:\Users\Andreas\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2012-04-04 22:18:21 \| 000,001,345 \|——\| C] ()—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012-04-04 22:18:18 \| 000,001,326 \|——\| C] ()—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012-04-04 22:13:28 \| 4257,538,046 \| -HS- \| C] ()—C:\hiberfil.sys [2012-03-28 22:11:08 \| 000,030,568 \|——\| C] ()—C:\Windows\MusiccityDownload.exe [2012-03-28 22:11:06 \| 000,974,848 \|——\| C] ()—C:\Windows\SysWow64\cis-2.4.dll [2012-03-28 22:11:06 \| 000,143,360 \|——\| C] ()—C:\Windows\SysWow64\3DAudio.ax [2012-03-28 22:11:06 \| 000,081,920 \|——\| C] ()—C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012-03-28 22:11:06 \| 000,065,536 \|——\| C] ()—C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012-03-28 22:11:06 \| 000,057,344 \|——\| C] ()—C:\Windows\SysWow64\issacapi_se-2.3.dll [2011-08-03 03:31:54 \| 000,311,912 \|——\| C] ()—C:\Windows\SysWow64\nvStreaming.exe ========== LOP Check ========== [2012-04-12 11:13:34 \| 000,000,000 \|—-D \| M]—C:\Users\Andreas\AppData\Roaming\Autodesk [2012-04-19 07:41:03 \| 000,000,000 \|—-D \| M]—C:\Users\Andreas\AppData\Roaming\Dropbox [2012-04-16 22:11:58 \| 000,000,000 \|—-D \| M]—C:\Users\Andreas\AppData\Roaming\Leadertech [2012-04-10 07:42:27 \| 000,000,000 \|—-D \| M]—C:\Users\Andreas\AppData\Roaming\OpenOffice.org [2012-04-11 17:48:54 \| 000,000,000 \|—-D \| M]—C:\Users\Andreas\AppData\Roaming\Samsung [2012-04-14 23:28:15 \| 000,000,000 \|—-D \| M]—C:\Users\Andreas\AppData\Roaming\Splashtop [2012-04-06 23:30:11 \| 000,000,000 \|—-D \| M]—C:\Users\Andreas\AppData\Roaming\TeamViewer [2012-04-05 00:06:41 \| 000,000,000 \|—-D \| M]—C:\Users\Andreas\AppData\Roaming\Windows Live Writer [2009-07-14 07:08:49 \| 000,015,742 \|——\| M] ()—C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < set /c > ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\Andreas\AppData\Roaming CM2012DIR=C:\Program Files (x86)\Common Files\Autodesk Shared\Materials\ CommonProgramFiles=C:\Program Files (x86)\Common Files CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files CommonProgramW6432=C:\Program Files\Common Files COMPUTERNAME=ANDREAS-PC ComSpec=C:\Windows\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Users\Andreas ILBDIR=C:\Program Files (x86)\Common Files\Autodesk Shared\Materials\ ILLDIR=C:\Program Files (x86)\Common Files\Autodesk Shared\Materials\ ILMDIR=C:\Program Files (x86)\Common Files\Autodesk Shared\Materials\ LOCALAPPDATA=C:\Users\Andreas\AppData\Local LOGONSERVER=\\ANDREAS-PC NUMBER_OF_PROCESSORS=8 OS=Windows_NT Path=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Common Files\Autodesk Shared\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROCESSOR_ARCHITECTURE=x86 PROCESSOR_ARCHITEW6432=AMD64 PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 45 Stepping 7, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=2d07 ProgramData=C:\ProgramData ProgramFiles=C:\Program Files (x86) ProgramFiles(x86)=C:\Program Files (x86) ProgramW6432=C:\Program Files PROMPT=$P$G PSModulePath=C:\Windows\system32\WindowsPowerShell\v1.0\Modules\ PUBLIC=C:\Users\Public SystemDrive=C: SystemRoot=C:\Windows TEMP=C:\Users\Andreas\AppData\Local\Temp TMP=C:\Users\Andreas\AppData\Local\Temp USERDOMAIN=Andreas-PC USERNAME=Andreas USERPROFILE=C:\Users\Andreas windir=C:\Windows < MD5 for: IEXPLORE.EXE > [2012-04-13 14:27:42 \| 000,754,488 \|——\| M] (Microsoft Corporation) MD5=042750F96106D9ED302D47F689FE73F5—C:\Program Files\Internet Explorer\iexplore.exe [2012-04-13 14:27:42 \| 000,754,488 \|——\| M] (Microsoft Corporation) MD5=042750F96106D9ED302D47F689FE73F5—C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16443_none_0d40fb578077f50f\iexplore.exe [2012-04-13 14:27:42 \| 000,748,856 \|——\| M] (Microsoft Corporation) MD5=047F5EE8E3C176F41FE3F806D22DEC5C—C:\Program Files (x86)\Internet Explorer\iexplore.exe [2012-04-13 14:27:42 \| 000,748,856 \|——\| M] (Microsoft Corporation) MD5=047F5EE8E3C176F41FE3F806D22DEC5C—C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16443_none_1795a5a9b4d8b70a\iexplore.exe [2012-04-04 15:56:38 \| 000,199,240 \|——\| M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D—C:\Program Files (x86)\Malwarebytes’ Anti-Malware\Chameleon\iexplore.exe [2012-02-28 07:42:27 \| 000,673,048 \|——\| M] (Microsoft Corporation) MD5=09F6A10AB424E2DE445153065FA076BF—C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16968_none_19d2eba472c68c00\iexplore.exe [2009-07-14 03:17:29 \| 000,673,048 \|——\| M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540—C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_19ba3f8a72d988f3\iexplore.exe [2012-02-28 08:38:39 \| 000,696,600 \|——\| M] (Microsoft Corporation) MD5=69073D126F71A4F0FFF1DEE5082A0052—C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16968_none_0f7e41523e65ca05\iexplore.exe [2010-11-20 15:28:25 \| 000,695,056 \|——\| M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634—C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1196a9003b674a92\iexplore.exe [2012-02-28 07:44:39 \| 000,673,048 \|——\| M] (Microsoft Corporation) MD5=8AFD61FB2D96C8229B7D8604F62FA692—C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.21158_none_1a67307d8bdc431b\iexplore.exe [2010-11-20 14:22:51 \| 000,673,040 \|——\| M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024—C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1beb53526fc80c8d\iexplore.exe [2012-02-28 08:56:21 \| 000,696,600 \|——\| M] (Microsoft Corporation) MD5=EFCA1150F17BCE44357F03BB61A29966—C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.21158_none_1012862b577b8120\iexplore.exe [2009-07-14 03:43:43 \| 000,696,600 \|——\| M] (Microsoft Corporation) MD5=F2B0D41E1D08D0B2006DF5AA2E74C81E—C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_0f6595383e78c6f8\iexplore.exe < MD5 for: VOLSNAP.SYS > [2010-11-20 15:34:02 \| 000,295,808 \|——\| M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639—C:\Windows\SysNative\drivers\volsnap.sys [2010-11-20 15:34:02 \| 000,295,808 \|——\| M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639—C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys [2010-11-20 15:34:02 \| 000,295,808 \|——\| M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639—C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys [2009-07-14 03:45:55 \| 000,294,992 \|——\| M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C—C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys < %SYSTEMDRIVE%\. > [2012-04-04 22:40:27 \| 000,000,174 \|——\| M] ()—C:\csb.log [2012-04-19 07:38:45 \| 4257,538,046 \| -HS- \| M] ()—C:\hiberfil.sys [2012-04-04 22:29:41 \| 000,000,206 \|——\| M] ()—C:\Install.log [2006-12-01 23:37:14 \| 000,904,704 \|——\| M] (Microsoft Corporation)—C:\msdia80.dll [2012-04-19 07:38:48 \| 4245,065,725 \| -HS- \| M] ()—C:\pagefile.sys [2012-04-04 22:29:41 \| 000,003,492 \|——\| M] ()—C:\RHDSetup.log [2012-04-06 00:06:30 \| 000,000,183 \|——\| M] ()—C:\Setup.log [2012-04-18 20:43:02 \| 000,128,314 \|——\| M] ()—C:\TDSSKiller.2.7.29.0_18.04.2012_20.41.23_log.txt < %systemroot%\. /rp /s > < %systemroot%\. /mp /s > < %USERPROFILE%\..\|smtmp;true;true;true /FP > < %programfiles%\*. > [2012-04-16 16:31:38 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Adobe [2012-04-04 22:37:42 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\AMD [2012-04-04 23:19:55 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\AVG [2012-04-16 16:31:38 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Common Files [2012-04-06 00:42:34 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Creative [2012-04-06 00:30:24 \| 000,000,000 \| -H-D \| M]—C:\Program Files (x86)\Creative Installation Information [2012-04-17 16:33:51 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Dolby Home Theater v4 [2012-04-17 11:48:57 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\ESET [2012-04-04 22:58:37 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\GIGABYTE [2012-04-04 23:26:23 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Google [2012-04-09 18:56:16 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\GRETECH [2012-04-17 16:32:47 \| 000,000,000 \| -H-D \| M]—C:\Program Files (x86)\InstallShield Installation Information [2012-04-04 22:30:54 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Intel [2012-04-13 17:37:08 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Internet Explorer [2012-04-06 19:27:05 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Java [2012-04-16 16:22:57 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Malwarebytes’ Anti-Malware [2012-04-11 17:46:41 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\MarkAny [2012-04-04 22:31:09 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Marvell [2012-04-12 11:01:47 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Microsoft SDKs [2012-04-15 13:59:28 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Microsoft Silverlight [2012-04-12 11:02:00 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Microsoft Visual Studio 9.0 [2012-04-12 11:01:46 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Microsoft.NET [2012-04-13 17:52:59 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Mozilla Firefox [2009-07-14 07:32:38 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\MSBuild [2012-04-12 16:07:50 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\MyFree Codec [2012-04-16 18:13:10 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\NVIDIA Corporation [2012-04-10 07:41:13 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\OpenOffice.org 3 [2012-04-04 22:28:50 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Realtek [2009-07-14 07:32:38 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Reference Assemblies [2012-04-11 17:47:24 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Samsung [2012-04-04 23:27:21 \| 000,000,000 \| R—D \| M]—C:\Program Files (x86)\Skype [2012-04-06 23:23:31 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\TeamViewer [2012-04-17 16:34:34 \| 000,000,000 \| -H-D \| M]—C:\Program Files (x86)\Temp [2009-07-14 06:57:06 \| 000,000,000 \| -H-D \| M]—C:\Program Files (x86)\Uninstall Information [2009-07-14 07:37:47 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows Defender [2012-04-05 00:03:02 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows Live [2012-04-16 17:49:54 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows Mail [2012-04-16 17:49:53 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows Media Player [2009-07-14 07:32:38 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows NT [2012-04-16 17:49:53 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows Photo Viewer [2012-04-16 17:49:53 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows Portable Devices [2012-04-16 17:49:54 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows Sidebar [2012-04-04 22:56:41 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\WinZip < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\|LastSuccessTime /rs > ========== Hard Links - Junction Points - Mount Points - Symbolic Links ========== [C:\Windows\System32\config\systemprofile\AppData\Local\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction [C:\Windows\System32\config\systemprofile\AppData\Local\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction [C:\Windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction [C:\Windows\System32\config\systemprofile\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction [C:\Windows\System32\config\systemprofile\Cookies] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction [C:\Windows\System32\config\systemprofile\Documents\My Music] -> C:\Windows\system32\config\systemprofile\Music -> Junction [C:\Windows\System32\config\systemprofile\Documents\My Pictures] -> C:\Windows\system32\config\systemprofile\Pictures -> Junction [C:\Windows\System32\config\systemprofile\Documents\My Videos] -> C:\Windows\system32\config\systemprofile\Videos -> Junction [C:\Windows\System32\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction [C:\Windows\System32\config\systemprofile\My Documents] -> C:\Windows\system32\config\systemprofile\Documents -> Junction [C:\Windows\System32\config\systemprofile\NetHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction [C:\Windows\System32\config\systemprofile\PrintHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction [C:\Windows\System32\config\systemprofile\Recent] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction [C:\Windows\System32\config\systemprofile\SendTo] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction [C:\Windows\System32\config\systemprofile\Start Menu] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction [C:\Windows\System32\config\systemprofile\Templates] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction [C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction [C:\Windows\SysWOW64\config\systemprofile\AppData\Local\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction [C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction [C:\Windows\SysWOW64\config\systemprofile\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction [C:\Windows\SysWOW64\config\systemprofile\Cookies] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies -> Junction [C:\Windows\SysWOW64\config\systemprofile\Documents\My Music] -> C:\Windows\system32\config\systemprofile\Music -> Junction [C:\Windows\SysWOW64\config\systemprofile\Documents\My Pictures] -> C:\Windows\system32\config\systemprofile\Pictures -> Junction [C:\Windows\SysWOW64\config\systemprofile\Documents\My Videos] -> C:\Windows\system32\config\systemprofile\Videos -> Junction [C:\Windows\SysWOW64\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction [C:\Windows\SysWOW64\config\systemprofile\My Documents] -> C:\Windows\system32\config\systemprofile\Documents -> Junction [C:\Windows\SysWOW64\config\systemprofile\NetHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction [C:\Windows\SysWOW64\config\systemprofile\PrintHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction [C:\Windows\SysWOW64\config\systemprofile\Recent] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction [C:\Windows\SysWOW64\config\systemprofile\SendTo] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction [C:\Windows\SysWOW64\config\systemprofile\Start Menu] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction [C:\Windows\SysWOW64\config\systemprofile\Templates] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction < End of report >
[ Ignorer ] [ # 13 ] MapleBoy
19.04.2012 11:16:04 Antal indlæg: 13	OTL Extras logfile created on: 19-04-2012 10:55:20 - Run 1 OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Andreas\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16443) Locale: 00000406 \| Country: Danmark \| Language: DAN \| Date Format: dd-MM-yyyy 15,95 Gb Total Physical Memory \| 12,94 Gb Available Physical Memory \| 81,09% Memory free 31,91 Gb Paging File \| 28,77 Gb Available in Paging File \| 90,18% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files (x86) Drive C: \| 465,66 Gb Total Space \| 354,59 Gb Free Space \| 76,15% Space Free \| Partition Type: NTFS Unable to calculate disk information. Drive E: \| 465,76 Gb Total Space \| 372,15 Gb Free Space \| 79,90% Space Free \| Partition Type: NTFS Computer Name: ANDREAS-PC \| User Name: Andreas \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: All users \| Include 64bit Scans Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = FirefoxHTML]—C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) .url[@ = InternetShortcut]—C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile]—C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = FirefoxHTML]—C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [HKEY_USERS\S-1-5-21-2273758202-2905085073-3037150910-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML]—C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open]—“%1” %* cmdfile [open]—“%1” %* comfile [open]—“%1” %* exefile [open]—“%1” %* helpfile [open]—Reg Error: Key error. htmlfile [edit]—Reg Error: Key error. htmlfile [print]—rundll32.exe %windir%\system32\mshtml.dll,PrintHTML “%1” http [open]—“C:\Program Files (x86)\Mozilla Firefox\firefox.exe” -requestPending -osint -url “%1” (Mozilla Corporation) https [open]—“C:\Program Files (x86)\Mozilla Firefox\firefox.exe” -requestPending -osint -url “%1” (Mozilla Corporation) inffile [install]—%SystemRoot%\System32\InfDefaultInstall.exe “%1” (Microsoft Corporation) InternetShortcut [open]—“C:\Windows\System32\rundll32.exe” “C:\Windows\System32\ieframe.dll”,OpenURL %l (Microsoft Corporation) InternetShortcut [print]—“C:\Windows\System32\rundll32.exe” “C:\Windows\System32\mshtml.dll”,PrintHTML “%1” (Microsoft Corporation) piffile [open]—“%1” %* regfile [merge]—Reg Error: Key error. scrfile [config]—“%1” scrfile [install]—rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open]—“%1” /S txtfile [edit]—Reg Error: Key error. Unknown [openas]—%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd]—cmd.exe /s /k pushd “%V” (Microsoft Corporation) Directory [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open]—%SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore]—Reg Error: Value error. Drive [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open]—“%1” %* cmdfile [open]—“%1” %* comfile [open]—“%1” %* cplfile [cplopen]—%SystemRoot%\System32\control.exe “%1”,%* (Microsoft Corporation) exefile [open]—“%1” %* helpfile [open]—Reg Error: Key error. htmlfile [edit]—Reg Error: Key error. htmlfile [print]—rundll32.exe %windir%\system32\mshtml.dll,PrintHTML “%1” http [open]—“C:\Program Files (x86)\Mozilla Firefox\firefox.exe” -requestPending -osint -url “%1” (Mozilla Corporation) https [open]—“C:\Program Files (x86)\Mozilla Firefox\firefox.exe” -requestPending -osint -url “%1” (Mozilla Corporation) inffile [install]—%SystemRoot%\System32\InfDefaultInstall.exe “%1” (Microsoft Corporation) piffile [open]—“%1” %* regfile [merge]—Reg Error: Key error. scrfile [config]—“%1” scrfile [install]—rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open]—“%1” /S txtfile [edit]—Reg Error: Key error. Unknown [openas]—%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd]—cmd.exe /s /k pushd “%V” (Microsoft Corporation) Directory [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open]—%SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore]—Reg Error: Value error. Drive [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] “cval” = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] “VistaSp1” = 28 4D B2 76 41 04 CA 01 [binary data] “AntiVirusOverride” = 0 “AntiSpywareOverride” = 0 “FirewallOverride” = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] “DisableNotifications” = 0 “EnableFirewall” = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] “DisableNotifications” = 0 “EnableFirewall” = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] “DisableNotifications” = 0 “EnableFirewall” = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] “{027E5FAB-1476-4C59-AAB4-32EF28520399}” = Windows Live Language Selector “{071c9b48-7c32-4621-a0ac-3f809523288f}” = Microsoft Visual C++ 2005 Redistributable (x64) “{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}” = Windows Live ID Sign-in Assistant “{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}” = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 “{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}” = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 “{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}” = Microsoft IntelliPoint 8.2 “{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}” = Microsoft Visual C++ 2005 Redistributable (x64) “{7346B4A0-1200-0110-0409-705C0D862004}” = Revit Architecture 2012 “{7346B4A0-1200-0111-0409-705C0D862004}” = Revit Architecture 2012 Language Pack - English “{8E34682C-8118-31F1-BC4C-98CD9675E1C2}” = Microsoft .NET Framework 4 Extended “{8FC83CE1-EA4F-48D2-9F51-51546C2D33E2}” = Fresco Logic USB3.0 Host Controller “{90899269-554B-4672-9F8D-4A2A0D0AF5B5}” = Intel(R) Network Connections 16.5.2.0 “{90A80D89-A0E4-33C1-B13D-B93CB3496867}” = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU “{95120000-00B9-0409-1000-0000000FF1CE}” = Microsoft Application Error Reporting “{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}” = Microsoft Visual C++ 2005 Redistributable (x64) “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel” = NVIDIA Control Panel 280.26 “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver” = NVIDIA Graphics Driver 280.26 “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB” = NVIDIA 3D Vision Controller Driver 280.19 “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX” = NVIDIA PhysX System Software 9.10.0514 “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update” = NVIDIA Update 1.4.28 “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver” = NVIDIA HD Audio Driver 1.2.23.3 “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer” = NVIDIA Install Application “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update” = NVIDIA Update Components “{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}” = SUPERAntiSpyware “{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}” = SAMSUNG USB Driver for Mobile Phones “{DA54F80E-261C-41A2-A855-549A144F2F59}” = Windows Live MIME IFilter “{F5858CBE-E62D-45BB-B85D-D11BEE4B485B}” = AVG 2012 “{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}” = Microsoft .NET Framework 4 Client Profile “Adobe Flash Player ActiveX” = Adobe Flash Player 11 ActiveX 64-bit “Adobe Flash Player Plugin” = Adobe Flash Player 11 Plugin 64-bit “Autodesk Revit Architecture 2012” = Autodesk Revit Architecture 2012 “CCleaner” = CCleaner “Microsoft .NET Framework 4 Client Profile” = Microsoft .NET Framework 4 Client Profile “Microsoft .NET Framework 4 Extended” = Microsoft .NET Framework 4 Extended “Microsoft IntelliPoint 8.2” = Microsoft IntelliPoint 8.2 “Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU” = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU “PROSetDX” = Intel(R) Network Connections 16.5.2.0 “WinRAR archiver” = WinRAR 4.11 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] “{048298C9-A4D3-490B-9FF9-AB023A9238F3}” = Steam “{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}” = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 “{0B0F231F-CE6A-483D-AA23-77B364F75917}” = Windows Live Installer “{10186F1A-6A14-43DF-A404-F0105D09BB07}” = Windows Live Mail “{14866AAD-1F23-39AC-A62B-7091ED1ADE64}” = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 “{17630FD1-B14A-4CA5-A627-B6B5F7DD41CF}” = 3TB+Unlock B11.0919.1 “{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 “{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}” = Junk Mail filter update “{200FEC62-3C34-4D60-9CE8-EC372E01C08F}” = Windows Live SOXE Definitions “{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}” = Autodesk Material Library Low Resolution Image Library 2012 “{26A24AE4-039D-4CA4-87B4-2F83216031FF}” = Java(TM) 6 Update 31 “{2913C8E7-612B-47DA-B18D-A23E1A1B16E3}” = Update Manager B11.1027.1 “{299C0434-4F4E-341F-A916-4E07AEB35E79}” = Microsoft Visual Studio Tools for Applications 2.0 Runtime “{3B35725F-C623-4A1E-B5CC-99C0868679E3}” = Smart 6 B11.1026.1 “{3DECD372-76A1-4483-BF10-B547790A3261}” = ON_OFF Charge B11.1102.1 “{3EE1008C-11A1-4F4F-8DB7-27573924DE78}” = DMIView B11.0916.1 “{43C27E94-583C-4134-8CF8-D7F94DAE8F19}” = OpenOffice.org 3.3 “{457D7505-D665-4F95-91C3-ECB8C56E9ACA}” = Easy Tune 6 B11.1110.1 “{4A03706F-666A-4037-7777-5F2748764D10}” = Java Auto Updater “{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}” = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 “{53B0AB03-FC82-46C8-885B-F0A529FAFFAC}” = 3DPower B11.1115.1 “{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}” = Windows Live UX Platform Language Pack “{65153EA5-8B6E-43B6-857B-C6E4FC25798A}” = Intel(R) Management Engine Components “{65420DC9-306E-4371-905F-F4DC3B418E52}” = Autodesk Material Library Base Resolution Image Library 2012 “{65B8A697-C77C-473E-8CE5-1FC5D4917C14}” = Cloud OC “{682B3E4F-696A-42DE-A41C-4C07EA1678B4}” = Windows Live SOXE “{6DA2B636-698A-3294-BF4A-B5E11B238CDD}” = Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729 “{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}” = Microsoft Visual C++ 2005 Redistributable “{758C8301-2696-4855-AF45-534B1200980A}” = Samsung Kies “{827D3E4A-0186-48B7-9801-7D1E9DD40C07}” = Windows Live Essentials “{839D0E38-71FB-4BB8-908F-CF3929BA325A}” = TouchBIOS B11.1112.1 “{83C292B7-38A5-440B-A731-07070E81A64F}” = Windows Live PIMT Platform “{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}” = Microsoft Silverlight “{8B313BF5-9BD5-42a3-94C1-A28AF3AA51CC}” = Intel(R) Rapid Storage Technology enterprise “{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}” = Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729 “{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}” = MSVCRT “{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}” = Autodesk Material Library 2012 “{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}” = FARO LS 1.1.406.58 “{9BE518E6-ECC6-35A9-88E4-87755C07200F}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 “{9D56775A-93F3-44A3-8092-840E3826DE30}” = Windows Live Mail “{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}” = Windows Live Photo Common “{AC76BA86-7AD7-1030-7B44-AA1000000001}” = Adobe Reader X (10.1.0) - Dansk “{B26438B4-BF51-49C3-9567-7F14A5E40CB9}” = Dolby Home Theater v4 “{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}” = @BIOS “{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}” = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 “{B5751715-EC10-43D9-8C95-62E1368433EF}” = Autodesk Material Library Medium Resolution Image Library 2012 “{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}” = NVIDIA PhysX “{BB924174-FB22-41AD-B627-D609F86C18E0}” = Sound Blaster Recon3D Extras “{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}” = Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729 “{C66824E4-CBB3-4851-BB3F-E8CFD6350923}” = Windows Live Mail “{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}” = WinZip 15.0 “{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}” = Windows Live UX Platform “{CEB6BB02-E2CD-4B8A-B662-986636D43EC1}” = Sound Blaster Recon3D “{CF671BFE-6BA3-44E7-98C1-500D9C51D947}” = Windows Live Photo Gallery “{D0B44725-3666-492D-BEF6-587A14BD9BD9}” = MSVCRT_amd64 “{D436F577-1695-4D2F-8B44-AC76C99E0002}” = Windows Live Photo Common “{D45240D3-B6B3-4FF9-B243-54ECE3E10066}” = Windows Live Communications Platform “{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}” = Windows Live Writer Resources “{E09C4DB7-630C-4F06-A631-8EA7239923AF}” = D3DX10 “{E5DD4723-FE0B-436E-A815-DC23CF902A0B}” = Windows Live UX Platform Language Pack “{E76FCE6B-9999-4250-8C75-B2DA4AD41268}” = Face_Wizard B11.1006.01 “{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}” = Windows Live Writer Resources “{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}” = Skype™ 5.8 “{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}” = Realtek High Definition Audio Driver “{F1A14CB2-A048-45A6-AFDA-3571296E1D76}” = Creative Media Toolbox 6 “{F308B531-AB20-4A79-8F5E-83071FE5BE60}” = Q-Share Ver.1.2 “{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}” = Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729 “{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}” = Visual Studio 2008 x64 Redistributables “{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}” = Windows Live Essentials “{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}” = Microsoft Visual Studio Tools for Applications 2.0 - ENU “{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}” = Windows Live Writer “avast” = avast! Free Antivirus “ESET Online Scanner” = ESET Online Scanner v3 “GOM Player” = GOM Player “InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}” = Easy Tune 6 B11.1110.1 “InstallShield_{758C8301-2696-4855-AF45-534B1200980A}” = Samsung Kies “MagniDriver” = marvell 91xx driver “Malwarebytes’ Anti-Malware_is1” = Malwarebytes Anti-Malware version 1.61.0.1400 “Mozilla Firefox 11.0 (x86 en-US)” = Mozilla Firefox 11.0 (x86 en-US) “NVIDIA StereoUSB Driver” = NVIDIA 3D Vision Controller Driver “Steam App 240” = Counter-Strike: Source “Steam App 36620” = Forsaken World “SysInfo” = Creative System Information “TeamViewer 7” = TeamViewer 7 “Uninstaller_B4736000_Creative Media Toolbox 6” = Creative Media Toolbox 6 (Shared Components) “WaveStudio 7” = Creative WaveStudio 7 “WinLiveSuite” = Windows Live Essentials “World of Warcraft” = World of Warcraft “World of Warcraft Beta” = World of Warcraft Beta ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2273758202-2905085073-3037150910-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] “090215de958f1060” = Curse Client “Dropbox” = Dropbox “MyFreeCodec” = MyFreeCodec ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2273758202-2905085073-3037150910-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] “090215de958f1060” = Curse Client “Dropbox” = Dropbox “MyFreeCodec” = MyFreeCodec ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 17-04-2012 06:41:01 \| Computer Name = Andreas-PC \| Source = Windows Search Service \| ID = 7040 Description = Error - 17-04-2012 06:41:01 \| Computer Name = Andreas-PC \| Source = Windows Search Service \| ID = 7042 Description = Error - 17-04-2012 06:41:01 \| Computer Name = Andreas-PC \| Source = Windows Search Service \| ID = 9002 Description = Error - 17-04-2012 06:41:01 \| Computer Name = Andreas-PC \| Source = Windows Search Service \| ID = 3029 Description = Error - 17-04-2012 06:41:14 \| Computer Name = Andreas-PC \| Source = Windows Search Service \| ID = 3029 Description = Error - 17-04-2012 06:41:14 \| Computer Name = Andreas-PC \| Source = Windows Search Service \| ID = 3028 Description = Error - 17-04-2012 06:41:14 \| Computer Name = Andreas-PC \| Source = Windows Search Service \| ID = 3058 Description = Error - 17-04-2012 06:41:14 \| Computer Name = Andreas-PC \| Source = Windows Search Service \| ID = 7010 Description = Error - 18-04-2012 03:26:00 \| Computer Name = Andreas-PC \| Source = Application Error \| ID = 1000 Description = Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: 0x4ea78f27 Faulting module name: filesystem_steam.dll_unloaded, version: 0.0.0.0, time stamp: 0x4f28cccc Exception code: 0xc0000005 Fault offset: 0x7352f1c9 Faulting process id: 0x9b0 Faulting application start time: 0x01cd1d33d7900233 Faulting application path: c:\games\steam\steamapps\xandy_boyx\counter-strike source\hl2.exe Faulting module path: filesystem_steam.dll Report Id: beab3a97-8927-11e1-b9c4-50e549e1c6a2 Error - 18-04-2012 09:16:51 \| Computer Name = Andreas-PC \| Source = Application Error \| ID = 1000 Description = Faulting application name: WSCommCntr3.exe, version: 3.2.26.0, time stamp: 0x4d6ddd6a Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e Exception code: 0xc0000005 Fault offset: 0x000000000004e4b4 Faulting process id: 0x1bf8 Faulting application start time: 0x01cd1d6582c4f295 Faulting application path: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr3\lib\WSCommCntr3.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll Report Id: c1fca1e3-8958-11e1-b9c4-50e549e1c6a2 [ System Events ] Error - 17-04-2012 08:48:09 \| Computer Name = Andreas-PC \| Source = SNMP \| ID = 16713180 Description = The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error - 17-04-2012 10:36:41 \| Computer Name = Andreas-PC \| Source = SNMP \| ID = 16713180 Description = The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error - 18-04-2012 01:51:40 \| Computer Name = Andreas-PC \| Source = NetBT \| ID = 4321 Description = The name “ANDREAS-PC :0” could not be registered on the interface with IP address 192.168.87.101. The computer with the IP address 192.168.87.103 did not allow the name to be claimed by this computer. Error - 18-04-2012 01:52:00 \| Computer Name = Andreas-PC \| Source = SNMP \| ID = 16713180 Description = The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error - 18-04-2012 10:55:56 \| Computer Name = Andreas-PC \| Source = SNMP \| ID = 16713180 Description = The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error - 18-04-2012 14:28:40 \| Computer Name = Andreas-PC \| Source = NetBT \| ID = 4321 Description = The name “ANDREAS-PC :0” could not be registered on the interface with IP address 192.168.87.101. The computer with the IP address 192.168.87.103 did not allow the name to be claimed by this computer. Error - 18-04-2012 14:28:54 \| Computer Name = Andreas-PC \| Source = SNMP \| ID = 16713180 Description = The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. Error - 18-04-2012 14:29:04 \| Computer Name = Andreas-PC \| Source = Server \| ID = 2505 Description = The server could not bind to the transport \Device\NetBT_Tcpip_{506D30DB-7FF5-4E27-B15E-31A8510E8276} because another computer on the network has the same name. The server could not start. Error - 18-04-2012 14:29:04 \| Computer Name = Andreas-PC \| Source = NetBT \| ID = 4321 Description = The name “ANDREAS-PC :20” could not be registered on the interface with IP address 192.168.87.101. The computer with the IP address 192.168.87.103 did not allow the name to be claimed by this computer. Error - 19-04-2012 01:39:10 \| Computer Name = Andreas-PC \| Source = SNMP \| ID = 16713180 Description = The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration. < End of report >
[ Ignorer ] [ # 14 ] MapleBoy
19.04.2012 11:17:43 Antal indlæg: 13	har prøvet så godt jeg nu kunne, det var bare ikke helt nemt da det kun var første gang den gik ind så jeg kunne se antallet af tegn, derefter tog den bare det der var plads til.
[ Ignorer ] [ # 15 ] f-arn TeamSpywarefri
19.04.2012 21:25:34 Administrator Team Spywarefri Antal indlæg: 7044	Der er altså ikke noget der tyder på infektioner. Har du selv kørt noget, der fandt nogen Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !

1 af 2

Næste