Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Bundespolizei Trojaner gehabt und nach kurzer Zeit ging gar nix mehr

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 25.09.2013, 16:40   #1
Schraubi
 
Bundespolizei Trojaner gehabt und nach kurzer Zeit ging gar nix mehr - Standard

Bundespolizei Trojaner gehabt und nach kurzer Zeit ging gar nix mehr



Hallo !!!
dies hier ist mein erster Hilferuf und ich hoffe mir kann jemand helfen.

Also...vor paar Tagen habe ich mir einen ''Bundespolizei Trojaner'' auf meinen Laptop geholt,
der dann (nehme ich an) nach ca 1 Stunde meinen kompletten Rechner lahm gelegt hatte.
Ich konnte nicht mal den Abgesicherten Modus starten.
Irgendwie habe ich mit ''Samsung Recovery Solution III'' eine Systemwiederherstellung durchführen können, die meinen Rechner zumindest wieder laufen lässt.
Da sich meine Computerkenntnisse eher in Grenzen halten,
könnte ich nun etwas Hilfe gebrauchen um den Trojaner loszuwerden (falls der noch da ist)


Geändert von Schraubi (25.09.2013 um 17:04 Uhr)

Alt 25.09.2013, 17:07   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Bundespolizei Trojaner gehabt und nach kurzer Zeit ging gar nix mehr - Standard

Bundespolizei Trojaner gehabt und nach kurzer Zeit ging gar nix mehr



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 25.09.2013, 17:30   #3
Schraubi
 
Bundespolizei Trojaner gehabt und nach kurzer Zeit ging gar nix mehr - Standard

Bundespolizei Trojaner gehabt und nach kurzer Zeit ging gar nix mehr




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-09-2013
Ran by ToLi (administrator) on SAMSUNG on 26-09-2013 18:21:02
Running from F:\
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Users\ToLi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ToLi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ToLi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ToLi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ToLi\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6111232 2008-04-17] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-26] (Synaptics, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-24] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKCU\...\Run: [Google Update] - C:\Users\ToLi\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-09-24] (Google Inc.)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=hp&from=amt&uid=HitachiXHTS543225L9A300_081223FB8F00LLKN8BRAX&ts=1380155599
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=hp&from=amt&uid=HitachiXHTS543225L9A300_081223FB8F00LLKN8BRAX&ts=1380155599
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=hp&from=amt&uid=HitachiXHTS543225L9A300_081223FB8F00LLKN8BRAX&ts=1380155599
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=hp&from=amt&uid=HitachiXHTS543225L9A300_081223FB8F00LLKN8BRAX&ts=1380155599
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=sc&from=amt&uid=HitachiXHTS543225L9A300_081223FB8F00LLKN8BRAX&ts=1380155599
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=ds&from=amt&uid=HitachiXHTS543225L9A300_081223FB8F00LLKN8BRAX&ts=1380155600&type=default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=ds&from=amt&uid=HitachiXHTS543225L9A300_081223FB8F00LLKN8BRAX&ts=1380155600&type=default&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=ds&from=amt&uid=HitachiXHTS543225L9A300_081223FB8F00LLKN8BRAX&ts=1380155600&type=default&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=ds&from=amt&uid=HitachiXHTS543225L9A300_081223FB8F00LLKN8BRAX&ts=1380155600&type=default&q={searchTerms}
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=hp&from=amt&uid=HitachiXHTS543225L9A300_081223FB8F00LLKN8BRAX&ts=1380155599
CHR RestoreOnStartup: "hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&utm_campaign=eXQ&utm_content=hp&from=amt&uid=HitachiXHTS543225L9A300_081223FB8F00LLKN8BRAX&ts=1380155599"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\ToLi\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\ToLi\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\ToLi\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Users\ToLi\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\ToLi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\ToLi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Google Search) - C:\Users\ToLi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Lightning Newtab) - C:\Users\ToLi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\1.1.6.2_0
CHR Extension: (DVDVideoSoft) - C:\Users\ToLi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.2.3.3_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\ToLi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Bungalow) - C:\Users\ToLi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogkdmggpdfpodahejeckklcncacambmo\1_0
CHR Extension: (Gmail) - C:\Users\ToLi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\ToLi\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-24] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-24] (Avira Operations GmbH & Co. KG)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-13] (Microsoft Corporation)
S2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [77480 2008-05-13] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-09-24] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2007-05-23] (SAMSUNG ELECTRONICS CO., LTD.)
R3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-09-24] (Avira GmbH)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 VMC302; System32\Drivers\VMC302.sys [x]
S3 VMC326; System32\Drivers\VMC326.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-27 02:03 - 2013-09-27 02:03 - 00000000 ____D C:\FRST
2013-09-26 15:51 - 2013-09-26 15:51 - 01088653 _____ (Farbar) C:\Users\ToLi\Downloads\FRST.exe
2013-09-26 01:14 - 2013-09-26 01:15 - 00000000 ____D C:\Windows\system32\vi-VN
2013-09-26 01:14 - 2013-09-26 01:15 - 00000000 ____D C:\Windows\system32\eu-ES
2013-09-26 01:14 - 2013-09-26 01:15 - 00000000 ____D C:\Windows\system32\ca-ES
2013-09-26 00:53 - 2013-09-26 00:53 - 00000000 ____D C:\Windows\system32\EventProviders
2013-09-26 00:29 - 2013-09-26 00:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2013-09-26 00:19 - 2013-09-26 00:19 - 00001191 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-09-26 00:19 - 2013-09-26 00:19 - 00001032 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-09-26 00:19 - 2013-09-26 00:19 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-09-26 00:19 - 2013-09-26 00:19 - 00000000 ____D C:\Users\ToLi\AppData\Roaming\TuneUp Software
2013-09-26 00:19 - 2013-09-26 00:19 - 00000000 ____D C:\Users\ToLi\AppData\Roaming\DVDVideoSoftIEHelpers
2013-09-26 00:19 - 2013-09-26 00:19 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-09-26 00:18 - 2013-09-26 00:19 - 00000000 ____D C:\Users\ToLi\AppData\Roaming\DVDVideoSoft
2013-09-26 00:18 - 2013-09-26 00:19 - 00000000 ____D C:\Program Files\DVDVideoSoft
2013-09-26 00:18 - 2013-09-26 00:19 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-09-26 00:18 - 2013-09-26 00:18 - 00000000 ____D C:\Users\ToLi\AppData\Roaming\OpenCandy
2013-09-26 00:16 - 2013-09-26 00:17 - 29255112 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\ToLi\Downloads\FreeYouTubeToMP3Converter31212.exe
2013-09-26 00:11 - 2013-09-26 00:11 - 00000600 _____ C:\Users\Public\Desktop\Shareaza-Installation fortsetzen.lnk
2013-09-26 00:11 - 2013-09-26 00:11 - 00000000 ____D C:\Program Files\Shareaza Applications
2013-09-26 00:10 - 2013-09-26 00:10 - 01336552 _____ (Bandoo Media Inc) C:\Users\ToLi\Downloads\ShareazaSetup-r116-n-bc (1).exe
2013-09-26 00:09 - 2013-09-26 00:09 - 01336552 _____ (Bandoo Media Inc) C:\Users\ToLi\Downloads\ShareazaSetup-r116-n-bc.exe
2013-09-25 16:17 - 2013-09-25 16:17 - 00039438 _____ C:\Users\ToLi\Downloads\Usedom.htm
2013-09-25 16:17 - 2013-09-25 16:17 - 00013541 _____ C:\Users\ToLi\Downloads\Usedom2.htm
2013-09-25 16:17 - 2013-09-25 16:17 - 00000000 ____D C:\Users\ToLi\Downloads\Usedom2_files
2013-09-25 16:17 - 2013-09-25 16:17 - 00000000 ____D C:\Users\ToLi\Downloads\Usedom_files
2013-09-25 16:10 - 2013-09-25 16:10 - 00000000 ____D C:\Users\ToLi\AppData\Local\Adobe
2013-09-25 15:33 - 2009-04-11 08:33 - 00986600 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-09-25 15:33 - 2009-04-11 08:33 - 00614376 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2013-09-25 15:33 - 2009-04-11 08:32 - 01083880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-09-25 15:33 - 2009-04-11 08:32 - 00438744 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2013-09-25 15:33 - 2009-04-11 08:32 - 00223208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2013-09-25 15:33 - 2009-04-11 08:28 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2013-09-25 15:33 - 2009-04-11 08:28 - 03174400 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 02134528 _____ (Microsoft Corporation) C:\Windows\system32\FunctionDiscoveryFolder.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 02012160 _____ (Microsoft Corporation) C:\Windows\system32\milcore.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01985024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01788416 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\apds.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01591296 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01589248 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01576960 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01524736 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01480704 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01459200 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01324032 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01086464 _____ (Microsoft Corporation) C:\Windows\system32\NetProjW.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01081344 _____ (Microsoft Corporation) C:\Windows\system32\SLCExt.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01055232 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2013-09-25 15:33 - 2009-04-11 08:28 - 01053696 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00968192 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz2.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00928768 _____ (Microsoft Corporation) C:\Windows\system32\scavenge.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00807424 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2013-09-25 15:33 - 2009-04-11 08:28 - 00679936 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00670720 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00618496 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2VDEC.DLL
2013-09-25 15:33 - 2009-04-11 08:28 - 00582144 _____ (Microsoft Corporation) C:\Windows\system32\SLCommDlg.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00550400 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00454144 _____ (Microsoft) C:\Windows\system32\IasMigPlugin.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-09-25 15:33 - 2009-04-11 08:28 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\msvcp60.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00398848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2013-09-25 15:33 - 2009-04-11 08:28 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\WscEapPr.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2013-09-25 15:33 - 2009-04-11 08:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\SLC.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\sperror.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\WcnNetsh.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\spoolss.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\nlhtml.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00117248 _____ C:\Windows\system32\EhStorAuthn.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\EhStorShell.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2013-09-25 15:33 - 2009-04-11 08:28 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\fdBth.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\slwmi.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\xmlfilter.dll
2013-09-25 15:33 - 2009-04-11 08:28 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\EhStorPwdMgr.dll
2013-09-25 15:33 - 2009-04-11 08:27 - 03408896 _____ (Microsoft Corporation) C:\Windows\system32\SLsvc.exe
2013-09-25 15:33 - 2009-04-11 08:27 - 02926592 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-09-25 15:33 - 2009-04-11 08:27 - 02092544 _____ (Microsoft Corporation) C:\Windows\system32\dfsr.exe
2013-09-25 15:33 - 2009-04-11 08:27 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2013-09-25 15:33 - 2009-04-11 08:27 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
2013-09-25 15:33 - 2009-04-11 08:27 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2013-09-25 15:33 - 2009-04-11 08:27 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2013-09-25 15:33 - 2009-04-11 08:27 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2013-09-25 15:33 - 2009-04-11 08:27 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\IasMigReader.exe
2013-09-25 15:33 - 2009-04-11 08:27 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2013-09-25 15:33 - 2009-04-11 08:27 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2013-09-25 15:33 - 2009-04-11 08:27 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2013-09-25 15:33 - 2009-04-11 08:27 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2013-09-25 15:33 - 2009-04-11 08:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2013-09-25 15:33 - 2009-04-11 08:27 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2013-09-25 15:33 - 2009-04-11 08:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingWizard.exe
2013-09-25 15:33 - 2009-04-11 08:27 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\compcln.exe
2013-09-25 15:33 - 2009-04-11 08:22 - 00883712 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2013-09-25 15:33 - 2009-04-11 07:03 - 12240896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0007.dll
2013-09-25 15:33 - 2009-04-11 07:03 - 02644480 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2013-09-25 15:33 - 2009-04-11 06:43 - 00442788 _____ C:\Windows\system32\dot3.tmf
2013-09-25 15:33 - 2009-04-11 06:43 - 00392170 _____ C:\Windows\system32\onex.tmf
2013-09-25 15:33 - 2009-04-11 06:42 - 00561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2013-09-25 15:33 - 2009-04-11 06:23 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-09-25 15:33 - 2009-04-11 06:14 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2013-09-25 15:33 - 2009-04-11 06:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-09-25 15:33 - 2009-04-11 04:52 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys
2013-09-25 15:33 - 2009-04-11 03:59 - 00107612 _____ C:\Windows\system32\StructuredQuerySchema.bin
2013-09-25 15:33 - 2009-04-11 03:54 - 03662128 _____ C:\Windows\system32\locale.nls
2013-09-25 15:33 - 2009-03-07 03:11 - 00130008 _____ C:\Windows\system32\systemsf.ebd
2013-09-25 15:33 - 2009-02-20 02:20 - 00009239 _____ C:\Windows\system32\spcinstrumentation.man
2013-09-25 15:33 - 2009-02-18 20:39 - 00779136 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2013-09-25 15:33 - 2009-02-18 20:39 - 00102816 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-09-25 15:33 - 2009-02-18 20:38 - 00619864 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2013-09-25 15:33 - 2009-02-18 20:38 - 00099680 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2013-09-25 15:32 - 2009-04-11 08:33 - 00926184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-09-25 15:32 - 2009-04-11 08:33 - 00292840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2013-09-25 15:32 - 2009-04-11 08:32 - 00527848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-09-25 15:32 - 2009-04-11 08:32 - 00265688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2013-09-25 15:32 - 2009-04-11 08:32 - 00245736 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2013-09-25 15:32 - 2009-04-11 08:32 - 00226280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-09-25 15:32 - 2009-04-11 08:32 - 00190424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2013-09-25 15:32 - 2009-04-11 08:32 - 00180712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2013-09-25 15:32 - 2009-04-11 08:32 - 00161752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2013-09-25 15:32 - 2009-04-11 08:32 - 00149480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2013-09-25 15:32 - 2009-04-11 08:32 - 00141288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2013-09-25 15:32 - 2009-04-11 08:32 - 00125928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-09-25 15:32 - 2009-04-11 08:32 - 00122344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Storport.sys
2013-09-25 15:32 - 2009-04-11 08:32 - 00099816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-09-25 15:32 - 2009-04-11 08:32 - 00054248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2013-09-25 15:32 - 2009-04-11 08:32 - 00053736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2013-09-25 15:32 - 2009-04-11 08:32 - 00053224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2013-09-25 15:32 - 2009-04-11 08:32 - 00050664 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL
2013-09-25 15:32 - 2009-04-11 08:32 - 00048104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2013-09-25 15:32 - 2009-04-11 08:32 - 00035304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2013-09-25 15:32 - 2009-04-11 08:32 - 00027624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys
2013-09-25 15:32 - 2009-04-11 08:32 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2013-09-25 15:32 - 2009-04-11 08:32 - 00017896 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2013-09-25 15:32 - 2009-04-11 08:32 - 00017384 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 06103040 _____ (Microsoft Corporation) C:\Windows\system32\chtbrkr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 03072000 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 02515968 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 02225664 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 02205184 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 02167808 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 02153472 _____ (Microsoft Corporation) C:\Windows\system32\oobefldr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01856512 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01823744 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01695232 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\chsbrkr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01645568 _____ (Microsoft Corporation) C:\Windows\system32\connect.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01580544 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01575936 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2013-09-25 15:32 - 2009-04-11 08:28 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01533440 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01502720 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01382912 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2013-09-25 15:32 - 2009-04-11 08:28 - 01342464 _____ (Microsoft Corporation) C:\Windows\system32\brcpl.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01152000 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\wercon.exe
2013-09-25 15:32 - 2009-04-11 08:28 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01107968 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00996352 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2013-09-25 15:32 - 2009-04-11 08:28 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00852992 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00777216 _____ (Microsoft Corporation) C:\Windows\system32\slcc.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\ipsecsnp.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00712704 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00657408 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2013-09-25 15:32 - 2009-04-11 08:28 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe
2013-09-25 15:32 - 2009-04-11 08:28 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollUI.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00612864 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-09-25 15:32 - 2009-04-11 08:28 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\pnpui.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00532992 _____ (Microsoft Corporation) C:\Windows\system32\wpcao.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00516608 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00507904 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00385536 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-09-25 15:32 - 2009-04-11 08:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\devmgr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00368640 _____ C:\Windows\system32\msjetoledb40.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2013-09-25 15:32 - 2009-04-11 08:28 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\SLUI.exe
2013-09-25 15:32 - 2009-04-11 08:28 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00347648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\RelMon.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-09-25 15:32 - 2009-04-11 08:28 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2013-09-25 15:32 - 2009-04-11 08:28 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\thawbrkr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\modemui.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\SnippingTool.exe
2013-09-25 15:32 - 2009-04-11 08:28 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\wow32.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\iassdo.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2013-09-25 15:32 - 2009-04-11 08:28 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\wscntfy.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\mscandui.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2013-09-25 15:32 - 2009-04-11 08:28 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\adsldpc.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2013-09-25 15:32 - 2009-04-11 08:28 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\offfilt.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\SLLUA.exe
2013-09-25 15:32 - 2009-04-11 08:28 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\iassam.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\pnpsetup.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\wevtutil.exe
2013-09-25 15:32 - 2009-04-11 08:28 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-09-25 15:32 - 2009-04-11 08:28 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\rasmontr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\fundisc.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2013-09-25 15:32 - 2009-04-11 08:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wpcsvc.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\dsprop.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\extmgr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\softkbd.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\ntmarta.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\imapi.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\dmsynth.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\dmusic.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\ulib.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2013-09-25 15:32 - 2009-04-11 08:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\wshext.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\msctfui.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mstlsapi.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\msctfp.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00083456 _____ (Microsoft) C:\Windows\system32\SMBHelperClass.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\wlgpclnt.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\iassvcs.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\propdefs.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\iashlpr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\PNPXAssoc.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-25 15:32 - 2009-04-11 08:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\SLUINotify.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Storprop.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingProxy.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\feclient.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\mmci.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\l2nacp.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\bthci.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msstrc.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\slcinst.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\networkitemfactory.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\TSTheme.exe
2013-09-25 15:32 - 2009-04-11 08:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\rtffilt.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\msscb.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\perfdisk.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\bitsigd.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\whealogr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\msimtf.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\ifmon.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\wsepno.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\uxsms.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\hidserv.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\version.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\winrnr.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\NcdProp.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\MsCtfMonitor.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wscisvif.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\vdmdbg.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\midimap.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\spcmsg.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mmcico.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\spwinsat.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\CHxReadingStringIME.dll
2013-09-25 15:32 - 2009-04-11 08:28 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\fdBthProxy.dll
2013-09-25 15:32 - 2009-04-11 08:27 - 01827840 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-25 15:32 - 2009-04-11 08:27 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2013-09-25 15:32 - 2009-04-11 08:27 - 01122304 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2013-09-25 15:32 - 2009-04-11 08:27 - 01102848 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2013-09-25 15:32 - 2009-04-11 08:27 - 00799744 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2013-09-25 15:32 - 2009-04-11 08:27 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00407040 _____ (Microsoft Corporation) C:\Windows\system32\dpapimig.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2013-09-25 15:32 - 2009-04-11 08:27 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2013-09-25 15:32 - 2009-04-11 08:27 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2013-09-25 15:32 - 2009-04-11 08:27 - 00241128 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2013-09-25 15:32 - 2009-04-11 08:27 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2013-09-25 15:32 - 2009-04-11 08:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-09-25 15:32 - 2009-04-11 08:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00130024 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2013-09-25 15:32 - 2009-04-11 08:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2013-09-25 15:32 - 2009-04-11 08:27 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2013-09-25 15:32 - 2009-04-11 08:27 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\hdwwiz.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\newdev.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\conime.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\reg.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\cipher.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\cmmon32.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\csrstub.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cbsra.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\rekeywiz.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\bthudtask.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\PnPutil.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ipconfig.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEject.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.drv
2013-09-25 15:32 - 2009-04-11 08:27 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\fc.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\rasdial.exe
2013-09-25 15:32 - 2009-04-11 08:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\gpupdate.exe
2013-09-25 15:32 - 2009-04-11 08:23 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2013-09-25 15:32 - 2009-04-11 08:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2013-09-25 15:32 - 2009-04-11 08:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2013-09-25 15:32 - 2009-04-11 08:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2013-09-25 15:32 - 2009-04-11 08:23 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2013-09-25 15:32 - 2009-04-11 08:22 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2013-09-25 15:32 - 2009-04-11 08:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2013-09-25 15:32 - 2009-04-11 08:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2013-09-25 15:32 - 2009-04-11 08:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2013-09-25 15:32 - 2009-04-11 08:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-09-25 15:32 - 2009-04-11 07:42 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2013-09-25 15:32 - 2009-04-11 06:51 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-09-25 15:32 - 2009-04-11 06:48 - 00344698 _____ C:\Windows\system32\eaphost.tmf
2013-09-25 15:32 - 2009-04-11 06:46 - 00208966 _____ C:\Windows\system32\WFP.TMF
2013-09-25 15:32 - 2009-04-11 06:46 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2013-09-25 15:32 - 2009-04-11 06:46 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys
2013-09-25 15:32 - 2009-04-11 06:46 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys
2013-09-25 15:32 - 2009-04-11 06:46 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2013-09-25 15:32 - 2009-04-11 06:46 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-09-25 15:32 - 2009-04-11 06:45 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2013-09-25 15:32 - 2009-04-11 06:45 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2013-09-25 15:32 - 2009-04-11 06:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2013-09-25 15:32 - 2009-04-11 06:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2013-09-25 15:32 - 2009-04-11 06:45 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys
2013-09-25 15:32 - 2009-04-11 06:43 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-09-25 15:32 - 2009-04-11 06:43 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2013-09-25 15:32 - 2009-04-11 06:42 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-09-25 15:32 - 2009-04-11 06:42 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-09-25 15:32 - 2009-04-11 06:42 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-09-25 15:32 - 2009-04-11 06:42 - 00052992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2013-09-25 15:32 - 2009-04-11 06:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-09-25 15:32 - 2009-04-11 06:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-09-25 15:32 - 2009-04-11 06:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2013-09-25 15:32 - 2009-04-11 06:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys
2013-09-25 15:32 - 2009-04-11 06:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2013-09-25 15:32 - 2009-04-11 06:39 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2013-09-25 15:32 - 2009-04-11 06:39 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2013-09-25 15:32 - 2009-04-11 06:39 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2013-09-25 15:32 - 2009-04-11 06:38 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2013-09-25 15:32 - 2009-04-11 06:27 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2013-09-25 15:32 - 2009-04-11 06:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys
2013-09-25 15:32 - 2009-04-11 06:22 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys
2013-09-25 15:32 - 2009-04-11 06:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2013-09-25 15:32 - 2009-04-11 06:13 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-09-25 15:32 - 2009-04-11 06:13 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2013-09-25 15:32 - 2009-04-11 06:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2013-09-25 15:32 - 2009-04-11 06:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2013-09-25 15:32 - 2009-03-30 06:42 - 00155456 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2013-09-25 15:32 - 2009-03-30 06:42 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2013-09-25 15:32 - 2009-02-20 02:20 - 00009212 _____ C:\Windows\system32\RacUR.xml
2013-09-25 15:32 - 2009-02-18 20:39 - 00092918 _____ C:\Windows\system32\slmgr.vbs
2013-09-25 15:32 - 2009-02-18 20:39 - 00035680 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2013-09-25 15:32 - 2009-02-18 20:38 - 00035168 _____ (Microsoft Corporation) C:\Windows\system32\infocardcpl.cpl
2013-09-25 15:32 - 2009-02-18 20:38 - 00009048 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2013-09-25 15:31 - 2009-04-11 08:28 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2013-09-25 15:31 - 2009-04-11 08:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2013-09-25 15:31 - 2009-04-11 08:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll
2013-09-25 15:31 - 2009-04-11 08:27 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2013-09-24 18:16 - 2009-11-08 10:55 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2013-09-24 18:16 - 2009-11-08 10:55 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2013-09-24 18:16 - 2009-11-08 10:55 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2013-09-24 18:16 - 2009-11-08 10:55 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2013-09-24 18:16 - 2009-11-08 10:55 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2013-09-24 18:13 - 2010-09-06 18:20 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2013-09-24 18:13 - 2010-09-06 18:19 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2013-09-24 18:13 - 2009-08-24 13:36 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2013-09-24 16:42 - 2013-09-24 16:42 - 00000000 ____D C:\Windows\system32\x64
2013-09-24 16:38 - 2013-09-24 16:40 - 00000000 ____D C:\Windows\system32\MRT
2013-09-24 16:37 - 2013-09-24 16:37 - 00000000 ____D C:\Windows\system32\WindowsPowerShell
2013-09-24 16:36 - 2009-10-09 23:56 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2013-09-24 16:36 - 2009-10-09 23:56 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2013-09-24 16:36 - 2009-10-09 23:56 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\winrscmd.dll
2013-09-24 16:36 - 2009-10-09 23:56 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2013-09-24 16:36 - 2009-10-09 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2013-09-24 16:36 - 2009-10-09 23:56 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\pwrshplugin.dll
2013-09-24 16:36 - 2009-10-09 23:56 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\winrs.exe
2013-09-24 16:36 - 2009-10-09 23:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\winrshost.exe
2013-09-24 16:36 - 2009-10-09 23:56 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2013-09-24 16:36 - 2009-10-09 23:56 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2013-09-24 16:36 - 2009-10-09 23:56 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\winrssrv.dll
2013-09-24 16:36 - 2009-10-09 23:56 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\winrsmgr.dll
2013-09-24 16:36 - 2009-10-09 23:55 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2013-09-24 16:36 - 2009-10-09 23:55 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wecsvc.dll
2013-09-24 16:36 - 2009-10-09 23:55 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\wevtfwd.dll
2013-09-24 16:36 - 2009-10-09 23:55 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\wecutil.exe
2013-09-24 16:36 - 2009-10-09 23:55 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wecapi.dll
2013-09-24 16:36 - 2009-10-09 23:55 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2013-09-24 16:36 - 2009-08-01 08:27 - 00201184 _____ C:\Windows\system32\winrm.vbs
2013-09-24 16:36 - 2009-07-16 19:30 - 00004675 _____ C:\Windows\system32\wsmanconfig_schema.xml
2013-09-24 16:36 - 2009-07-16 19:30 - 00002426 _____ C:\Windows\system32\WsmTxt.xsl
2013-09-24 16:35 - 2011-04-28 18:00 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-24 16:35 - 2011-04-21 18:04 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-24 16:35 - 2011-04-21 18:03 - 01176064 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-24 16:35 - 2011-04-21 18:02 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2013-09-24 16:35 - 2011-04-21 18:01 - 03610112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-24 16:35 - 2011-04-21 18:01 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-24 16:35 - 2011-04-21 18:01 - 00471040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-24 16:35 - 2011-04-21 18:00 - 06089728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-24 16:35 - 2011-04-21 18:00 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-09-24 16:35 - 2011-04-21 18:00 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-09-24 16:35 - 2011-04-21 16:57 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\ieencode.dll
2013-09-24 16:35 - 2011-04-21 16:15 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-09-24 16:35 - 2010-10-15 16:08 - 03602320 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-09-24 16:35 - 2010-10-15 16:08 - 03550096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-24 16:35 - 2010-10-15 15:48 - 01205080 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-24 16:35 - 2010-05-27 22:08 - 00081920 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll
2013-09-24 16:35 - 2010-05-04 21:10 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-24 16:35 - 2010-02-26 06:03 - 02452872 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-09-24 16:35 - 2009-06-10 13:41 - 02868224 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2013-09-24 16:35 - 2009-06-10 13:41 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2013-09-24 16:35 - 2009-04-11 08:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2013-09-24 16:35 - 2009-04-11 08:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-24 16:35 - 2009-04-11 08:27 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2013-09-24 16:35 - 2009-04-11 08:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2013-09-24 16:35 - 2009-04-11 06:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2013-09-24 16:35 - 2009-04-11 06:36 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-24 16:33 - 2011-07-06 17:31 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2013-09-24 16:33 - 2011-04-29 15:24 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2013-09-24 16:33 - 2011-04-29 15:24 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2013-09-24 16:33 - 2009-08-14 15:49 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\NETSTAT.EXE
2013-09-24 16:33 - 2009-08-14 15:49 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\ARP.EXE
2013-09-24 16:33 - 2009-08-14 15:49 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\ROUTE.EXE
2013-09-24 16:33 - 2009-08-14 15:49 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\MRINFO.EXE
2013-09-24 16:33 - 2009-08-14 15:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe
2013-09-24 16:33 - 2009-08-14 15:49 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\TCPSVCS.EXE
2013-09-24 16:33 - 2009-08-14 15:49 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\HOSTNAME.EXE
2013-09-24 16:33 - 2009-08-14 15:48 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2013-09-24 16:32 - 2011-03-10 19:03 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2013-09-24 16:32 - 2011-03-10 19:03 - 01136640 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2013-09-24 16:32 - 2011-02-18 16:03 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2013-09-24 16:32 - 2011-02-16 18:16 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-09-24 16:32 - 2011-02-16 16:02 - 00292864 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-09-24 16:32 - 2010-12-28 17:55 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2013-09-24 16:32 - 2010-09-13 17:46 - 10628096 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-09-24 16:32 - 2010-09-13 15:56 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-09-24 16:32 - 2010-06-16 17:30 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-09-24 16:32 - 2010-04-16 18:46 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2013-09-24 16:32 - 2009-09-10 18:48 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2013-09-24 16:32 - 2009-08-11 18:44 - 01401856 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-09-24 16:32 - 2009-07-11 21:01 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2013-09-24 16:32 - 2009-07-11 21:01 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2013-09-24 16:32 - 2009-07-11 21:01 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2013-09-24 16:32 - 2009-07-11 21:01 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2013-09-24 16:32 - 2009-07-11 19:03 - 02501921 _____ C:\Windows\system32\wlan.tmf
2013-09-24 16:32 - 2009-07-11 19:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\L2SecHC.dll
2013-09-24 16:32 - 2009-06-15 16:52 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-09-24 16:32 - 2009-06-15 16:51 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-09-24 16:32 - 2009-06-10 13:42 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2013-09-24 16:32 - 2009-04-11 08:28 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2013-09-24 16:31 - 2011-02-22 15:23 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2013-09-24 16:30 - 2011-06-02 15:34 - 02043392 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-24 16:30 - 2011-04-14 16:59 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2013-09-24 16:30 - 2011-03-02 17:44 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2013-09-24 16:30 - 2011-03-02 17:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2013-09-24 16:30 - 2010-12-14 16:49 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2013-09-24 16:30 - 2010-08-26 18:37 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2013-09-24 16:30 - 2010-08-17 16:11 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2013-09-24 16:30 - 2010-06-28 19:00 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2013-09-24 16:30 - 2010-04-05 19:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2013-09-24 16:30 - 2009-07-17 15:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\atl.dll
2013-09-24 16:30 - 2009-05-04 11:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2013-09-24 16:29 - 2011-04-29 15:25 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2013-09-24 16:29 - 2011-04-29 15:25 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2013-09-24 16:29 - 2011-04-21 15:58 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-09-24 16:29 - 2011-03-03 17:40 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\Apphlpdm.dll
2013-09-24 16:29 - 2011-03-03 15:35 - 04240384 _____ (Microsoft) C:\Windows\system32\GameUXLegacyGDFs.dll
2013-09-24 16:29 - 2010-08-31 17:46 - 00954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll
2013-09-24 16:29 - 2010-08-31 17:46 - 00954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll
2013-09-24 16:29 - 2010-08-26 18:34 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2013-09-24 16:29 - 2009-07-10 13:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2013-09-24 16:28 - 2011-02-16 18:21 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-24 16:28 - 2011-02-16 18:18 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-24 16:28 - 2010-12-20 18:35 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-09-24 16:28 - 2010-04-05 19:02 - 00317952 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2013-09-24 16:28 - 2009-10-23 19:10 - 00714240 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2013-09-24 16:28 - 2009-04-23 14:14 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-09-24 16:27 - 2010-08-20 18:05 - 00867328 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2013-09-24 16:27 - 2010-06-18 19:31 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2013-09-24 16:27 - 2009-06-16 01:15 - 00439864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-09-24 16:27 - 2009-06-15 16:54 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2013-09-24 16:27 - 2009-06-15 16:53 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-09-24 16:27 - 2009-06-15 16:52 - 01259008 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-09-24 16:27 - 2009-06-15 16:52 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-09-24 16:27 - 2009-06-15 14:48 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-09-24 16:26 - 2011-05-02 19:16 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2013-09-24 16:26 - 2011-01-21 18:35 - 11586048 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-24 16:26 - 2011-01-21 18:35 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2013-09-24 16:26 - 2010-12-29 20:28 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2013-09-24 16:26 - 2010-12-29 20:28 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2013-09-24 16:26 - 2010-12-29 20:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll
2013-09-24 16:26 - 2010-12-29 20:26 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2013-09-24 16:26 - 2010-11-04 20:56 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2013-09-24 16:26 - 2010-11-04 20:55 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2013-09-24 16:26 - 2010-11-04 20:55 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2013-09-24 16:26 - 2010-11-04 18:34 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2013-09-24 16:26 - 2010-02-18 15:30 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-09-24 16:26 - 2010-02-18 13:28 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2013-09-24 16:26 - 2010-01-21 17:05 - 00062464 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codeca.acm
2013-09-24 16:26 - 2009-07-15 14:39 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2013-09-24 16:26 - 2009-07-15 12:21 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.tlb
2013-09-24 16:26 - 2009-07-15 12:21 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\amcompat.tlb
2013-09-24 16:26 - 2009-04-11 08:27 - 00220672 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codecp.acm
2013-09-24 16:25 - 2011-04-12 18:07 - 00892416 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-24 16:25 - 2010-11-04 20:55 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2013-09-24 16:25 - 2010-10-28 15:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-09-24 16:25 - 2010-10-18 15:37 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-09-24 16:25 - 2010-06-16 18:04 - 00905088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-09-24 16:25 - 2010-06-11 18:15 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-09-24 16:25 - 2010-01-25 14:00 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2013-09-24 16:25 - 2010-01-25 14:00 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2013-09-24 16:25 - 2010-01-25 14:00 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2013-09-24 16:25 - 2010-01-25 14:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2013-09-24 16:25 - 2010-01-25 13:58 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2013-09-24 16:25 - 2010-01-25 10:21 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2013-09-24 16:25 - 2010-01-25 10:21 - 00518144 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2013-09-24 16:25 - 2010-01-25 10:21 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2013-09-24 16:25 - 2010-01-25 10:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2013-09-24 16:25 - 2009-12-08 19:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2013-09-24 16:25 - 2009-08-10 14:35 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2013-09-24 16:24 - 2011-04-20 17:55 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-24 16:24 - 2011-04-20 17:50 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-24 16:24 - 2010-12-17 17:45 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-09-24 16:24 - 2010-12-17 15:54 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-09-24 16:24 - 2009-10-07 13:36 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2013-09-24 16:24 - 2009-04-23 14:15 - 00784896 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-09-24 16:24 - 2009-04-11 08:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-09-24 16:24 - 2009-04-11 08:28 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tscupgrd.exe
2013-09-24 16:24 - 2009-04-11 08:28 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-09-24 16:23 - 2009-09-04 13:41 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2013-09-24 16:11 - 2010-02-12 12:48 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2013-09-24 16:07 - 2010-02-21 01:06 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2013-09-24 16:07 - 2010-02-21 01:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2013-09-24 16:07 - 2010-02-20 22:53 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2013-09-24 15:53 - 2013-09-24 15:53 - 00000000 ____D C:\Users\ToLi\AppData\Roaming\Avira
2013-09-24 15:47 - 2013-09-24 15:47 - 00001847 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-09-24 15:47 - 2013-09-24 15:47 - 00000000 ____D C:\ProgramData\Avira
2013-09-24 15:47 - 2013-09-24 15:47 - 00000000 ____D C:\Program Files\Avira
2013-09-24 15:47 - 2013-09-24 15:46 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-24 15:47 - 2013-09-24 15:46 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-24 15:47 - 2013-09-24 15:46 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-24 15:47 - 2013-09-24 15:46 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-09-24 15:43 - 2013-09-24 15:44 - 02092792 _____ C:\Users\ToLi\Downloads\avira_free_antivirus.exe
2013-09-24 15:39 - 2013-09-26 02:33 - 00002345 _____ C:\Users\ToLi\Desktop\Google Chrome.lnk
2013-09-24 15:39 - 2013-09-24 15:39 - 00000000 ____D C:\Users\ToLi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-09-24 15:37 - 2013-09-26 17:47 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3817244742-489050690-2484329676-1004UA.job
2013-09-24 15:36 - 2013-09-24 22:47 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3817244742-489050690-2484329676-1004Core.job
2013-09-24 15:36 - 2013-09-24 15:38 - 00000000 ____D C:\Users\ToLi\AppData\Local\Google
2013-09-24 15:35 - 2013-09-24 15:35 - 00000000 ____D C:\Users\ToLi\AppData\Roaming\Macromedia
2013-09-24 15:32 - 2011-04-29 17:59 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-09-24 15:32 - 2010-08-31 17:44 - 00531968 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-09-24 15:32 - 2009-12-04 20:30 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2013-09-24 15:32 - 2009-12-04 20:29 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2013-09-24 15:32 - 2009-12-04 20:28 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll
2013-09-24 15:32 - 2009-12-04 20:28 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2013-09-24 15:32 - 2009-12-04 20:28 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2013-09-24 15:32 - 2009-12-04 20:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2013-09-24 15:32 - 2009-12-04 20:28 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2013-09-24 15:32 - 2009-12-04 20:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2013-09-24 15:32 - 2009-12-04 20:27 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2013-09-24 15:32 - 2009-09-10 16:58 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\unregmp2.exe
2013-09-24 15:32 - 2009-07-15 14:39 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2013-09-24 15:32 - 2009-07-15 14:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2013-09-24 15:32 - 2009-07-15 14:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2013-09-24 15:32 - 2009-05-08 14:53 - 00604672 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2013-09-24 15:07 - 2013-08-07 04:22 - 00238872 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-09-24 15:02 - 2010-01-13 19:34 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2013-09-24 15:02 - 2009-12-23 13:33 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-09-24 05:46 - 2013-09-24 05:46 - 206425630 _____ C:\Windows\MEMORY.DMP
2013-09-24 05:46 - 2013-09-24 05:46 - 00154296 _____ C:\Windows\Minidump\Mini092413-01.dmp
2013-09-24 05:46 - 2013-09-24 05:46 - 00000000 ____D C:\Windows\Minidump
2013-09-24 04:58 - 2013-09-24 04:58 - 00000178 _____ C:\Windows\samsunginstaller.log
2013-09-24 04:54 - 2013-09-24 04:54 - 00000053 _____ C:\Windows\SynInst.log
2013-09-24 04:48 - 2013-09-25 16:10 - 00000000 ____D C:\Users\ToLi\AppData\Roaming\Adobe
2013-09-24 03:58 - 2013-09-24 04:03 - 00010240 _____ C:\Users\ToLi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-24 03:57 - 2013-09-24 16:20 - 00100432 _____ C:\Users\ToLi\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-24 03:56 - 2013-09-26 02:33 - 00001257 _____ C:\Users\ToLi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-24 03:56 - 2013-09-26 01:23 - 00000915 _____ C:\Users\ToLi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2013-09-24 03:56 - 2013-09-26 00:23 - 00000944 _____ C:\Users\ToLi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2013-09-24 03:56 - 2013-09-25 16:10 - 00000000 ____D C:\Users\ToLi\AppData\Local\VirtualStore
2013-09-24 03:56 - 2013-09-24 18:15 - 00000000 ____D C:\Users\ToLi
2013-09-24 03:56 - 2013-09-24 03:56 - 00000020 ___SH C:\Users\ToLi\ntuser.ini
2013-09-24 03:56 - 2013-09-24 03:56 - 00000000 _SHDL C:\Users\ToLi\Startmenü
2013-09-24 03:56 - 2013-09-24 03:56 - 00000000 _SHDL C:\Users\ToLi\Netzwerkumgebung
2013-09-24 03:56 - 2013-09-24 03:56 - 00000000 _SHDL C:\Users\ToLi\Druckumgebung
2013-09-24 03:56 - 2013-09-24 03:56 - 00000000 _SHDL C:\Users\ToLi\Documents\Eigene Musik
2013-09-24 03:56 - 2013-09-24 03:56 - 00000000 _SHDL C:\Users\ToLi\Documents\Eigene Bilder
2013-09-24 03:56 - 2013-09-24 03:56 - 00000000 _SHDL C:\Users\ToLi\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-24 03:56 - 2013-09-24 03:56 - 00000000 _SHDL C:\Users\ToLi\AppData\Local\Verlauf
2013-09-24 03:56 - 2008-01-21 04:42 - 00000000 ___RD C:\Users\ToLi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-09-24 03:56 - 2008-01-21 04:42 - 00000000 ___RD C:\Users\ToLi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

==================== One Month Modified Files and Folders =======

2013-09-27 02:03 - 2013-09-27 02:03 - 00000000 ____D C:\FRST
2013-09-26 18:21 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-09-26 18:13 - 2006-11-02 14:47 - 00004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-26 18:13 - 2006-11-02 14:47 - 00004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-26 17:47 - 2013-09-24 15:37 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3817244742-489050690-2484329676-1004UA.job
2013-09-26 17:36 - 2009-01-08 07:06 - 01210362 _____ C:\Windows\WindowsUpdate.log
2013-09-26 16:21 - 2006-11-02 12:33 - 01592750 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-26 16:13 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-26 15:58 - 2006-11-02 15:01 - 00016406 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-26 15:51 - 2013-09-26 15:51 - 01088653 _____ (Farbar) C:\Users\ToLi\Downloads\FRST.exe
2013-09-26 04:28 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-26 02:48 - 2006-11-02 14:52 - 00095415 _____ C:\Windows\setupact.log
2013-09-26 02:33 - 2013-09-24 15:39 - 00002345 _____ C:\Users\ToLi\Desktop\Google Chrome.lnk
2013-09-26 02:33 - 2013-09-24 03:56 - 00001257 _____ C:\Users\ToLi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-26 01:52 - 2008-01-21 04:47 - 00010724 _____ C:\Windows\PFRO.log
2013-09-26 01:35 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-09-26 01:23 - 2013-09-24 03:56 - 00000915 _____ C:\Users\ToLi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2013-09-26 01:19 - 2006-11-02 14:47 - 00374776 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-26 01:15 - 2013-09-26 01:14 - 00000000 ____D C:\Windows\system32\vi-VN
2013-09-26 01:15 - 2013-09-26 01:14 - 00000000 ____D C:\Windows\system32\eu-ES
2013-09-26 01:15 - 2013-09-26 01:14 - 00000000 ____D C:\Windows\system32\ca-ES
2013-09-26 01:15 - 2009-01-02 07:59 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2013-09-26 01:15 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-09-26 01:15 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-09-26 01:15 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery
2013-09-26 01:15 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-09-26 01:15 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Defender
2013-09-26 01:15 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2013-09-26 01:15 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Calendar
2013-09-26 01:15 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Movie Maker
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\zh-TW
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\zh-CN
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\uk-UA
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\tr-TR
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\th-TH
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\sv-SE
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\SLUI
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\sl-SI
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\sk-SK
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\ru-RU
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\ro-RO
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\pt-PT
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\pt-BR
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\pl-PL
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\nl-NL
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\nb-NO
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\lv-LV
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\lt-LT
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\ko-KR
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\ja-JP
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\it-IT
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\hu-HU
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\hr-HR
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\he-IL
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\fr-FR
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\fi-FI
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\et-EE
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\el-GR
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\bg-BG
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\ar-SA
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\IME
2013-09-26 01:15 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\System
2013-09-26 00:53 - 2013-09-26 00:53 - 00000000 ____D C:\Windows\system32\EventProviders
2013-09-26 00:29 - 2013-09-26 00:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2013-09-26 00:23 - 2013-09-24 03:56 - 00000944 _____ C:\Users\ToLi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2013-09-26 00:19 - 2013-09-26 00:19 - 00001191 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-09-26 00:19 - 2013-09-26 00:19 - 00001032 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2013-09-26 00:19 - 2013-09-26 00:19 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-09-26 00:19 - 2013-09-26 00:19 - 00000000 ____D C:\Users\ToLi\AppData\Roaming\TuneUp Software
2013-09-26 00:19 - 2013-09-26 00:19 - 00000000 ____D C:\Users\ToLi\AppData\Roaming\DVDVideoSoftIEHelpers
2013-09-26 00:19 - 2013-09-26 00:19 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-09-26 00:19 - 2013-09-26 00:18 - 00000000 ____D C:\Users\ToLi\AppData\Roaming\DVDVideoSoft
2013-09-26 00:19 - 2013-09-26 00:18 - 00000000 ____D C:\Program Files\DVDVideoSoft
2013-09-26 00:19 - 2013-09-26 00:18 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-09-26 00:18 - 2013-09-26 00:18 - 00000000 ____D C:\Users\ToLi\AppData\Roaming\OpenCandy
2013-09-26 00:17 - 2013-09-26 00:16 - 29255112 _____ (DVDVideoSoft Ltd.                                           ) C:\Users\ToLi\Downloads\FreeYouTubeToMP3Converter31212.exe
2013-09-26 00:11 - 2013-09-26 00:11 - 00000600 _____ C:\Users\Public\Desktop\Shareaza-Installation fortsetzen.lnk
2013-09-26 00:11 - 2013-09-26 00:11 - 00000000 ____D C:\Program Files\Shareaza Applications
2013-09-26 00:10 - 2013-09-26 00:10 - 01336552 _____ (Bandoo Media Inc) C:\Users\ToLi\Downloads\ShareazaSetup-r116-n-bc (1).exe
2013-09-26 00:09 - 2013-09-26 00:09 - 01336552 _____ (Bandoo Media Inc) C:\Users\ToLi\Downloads\ShareazaSetup-r116-n-bc.exe
2013-09-25 16:17 - 2013-09-25 16:17 - 00039438 _____ C:\Users\ToLi\Downloads\Usedom.htm
2013-09-25 16:17 - 2013-09-25 16:17 - 00013541 _____ C:\Users\ToLi\Downloads\Usedom2.htm
2013-09-25 16:17 - 2013-09-25 16:17 - 00000000 ____D C:\Users\ToLi\Downloads\Usedom2_files
2013-09-25 16:17 - 2013-09-25 16:17 - 00000000 ____D C:\Users\ToLi\Downloads\Usedom_files
2013-09-25 16:10 - 2013-09-25 16:10 - 00000000 ____D C:\Users\ToLi\AppData\Local\Adobe
2013-09-25 16:10 - 2013-09-24 04:48 - 00000000 ____D C:\Users\ToLi\AppData\Roaming\Adobe
2013-09-25 16:10 - 2013-09-24 03:56 - 00000000 ____D C:\Users\ToLi\AppData\Local\VirtualStore
2013-09-24 22:50 - 2009-01-02 08:44 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-09-24 22:47 - 2013-09-24 15:36 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3817244742-489050690-2484329676-1004Core.job
2013-09-24 18:15 - 2013-09-24 03:56 - 00000000 ____D C:\Users\ToLi
2013-09-24 16:42 - 2013-09-24 16:42 - 00000000 ____D C:\Windows\system32\x64
2013-09-24 16:40 - 2013-09-24 16:38 - 00000000 ____D C:\Windows\system32\MRT
2013-09-24 16:37 - 2013-09-24 16:37 - 00000000 ____D C:\Windows\system32\WindowsPowerShell
2013-09-24 16:21 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\LogFiles
2013-09-24 16:20 - 2013-09-24 03:57 - 00100432 _____ C:\Users\ToLi\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-24 15:53 - 2013-09-24 15:53 - 00000000 ____D C:\Users\ToLi\AppData\Roaming\Avira
2013-09-24 15:47 - 2013-09-24 15:47 - 00001847 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-09-24 15:47 - 2013-09-24 15:47 - 00000000 ____D C:\ProgramData\Avira
2013-09-24 15:47 - 2013-09-24 15:47 - 00000000 ____D C:\Program Files\Avira
2013-09-24 15:46 - 2013-09-24 15:47 - 00136672 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-24 15:46 - 2013-09-24 15:47 - 00088840 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-24 15:46 - 2013-09-24 15:47 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-09-24 15:46 - 2013-09-24 15:47 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-09-24 15:46 - 2006-11-02 13:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-09-24 15:44 - 2013-09-24 15:43 - 02092792 _____ C:\Users\ToLi\Downloads\avira_free_antivirus.exe
2013-09-24 15:39 - 2013-09-24 15:39 - 00000000 ____D C:\Users\ToLi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-09-24 15:38 - 2013-09-24 15:36 - 00000000 ____D C:\Users\ToLi\AppData\Local\Google
2013-09-24 15:35 - 2013-09-24 15:35 - 00000000 ____D C:\Users\ToLi\AppData\Roaming\Macromedia
2013-09-24 14:45 - 2009-01-02 08:53 - 00000000 ____D C:\Windows\WinClon
2013-09-24 05:46 - 2013-09-24 05:46 - 206425630 _____ C:\Windows\MEMORY.DMP
2013-09-24 05:46 - 2013-09-24 05:46 - 00154296 _____ C:\Windows\Minidump\Mini092413-01.dmp
2013-09-24 05:46 - 2013-09-24 05:46 - 00000000 ____D C:\Windows\Minidump
2013-09-24 05:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\Msdtc
2013-09-24 05:21 - 2006-11-02 12:22 - 30670848 _____ C:\Windows\system32\config\software_previous
2013-09-24 05:21 - 2006-11-02 12:22 - 21233664 _____ C:\Windows\system32\config\components_previous
2013-09-24 05:21 - 2006-11-02 12:22 - 14417920 _____ C:\Windows\system32\config\system_previous
2013-09-24 05:21 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2013-09-24 05:21 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2013-09-24 05:21 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\default_previous
2013-09-24 05:20 - 2009-01-02 08:18 - 00000000 ____D C:\Program Files\Atheros WLAN Client
2013-09-24 05:20 - 2009-01-02 08:13 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-09-24 05:20 - 2006-11-02 14:42 - 00000000 ____D C:\Windows\WindowsMobile
2013-09-24 05:20 - 2006-11-02 14:42 - 00000000 ____D C:\Windows\system32\winrm
2013-09-24 05:20 - 2006-11-02 14:42 - 00000000 ____D C:\Windows\system32\WCN
2013-09-24 05:20 - 2006-11-02 14:42 - 00000000 ____D C:\Windows\system32\slmgr
2013-09-24 05:20 - 2006-11-02 14:42 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-09-24 05:20 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\DigitalLocker
2013-09-24 05:20 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\spool
2013-09-24 05:20 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\com
2013-09-24 05:20 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2013-09-24 05:20 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\MSAgent
2013-09-24 05:07 - 2009-01-02 08:18 - 00000178 _____ C:\Windows\setup.log
2013-09-24 04:58 - 2013-09-24 04:58 - 00000178 _____ C:\Windows\samsunginstaller.log
2013-09-24 04:54 - 2013-09-24 04:54 - 00000053 _____ C:\Windows\SynInst.log
2013-09-24 04:50 - 2009-01-02 08:19 - 00029162 _____ C:\Windows\DPINST.LOG
2013-09-24 04:50 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\NDF
2013-09-24 04:18 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\restore
2013-09-24 04:03 - 2013-09-24 03:58 - 00010240 _____ C:\Users\ToLi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-24 04:03 - 2009-01-02 08:50 - 00000000 ____D C:\ProgramData\McAfee
2013-09-24 03:56 - 2013-09-24 03:56 - 00000020 ___SH C:\Users\ToLi\ntuser.ini
2013-09-24 03:56 - 2013-09-24 03:56 - 00000000 _SHDL C:\Users\ToLi\Startmenü
2013-09-24 03:56 - 2013-09-24 03:56 - 00000000 _SHDL C:\Users\ToLi\Netzwerkumgebung
2013-09-24 03:56 - 2013-09-24 03:56 - 00000000 _SHDL C:\Users\ToLi\Druckumgebung
2013-09-24 03:56 - 2013-09-24 03:56 - 00000000 _SHDL C:\Users\ToLi\Documents\Eigene Musik
2013-09-24 03:56 - 2013-09-24 03:56 - 00000000 _SHDL C:\Users\ToLi\Documents\Eigene Bilder
2013-09-24 03:56 - 2013-09-24 03:56 - 00000000 _SHDL C:\Users\ToLi\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-09-24 03:56 - 2013-09-24 03:56 - 00000000 _SHDL C:\Users\ToLi\AppData\Local\Verlauf
2013-09-01 16:57 - 2006-11-02 12:24 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Some content of TEMP:
====================
C:\Users\ToLi\AppData\Local\Temp\0085021379988089mcinst.exe
C:\Users\ToLi\AppData\Local\Temp\amt_ar_qvo6.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-26 16:23

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 25.09.2013, 17:33   #4
Schraubi
 
Bundespolizei Trojaner gehabt und nach kurzer Zeit ging gar nix mehr - Standard

Bundespolizei Trojaner gehabt und nach kurzer Zeit ging gar nix mehr



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-09-2013
Ran by ToLi at 2013-09-26 18:22:53
Running from F:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

2007 Microsoft Office system (Version: 12.0.4518.1014)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe Flash Player ActiveX (Version: 9.0.124.0)
Adobe Reader 8.1.2 - Deutsch (Version: 8.1.2)
Atheros WLAN Client (Version: 1.00.000)
Avira Free Antivirus (Version: 13.0.0.4052)
Business Contact Manager für Outlook 2007 (Version: 3.0.5828.0)
Easy Battery Manager (Version: 3.2.1.7)
Easy Display Manager (Version: 2.0.0.0)
Easy Network Manager 3.0 (Version: 3.0.0.0)
Easy SpeedUp Manager (Version: 2.0.1.3)
Free YouTube to MP3 Converter version 3.12.12.827 (Version: 3.12.12.827)
Google Chrome (HKCU Version: 29.0.1547.76)
imagine digital freedom - Samsung (Version: 1.0.2.2)
Intel PROSet Wireless
Intel(R) Graphics Media Accelerator Driver
Intel(R) PROSet/Wireless WiFi-Software (Version: 12.00.4000)
Intel® Matrix Storage Manager
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Office 2003 Web Components (Version: 11.0.8003.0)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft SOAP Toolkit 2.0 SP2 (Version: 623.1)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.1.2047.00)
Microsoft SQL Server Native Client (Version: 9.00.2047.00)
Microsoft SQL Server VSS Writer (Version: 9.00.2047.00)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Namuga 1.3M Webcam (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5605)
Samsung Magic Doctor (Version: 5.0)
Samsung Recovery Solution III (Version: 3.0.0.7)
Samsung Update Plus (Version: 1.3.0.11)
Synaptics Pointing Device Driver (Version: 10.1.2.0)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (Version: 9.00.2047.00)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Office 2007 (KB934528)
Update for Office System 2007 Setup (KB929722)
User Guide (Version: 1.0)
Vimicro UVC Camera (Version: 1.00.0000)
WIDCOMM Bluetooth Software 6.0.1.6300 (Version: 6.0.1.6300)

==================== Restore Points  =========================

24-09-2013 02:18:38 Sprachpaketdeinstallation
24-09-2013 02:58:07 Removed Atheros WLAN Client
24-09-2013 03:06:37 Installed Atheros WLAN Client
24-09-2013 03:06:49 Gerätetreiber-Paketinstallation: Atheros Communications Inc. Netzwerkadapter
24-09-2013 03:16:08 Wiederherstellungsvorgang
24-09-2013 13:04:01 Gerätetreiber-Paketinstallation: Atheros Communications Inc. Netzwerkadapter
24-09-2013 13:07:21 Windows Update
24-09-2013 13:33:35 Windows-Sicherung
24-09-2013 13:48:08 Sprachpaketdeinstallation
24-09-2013 14:36:00 Windows Update
24-09-2013 16:15:00 Windows Update
24-09-2013 17:31:26 Windows Update
24-09-2013 20:43:30 Windows Update
24-09-2013 20:49:46 Windows Update
24-09-2013 20:56:39 Windows Update
25-09-2013 14:53:30 Windows Update
25-09-2013 22:33:36 TuneUp Utilities 2013 wird entfernt
25-09-2013 22:47:10 TuneUp Utilities 2013 wird entfernt
25-09-2013 22:53:00 Windows Update
26-09-2013 00:40:53 TuneUp Utilities 2013 wird entfernt
26-09-2013 00:41:52 TuneUp Utilities Language Pack (de-DE) wird entfernt

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1969D1C8-DE8C-43D0-9B74-4A5532B8D402} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2008-10-06] (SAMSUNG Electronics)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2864F3EE-1644-4B7A-A047-ADE89515944B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3817244742-489050690-2484329676-1004Core => C:\Users\ToLi\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-24] (Google Inc.)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {6BADEB4A-DEE3-4172-8085-7D14C24D694C} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2008-01-21] (Microsoft Corporation)
Task: {89B0D906-7153-43E3-93A7-DF87C35A3088} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3817244742-489050690-2484329676-1004UA => C:\Users\ToLi\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-24] (Google Inc.)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\system32\pla.dll [2008-01-21] (Microsoft Corporation)
Task: {D52A3E64-22B4-4524-AA18-DEB04D98E63C} - System32\Tasks\SamsungMagicDoctor => C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe [2008-08-26] (Samsung Electronics Co., Ltd.)
Task: {D5E9F13F-C0BA-4ADC-9197-513F4720F991} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2008-10-08] (Samsung Electronics Co., Ltd.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {F2E38CB2-3275-4717-AC97-237505B0F9B5} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe [2008-08-07] (SAMSUNG Electronics co., LTD.)
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3817244742-489050690-2484329676-1004Core.job => C:\Users\ToLi\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3817244742-489050690-2484329676-1004UA.job => C:\Users\ToLi\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2008-02-12 06:19 - 2008-02-12 06:19 - 00208896 _____ (Broadcom Corporation.) C:\Windows\system32\btmmhook.dll
2009-01-02 08:26 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2008-02-12 05:36 - 2008-02-12 05:36 - 00184320 _____ (Broadcom Corporation.) C:\Windows\system32\btncopy.dll
2009-01-02 07:51 - 2011-02-11 18:44 - 00086016 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2009-01-02 08:26 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\SAMSUNG\EasySpeedUpManager\HookDllPS2.dll
2009-01-02 08:27 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll
2008-02-12 05:31 - 2008-02-12 05:31 - 00602112 _____ (Broadcom Corporation.) C:\Windows\system32\btwapi.dll
2008-02-12 05:46 - 2008-02-12 05:46 - 00233472 _____ (Broadcom Corporation.) C:\Windows\system32\btosif.dll
2008-02-12 05:58 - 2008-02-12 05:58 - 00393216 _____ (Broadcom Corporation.) C:\Windows\system32\btwhidcs.DLL
2008-02-12 05:26 - 2008-02-12 05:26 - 05271552 _____ (Broadcom Corporation.) C:\Windows\system32\btrez.dll
2013-09-24 15:38 - 2013-09-17 05:20 - 47033808 _____ (Google Inc.) C:\Users\ToLi\AppData\Local\Google\Chrome\Application\29.0.1547.76\chrome.dll
2013-09-24 15:39 - 2013-09-17 05:20 - 09962960 _____ (The ICU Project) C:\Users\ToLi\AppData\Local\Google\Chrome\Application\29.0.1547.76\icudt.dll
2013-09-24 15:39 - 2013-09-17 03:23 - 00081768 _____ (Microsoft Corporation) C:\Users\ToLi\AppData\Local\Google\Chrome\Application\29.0.1547.76\xinput1_3.dll
2013-09-24 15:39 - 2013-09-17 05:21 - 04053456 _____ () C:\Users\ToLi\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll
2013-09-24 15:39 - 2013-09-17 05:21 - 00410576 _____ () C:\Users\ToLi\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
2013-09-24 15:39 - 2013-09-17 05:20 - 02110928 _____ (Google Inc.) C:\Users\ToLi\AppData\Local\Google\Chrome\Application\29.0.1547.76\libpeerconnection.dll
2013-09-24 15:39 - 2013-09-17 05:20 - 01604560 _____ () C:\Users\ToLi\AppData\Local\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
2013-09-24 15:39 - 2013-09-17 03:23 - 03231688 _____ (Microsoft Corporation) C:\Users\ToLi\AppData\Local\Google\Chrome\Application\29.0.1547.76\D3DCompiler_46.dll
2013-09-24 15:39 - 2013-09-17 05:20 - 00709584 _____ () C:\Users\ToLi\AppData\Local\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
2013-09-24 15:39 - 2013-09-17 05:20 - 00099792 _____ () C:\Users\ToLi\AppData\Local\Google\Chrome\Application\29.0.1547.76\libegl.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/26/2013 04:14:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/26/2013 02:53:43 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung set161F.tmp, Version 7.1.100.1248, Zeitstempel 0x3deba70f, fehlerhaftes Modul set161F.tmp, Version 7.1.100.1248, Zeitstempel 0x3deba70f, Ausnahmecode 0xc0000005, Fehleroffset 0x0000cf00,
Prozess-ID 0x156c, Anwendungsstartzeit set161F.tmp0.

Error: (09/26/2013 02:51:52 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/26/2013 01:54:27 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/26/2013 01:23:36 AM) (Source: ESENT) (User: )
Description: WinMail (940) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.

Error: (09/26/2013 01:23:05 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.IdentityModel, Version=3.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil".  The error returned was Error: The specified assembly is not installed.
.

Error: (09/26/2013 01:22:09 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/26/2013 01:20:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2013 10:54:22 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: System.IdentityModel, Version=3.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil . Error code = 0x80070005

Error: (09/24/2013 10:03:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/26/2013 04:18:12 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (09/26/2013 04:14:41 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/26/2013 02:52:52 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{A4199E55-EBB9-49E5-AF1A-7A5408B2E206}NT-AUTORITÄTNETZWERKDIENSTS-1-5-20LocalHost (unter Verwendung von LRPC)

Error: (09/26/2013 02:52:52 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{A4199E55-EBB9-49E5-AF1A-7A5408B2E206}NT-AUTORITÄTNETZWERKDIENSTS-1-5-20LocalHost (unter Verwendung von LRPC)

Error: (09/26/2013 02:52:52 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{A4199E55-EBB9-49E5-AF1A-7A5408B2E206}NT-AUTORITÄTNETZWERKDIENSTS-1-5-20LocalHost (unter Verwendung von LRPC)

Error: (09/26/2013 02:26:48 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (09/26/2013 02:24:56 AM) (Source: Service Control Manager) (User: )
Description: Windows Media Player-Netzwerkfreigabedienst%%1053

Error: (09/26/2013 02:24:52 AM) (Source: Service Control Manager) (User: )
Description: 30000Windows Media Player-Netzwerkfreigabedienst

Error: (09/26/2013 01:54:28 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/26/2013 01:53:12 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 26.09.2013 um 01:51:40 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-09-26 00:54:16.784
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-26 00:54:16.659
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-26 00:54:16.518
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-26 00:54:16.331
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-26 00:54:16.191
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 52%
Total physical RAM: 3031.88 MB
Available physical RAM: 1450.66 MB
Total Pagefile: 6288.16 MB
Available Pagefile: 4447.95 MB
Total Virtual: 2047.88 MB
Available Virtual: 1939.02 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:109.88 GB) (Free:62.8 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: () (Fixed) (Total:110 GB) (Free:83.49 GB) NTFS
Drive f: () (Removable) (Total:14.42 GB) (Free:10.43 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: ECE99E11)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=110 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=110 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 14 GB) (Disk ID: 6E652072)
No partition Table on disk 1.

==================== End Of Log ============================
         
is das so richtig? und da kann man erkennen wo was nicht stimmt ?

Alt 26.09.2013, 08:02   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Bundespolizei Trojaner gehabt und nach kurzer Zeit ging gar nix mehr - Standard

Bundespolizei Trojaner gehabt und nach kurzer Zeit ging gar nix mehr



Perfekt
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Bundespolizei Trojaner gehabt und nach kurzer Zeit ging gar nix mehr
abgesicherte, abgesicherten, check, erkennt, gelegt, grenzen, hilferuf, hoffe, komplette, konnte, lahm, laptop, laufen, modus, nutzung, reagiert, rechner, recovery, samsung, starte, systemwiederherstellung, tagen, troja, trojaner, trojaner gehabt




Ähnliche Themen: Bundespolizei Trojaner gehabt und nach kurzer Zeit ging gar nix mehr


  1. Audio im Stream nach kurzer Zeit weg. Nach Reset wieder da.
    Alles rund um Windows - 16.03.2016 (11)
  2. Windows 7 hängt sich nach kurzer Zeit auf
    Plagegeister aller Art und deren Bekämpfung - 26.08.2013 (1)
  3. Windows 7 blockiert nach kurzer Zeit auch im abgesichtern Modus (Trojaner)
    Log-Analyse und Auswertung - 25.08.2013 (13)
  4. Unbekannter Trojaner, alle Passwörter nach kurzer Zeit bekannt
    Log-Analyse und Auswertung - 27.03.2013 (1)
  5. Win XP bleibt nach kurzer Zeit hängen
    Plagegeister aller Art und deren Bekämpfung - 09.12.2012 (17)
  6. Windows Vista friert nach kurzer Zeit ein; Mauszeiger bewegbar
    Plagegeister aller Art und deren Bekämpfung - 19.08.2012 (30)
  7. Physikalische Speicher nach kurzer Zeit bei über 90%
    Log-Analyse und Auswertung - 24.12.2011 (1)
  8. Pc friert nach kurzer Zeit ein.
    Alles rund um Windows - 27.06.2011 (14)
  9. Nach Anmeldung Schwarzer Bildschirm, bzw. Systemabsturz mit BSOD nach kurzer Zeit
    Log-Analyse und Auswertung - 25.04.2011 (11)
  10. Internet Verbindung wird nach kurzer Zeit getrennt
    Antiviren-, Firewall- und andere Schutzprogramme - 26.12.2009 (2)
  11. IE und Programme schliessen sich nach kurzer Zeit
    Plagegeister aller Art und deren Bekämpfung - 28.02.2009 (0)
  12. PC schaltet sich nach kurzer Zeit selbständig aus
    Log-Analyse und Auswertung - 04.03.2008 (6)
  13. PC schaltet sich nach kurzer Zeit von selbst aus.
    Plagegeister aller Art und deren Bekämpfung - 18.04.2007 (13)
  14. PC schaltet sich nach kurzer Zeit selbst aus - die 2-te
    Plagegeister aller Art und deren Bekämpfung - 28.03.2007 (7)
  15. Internet hängt sich nach kurzer Zeit auf - Trennung nicht mehr möglich
    Log-Analyse und Auswertung - 15.01.2007 (3)
  16. Internet hängt sich nach kurzer Zeit wieder auf
    Log-Analyse und Auswertung - 19.10.2006 (1)
  17. Browser und Outlook funktioneren nach kurzer Zeit nicht mehr
    Netzwerk und Hardware - 10.07.2004 (2)

Zum Thema Bundespolizei Trojaner gehabt und nach kurzer Zeit ging gar nix mehr - Hallo !!! dies hier ist mein erster Hilferuf und ich hoffe mir kann jemand helfen. Also...vor paar Tagen habe ich mir einen ''Bundespolizei Trojaner'' auf meinen Laptop geholt, der dann - Bundespolizei Trojaner gehabt und nach kurzer Zeit ging gar nix mehr...
Archiv
Du betrachtest: Bundespolizei Trojaner gehabt und nach kurzer Zeit ging gar nix mehr auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.